How to set up VPN server with port forwarding?
When WAN IP address of your router is found to be a private / virtual IP address, your router may be in a wireless network as shown in the image below. Your router connects to Internet through another router (here we called “the Root AP”). The Root AP assigned IP address to your router. In such case, you have to set up Port Forwarding, NAT Server, or Virtual Server on the Root AP to connect to your router over Internet via a VPN.
VPN tunnels and port numbers
TCP 1723, Other 47
UDP 500, UDP 4500
The following explains how to set up Port Forwarding on the Root AP. Let’s take ASUS router as the Root AP for example. The ASUS router’s WAN IP address is 1.168.x.x and assigned IP address 192.168.1.100 to your router.
Notes: (1) You must have permission to change settings of the Root AP. If you dont’t have, contact your network administrator.
(2) Setup may be different from different routers. Please refer to the Root AP user guide for detailed instructions.
Step 1: Log into web GUI of your router and go to the Network Map page to check its WAN IP address.
Step 2: Set up the Root AP.
Log into the web GUI of Root AP and configure the settings on the Port Forwarding / Virtual server / NAT server screens as shown below.
PPTP VPN: From the Port Forwarding screen, set Local Port to 1723 and Protocol to TCP for PPTP tunnel, and then set Port Range to 47 and Protocol to Other for GRE tunnel.
OpenVPN: From the Port Forwarding screen, set Local Port to 1194 and Protocol to UDP for OpenVPN tunnel.
IPSecVPN: From the Port Forwarding screen, set Local Port to 500 and Protocol to UDP for IPSecVPN tunnel, and then set Local Port to 4500 and Protocol to UDP for IPSec tunnel.
Step 3: From the VPN connection screen on your mobile device or PC, enter the WAN IP address of Root AP or DDNS hostname in the VPN server address filed.
If you are using OpenVPN, open the OpenVPN configuration file with a text editor and then change the address in the remote line to the WAN IP address of Root AP or DDNS hostname, as highlighted in blue in the image below.
Limitation: If the Root AP’s WAN type is PPTP/L2TP/PPPoE, you may have VPN connection problems.