I have my LAN behind 2 routers , if I wanted to create a VPN server to allow for remote access , could it possibly be port forwarded
Here is my topology , I was hoping for remote access into LAN. would VPN server be on first or second router.
notice: school project
You can probably port forward and get it to work.
The real question is should you, and short of a couple of very niche situations, the answer is almost always that double NAT is the wrong solution to your situation. This architecture is also going to make transition to IPv6 more awkward for you.
Things would be easier for you to manage and configure with a single FW/router connected to your WAN with one interface for your “DMZ” and then however many interfaces you need for your internal VLANs.
You can forward the port for a vpn connection yes. It’s conceptually no different than if you were using a VPN concentrator downstream of the router.
You can also hain together port forwards on multiple NAT layers. The first layers port forward target will be the IP of the second outboard nat layer.
Crappy shortcut could maybe be using hairpinning?
