• JnPx

    • Post no. 1

    VPN et network address translation (NAT)

    • Hello everyone,

    I have configured the VPN server on my Internet Box in IKEv2. When I try to connect to my Internet Box 3 using VPN from outside my home network, the connection to the VPN server fails.

    According to my research, this could be an IP address conflict that a NAT configuration could resolve. An alternative would be to change the DHCP range on my Internet Box, in the hope that the various networks from which I might need to connect are not configured identically!

    Could you tell me if such a NAT configuration option is possible on an Internet Box 3? Have you had a similar problem?

    Thank you in advance,

    Julien

    Show original language (French)
    • Werner has responded to this post.

    • JnPx

      There is no special NAT configuration for this situation on the Internet boxes.
      My recommendation would be to move the home network to an IP range that is used as little as possible by other networks, e.g. 192.168.213.0/24 instead of the Swisscom default 192.168.1.0/24.

      However, if your VPN connection with a client from an external network is currently not working at all, then this is probably not a problem with the IP range at all, but rather a configuration error on the VPN client, so be sure to check all the parameters again and then test the easiest way to do this is with a client via mobile radio.

        @JnPx You must always use two different IPv4 address ranges when using VPN.

        e.g. 192.168.1.0 /24 (at home) and on the notebook / mobile phone (on the road via mobile phone) e.g. 192.168.2.0 /24

        Forget the NAT configuration does not help in the conselllation, the Swisscom router does not support NAT mode !!!

        Show original language (German)
         changed by user109

        • Werner

        • Post no. 4
        • Solutionselected by JnPx

        JnPx

        There is no special NAT configuration for this situation on the Internet boxes.
        My recommendation would be to move the home network to an IP range that is used as little as possible by other networks, e.g. 192.168.213.0/24 instead of the Swisscom default 192.168.1.0/24.

        However, if your VPN connection with a client from an external network is currently not working at all, then this is probably not a problem with the IP range at all, but rather a configuration error on the VPN client, so be sure to check all the parameters again and then test the easiest way to do this is with a client via mobile radio.

        Show original language (German)
         changed by Werner

        Hobby-Nerd ohne wirtschaftliche Abhängigkeiten zur Swisscom

          @user109 @Werner Thanks for your replies. The VPN connection from a mobile phone on the 4G network works perfectly, which suggests an IP conflict problem.

          I’m thinking of using @Werner’s solution and moving my home IP range in case of conflict.

          Show original language (French)
          12 days later

          • JnPx

            • Post no. 6

            Hello,

            Here’s an update. I have moved the router address and configured DHCP to a new address range, which has resolved the conflict. Thank you for your contributions.

            J.

            Show original language (French)