Results 1 to 2 of 2
  1. #1
    New ROGer Array
    Join Date
    Oct 2019

    Access by VPN both inside and outside the WAN IP

    Hello good Morning

    I have an Asus RT-AC68U router connected to the ONT of the fiber company that is working perfectly.

    We have a management software designed for people who are out of the office and said software you configure the vpn connection you are going to have (ip, username, password, etc.) and he connects with that data to the office. The problem is that it only allows you to put a configuration, an IP, so, when you are out of the office, there is no problem, it connects, you access the data and well, but when you are inside the office, with the WIFI of the router or network cable, the software does not connect because the IP you are calling is the WAN IP and the VPN connection fails.

    I have tried and with this Asus router if I configure the VPN as PPTP it is able to access with the Wan IP both outside the office and inside the office, but it seems very unsafe and I prefer to use L2TP. The problem is that with L2TP the VPN does not work inside the office.

    Do you know why PPTP works and not L2TP? Is it a technical limitation or is it something that can be configured on the routers to work? I've been looking for Google but I can't find a case like mine or I haven't been able to search

  2. #2
    New ROGer Array RedSector73 PC Specs
    RedSector73 PC Specs
    ProcessorAMD Ryzen 9 3900X 12-Core Processor
    Memory (part number)PVR416G413C9K @ 3600 14-15-14-28 CR1
    Graphics Card #1Gigabyte Aorus RTX 2080 Ti Xtreme WaterForce (GV-N208TAORUSX W-11GC)
    MonitorAsus ROG Swift PG348Q
    Storage #1ADATA SX8200PNP 1TB
    Storage #22 x Samsung SSD 840 EVO 250GB
    CPU CoolerCoolermaster Liquid Pro Master 360
    CaseEVGA DG-87 Gunmetal Grey Gaming Case
    Power SupplyEVGA SuperNOVA G2 750W Gold Power
    Keyboard Corsair K95 RGB Platinum
    Mouse Corsair Gaming Sabre RGB Gaming Mouse
    Headset ARCTIS Pro Wireless
    Mouse Pad Cooler Master MP750 RGB Cloth Gaming Mouse Pad Extra Large
    OS Windows 10 64bit Pro
    Network RouterRT-AC87U

    Join Date
    Apr 2018

    PPTP is a fast, easy-to-use protocol.
    VPN Encryption: 128-bit
    VPN Security: Basic encryption that is fast due to lower encryption.
    PPTP or Point-to-Point Tunneling Protocol is a method used for creating Virtual Private Networks over the internet. It is developed by Microsoft. With its use, users can remotely access corporate networks from any Internet Service Provider (ISP) that supports the protocol. PPTP works at the datalink layer of the OSI model.

    There are various kinds of network protocol and PPTP encapsulates and transports them over IP. If the original protocol is IP, its packets will follow along as encrypted information along PPTP packets. As expected, PPTP is derived from the Generic Routing Encapsulation protocol (GRE) and Point-to-Point Protocol (PPP). As it is from Microsoft, the encryption is done via RC4-based Microsoft Point-to-Point Encryption.
    PPTP is often favored because it is easy to use and to set-up. However, it can be crude and in terms of functionality and efficiency, it may be outdone by its descendants such as L2TP. PPTP is rather ancient but still considered popular. In PPTP, control and data streams are separated. Control streams are over TCP while data streams run over GRE. This makes PPTP less firewall-friendly since GRE is often not supported.

    L2TP is a good choice that requires more CPU processing to encapsulate data twice
    VPN Encryption: 256-bit
    VPN Security: Highest encryption. Checks data integrity and encapsulates the data twice.

    Layer 2 Tunneling Protocol or L2TP is a tunneling protocol that allows remote users to access the common network. L2TP lets a Point-to-Point Protocol (PPP) session travel over several networks and links. L2TP was actually taken from PPTP of Microsoft and Cisco’s L2F or Layer 2 Forwarding technology. Thus, LT2P has the features of PPTP as it combines PPTP’s control and data channels and it is being run over a faster transport protocol, UDP. Since UDP is fast and more ideal in real-time exchangers, in addition to the combined transport of control and data streams, L2TP is found to be more firewall-friendly.

    Asus RT-AC68U:-
    I would consider flashing your router Asus RT-AC68U to Asuswrt-Merlin firmware located here
    This will give you much better control and the ability to write unique scripts. You can flash back to Asus stock firmware at any time. Why Asuswrt-Merlin is better is covered here

    I don't doubt your having issue finding a way to make this work but you can only use whatever your office uses as encryption, you cant just upgrade your end and improve security and if you went via say other VPN (using L2TP or openVPN) then to your Office VPN it would actually lower security of the whole not improve it (assuming the hacker can see both streams, it would provide leverage to cracking them both, not twice the security).

    You could use two network cards, and tunnel anything office related (programs etc) to network card that's encrypted via windows firewall software, while the other being default everything else or use another equal method at router level.

    Hope you find this post of help.
    Last edited by RedSector73; 10-31-2019 at 11:03 AM. Reason: added two network cards.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts