• February 25, 2025, 03:20:06 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DMZ as WAN2 for dedicated VPN  (Read 7270 times)

JayCee

  • Level 1 Member
  • *
  • Posts: 7
DMZ as WAN2 for dedicated VPN
« on: September 24, 2009, 04:41:08 PM »
Hi there,

I've got a DFL-210 and I've been trying to wrap my head around the manual, but I was hoping someone could just help me with a shortcut on how to achieve the following:

WAN1 is to be a bridged mode PPPoE for all internet traffic
DMZ is to be WAN2, also bridged mode PPPoE but it's to be dedicated solely for a VPN tunnel to another site.

I've already created the IPsec tunnel interface, so I really just need some clarification on what else needs to be done to ensure that only traffic destined for the VPN tunnel is routed via WAN2 (DMZ).

The router's LAN IP is 192.168.1.253.
The subnet on the LAN is 192.168.1.x
The subnet in the remote office via VPN is 192.168.3.x

Thanks in advance!
Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: DMZ as WAN2 for dedicated VPN
« Reply #1 on: September 25, 2009, 09:50:13 AM »
If you want to be real sure write the main routing table with WAN2 first and write a routing rule so that all outbound traffic is routed over a secondary routing table that does not even list WAN2.
Logged
non progredi est regredi

JayCee

  • Level 1 Member
  • *
  • Posts: 7
Re: DMZ as WAN2 for dedicated VPN
« Reply #2 on: September 25, 2009, 10:06:15 PM »
Thanks for the advice, but I was hoping for a bit more of a "go to this screen, do this" step by step instruction if you had the time...
Logged

JayCee

  • Level 1 Member
  • *
  • Posts: 7
Re: DMZ as WAN2 for dedicated VPN
« Reply #3 on: September 29, 2009, 09:21:52 PM »
Anyone? I'm having trouble understanding the routing tables and routing rules...

Right now I have the following interfaces set up:

Ethernet
  • lan
    wan1
    wan2

IPsec
  • Narellan_VPN (the VPN to the remote office)

PPPoE
  • ADSL_Main
    ADSL_VPN

What needs to be done in routing to ensure that only traffic to and from Narellan_VPN traverses wan2?
« Last Edit: September 29, 2009, 10:32:27 PM by JayCee »
Logged

JayCee

  • Level 1 Member
  • *
  • Posts: 7
Re: DMZ as WAN2 for dedicated VPN
« Reply #4 on: October 07, 2009, 09:10:47 PM »
Pretty please with sugar on top?
Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: DMZ as WAN2 for dedicated VPN
« Reply #5 on: October 15, 2009, 09:52:25 AM »
You need 2 routing tables, one with WAN1 as it's default gateway and one with WAN2.  I would make the default table the one with the WAN2 so that your VPN management becomes easier.

Then you will need to write a routing rule specifying that all outbound traffic should use the table which uses the WAN1 gateway.

Then ensure that your IP rules will support your normal traffic egressing out WAN1 (and perhaps that there aren't rules allowing it to egress out WAN2).

Then you should be gold.

What part of this process do you not understand or need help with?
Logged
non progredi est regredi