How to Allow Routing Subnet to Access VPN

Vigor routers support VPN connections for clients connected to a LAN subnet through either NAT or Routing methods. The difference between these two is that for the NAT option the LAN IP address of the client is translated to a WAN IP address, whereas for the Routing option the LAN IP address of the client is kept the same. In other words, the Routing subnet is considered reachable above Router WAN, and VPN is made for access to the NAT subnet. So by default, only NAT subnet can access remote VPN network via the VPN connection.

In order to make routing LAN pass-through VPN, please enable ‘Pass Routing LAN to VPN’ in VPN and Remote Access>>LAN to LAN

There is also a command available, please enter ‘vpn pass2nd on’ to enable the option.

In addition to allowing routing LAN pass through VPN, we can also control packets to VPN remote network when VPN disconnects. When ‘Pass Packets to NAT when VPN disconnects’ is enabled, packets supposed to send over VPN will be sent to WAN when VPN disconnects; When it’s disabled, packets supposed to send over VPN will be dropped when VPN disconnects.

The command for this option is ‘vpn pass2nat on/off’

Published On:2020-02-25

Was this helpful?

How to Allow Routing Subnet to Access VPN

Related Articles

Back up a leased line by VPN

Use MPLS and Internet connection on your Vigor Router at the same time

Related Article

Products

Resources

About