Menu
What's new
By:
Filters Better Search

Double NAT, VPN Client, Firewall ...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

N

netguru

Regular Contributor
Hi there,

i am running since years Merlin behind a Fritzbox Router perfectly.
Fritzbox has its own IP Range and DHCP and a static Route to Merlin.
On Merlin there a running a few clients, some are in VPN Client Mode, some not. To connect TO the VPN Clients i use the VPN IP and connects to them with open Ports on firewall. Works perfectly.

My Problem ist now, that i have a client on the ASUS Merlin machine, which ist NOT in VPN.
So i have to connect the client via normal ISP IP via the Fritzbox Router.

The problem ist, that the static route from fritzbox to asus does not work because of the NAT working on the asus merlin one ...
Ist there any disadvantage turning off NAT on the asus router? Losing firewall could be important? VPN provider uses firewall also ... So i have to open the ports on asus AND provider. Problem turning NAT off?

Thx a lot
 
Last edited:
Is there any reason you can’t bridge the fritzbox and make Asus main router without double NAT?
 
Yes, fritzbox deals also as telephone station and has several clients istself connected via cable ...
if turning off NAT is a problem, then it is no big problem, its only one client and i have then to test if it works when it is also a vpn client (connection then works, but streaming television is not so good)
 
How about connecting Asus Merlin router to Fritzbox using the LAN port? Fritz can be the DHCP server for the entire network. VPN clients will still work if you define a default route (0.0.0.0) on Merlin so all Internet traffic routes to the Fritz.

I have this kind of setup. My main router is Verizon @ 192.168.0.1 whereas my Merlin AC86u is on 192.168.0.2 connected via LAN port, in router mode. With some customizing, I have been able to get guest networks, VPN server (PPTP/OpenVPN/IPSEC ikev2) and some other things to work. Needless to say the firewall on the Merlin is off. I think this kind of setup has a lot less overhead than double-NAT. On the main router 192.168.0.1 you need static routes for any VPN IP ranges to 192.168.0.2.
 
You must log in or register to reply here.

Similar threads

B
Firewall lan - vpn?
Replies
0
Views
275
blast
B
B255ea006
VPN Director, incorrect/ not working routing
Replies
4
Views
679
Tech9
Tech9
A
HELP! No internet after Router reboot
Replies
4
Views
373
Tech9
Tech9
D
GT-AX6000 - 3004_388.6_0 - Wireguard client - No Access to Servers local LAN
Replies
5
Views
584
Drihha
D
G
[Help] Routing VPN server through VPN client (external VPN Provider)
Replies
14
Views
1K
ZebMcKayhan
Z
Similar threads
Thread starter Title Forum Replies Date
K Double NAT? Asuswrt-Merlin 1
Nas.CloudBusinessPortal Double nat & dhcp Asuswrt-Merlin 10
C Solved Need help with nat-start scripts Asuswrt-Merlin 3
Mr Solis Enabling NAT Acceleration (CTF) breaks Port Forwarding? (RT-AC68U w/ 386.12_4) Asuswrt-Merlin 17
Z wgclient-start with iptables nat rules after router reboot Asuswrt-Merlin 19
H WireGuard Server "Enable NAT - IPv6" Setting Question Asuswrt-Merlin 0
M NAT over VPN? Asuswrt-Merlin 1
N Asus AC66U and full cone NAT Asuswrt-Merlin 11
Y ASUS AC86U Firmware merlin 386.11 - NAT Loopback not working please help ! Asuswrt-Merlin 6
Mogsy Solved Need help with NAT fix. Asuswrt-Merlin 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 761 (members: 25, guests: 736)
Top