Hello. I’m a novice at VPNs and have a little experience with port forwarding, so excuse anything stupid written here.
I have a GL-AR750S purchased as a travel router to be connected by USB to my phone as hotspot. For that, it works well.
At home, I’m testing T-Mobile High Speed Internet. As T-Mobile uses CGNAT and their internal network is IPv6 only, I cannot forward ports to my home server. As a workaround, I opened a TorGuard VPN account to create a public IPv4 address outside the T-Mobile network.
My goal is to forward traffic from the VPN public address to TCP 443 and UDP 3389 and 3391 on my server, and all other internal clients will use the router firewall through the WAN. I really don’t care about VPN functionality in terms of security. It’s just a way to create a tunnel through T-Mobile.
I set up a wireguard client connection on the AR750S to create a tunnel from TorGuard. I haven’t tested it fully but for the sake of this topic, assume it works and I can forward ports from the static IP provided by them to the AR750S.
One of the features I see on the AR750S setup is to restrict use of the VPN to specific MAC addresses. That’s what I prefer to do. If I do that, are ports forwarded by TorGuard further filtered by the firewall on the AR750S? E.g., if I forwarded everything (unrestricted) through the tunnel to the router, does the router then forward specified ports only to the MAC that routes through the VPN, blocks all VPN traffic to other MAC addresses, and the other MACs use the WAN normally?
Thanks for your patience and assistance.