[SOLVED] How to use VPN Router to connect to home network from anywhere?

[Aarix]

I'm not inexperienced with networks but they're something I have problem piecing together in my head so I would appreciate some clarification and a little bit of guidance immensely.

I have a standard carrier router and I use a managed switch to offset some internal workload. I'd like to be able to connect to my home network anywhere so I purchased a TP-Link TLR600VPN Router since I found a good deal on it. I realized later the issue of having two routers.

First off, is it safe to assume that if I plug the VPN Router directly into the Modem/Router combo and I am unable to access it from any device connected to the switch (That is on another port on the Modem/Router) is because the VPN is doing it's own separate routing and thus is segregated. I'm able to access it if it's plugged into the switch from my PC. I read all of the manual and watched some videos. I didn't have any problems understanding the manual but I've never been able to find the exact scenario I want as any searching with "VPN" is flooded with VPNs used for privacy/protection/etc. Not my use case here.

How exactly would I need to set up my network so I can connect to that VPN Router from anywhere and thus allows me to access my LAN at home? My guess is set up the kind of network and users and plug it into the switch on the VPN routers, Lan/Wan port and I "think" put that VPN router in a DMZ zone (which I know to be careful about but I wasn't sure how ports would apply to forward as I didn't see any option like that). A vague idea even will help me out a lot.

Thanks in advance.

 

[bill001g]

Best option would be to put your modem/router into bridge mode and run it only as a modem. Then your new router will get the ip address and will make things much simpler.

Note you must have a public IP to make this work. You need to look at the IP assigned to your current modem/router and compare that to a site likes whatsmyip. If the IP addresses do not match you do not have a public ip and you will never get a incoming vpn to work.

VPN gets kinda messy when it is behind another router. The second router does not have a public IP address BUT if the first router does you can usually still make it work. It is going to be much harder if you plan to use IPSEC of PPTP for the vpn. The modem/router needs a very special vpn passthrough feature. They may or may not document if it has it. If you use OPENVPN then you can generally use DMZ or port forwarding to make it work. Even though openvpn is easier to setup the downside is it takes a lot of cpu power to do and routers generally do not have large cpu. Unless your internet is huge you will still be likely to use all your upload bandwidth. NOTE be very sure you have enough UPLOAD speed to accomplish what you want.

 

[SamirD]

I run the setup you want. The problem is that while you can get this to work with 2x routers, it is a mess and also may not work that way.

You really want your vpn router to be your only router. And then anything behind it can be accessed (depending on the rules set up) by a vpn client connected to the vpn router (ideally using l2tp and/or ipsec).

You'll need to map out what you have done on the managed switch as that's also going to affect a lot, depending on what you've got set up.

You can possibly run the vpn router behind your other one by putting it in the dmz--but I have seen more than one occasion of this not working due to the dmz not being a real enough dmz.

If you have a fixed site that you're going to be accessing from a lot, it makes sense to set up a fixed ipsec tunnel between the locations--then both lans will be able to access each other as if they were local. I have this set up as well.