Assuming the VPN has already been configured, no additional ports at the host or client end need to be opened in either router configuration. The ports that should be opened to establish a VPN are based on the type of VPN you’re growing. At the host/server end as an example, if a server based PPTP VPN, you should enable GRE and forward port 1723 to the VPN server. If L2TP w/ IPsec you should ahead ports 500, 1701, and 4500, as well as tackle ESP or AH. At the buyer end only “allow VPN pass through, for the necessary protocol, must be enabled.
No port forwarding. However, if a site to site VPN between to routers, the easier configuration, no port forwarding is needed at all. Configuring of the VPN is beyond the scope of this particular article. Chris, a shopper VPN connection is not all that stable , thus it is commonly not the best connection for a backup as they often disconnect while moving large quantities of data. A site to site VPN using 2 VPN routers is the more sensible choice. That being said, it’s going to work.
Two possible issues. When you enable points like file and print sharing on a PC Windows instantly creates firewall exceptions. However, those exceptions are frequently just for access by devices on the local network. You may need to add the remote subnet, or as a minimum for trying out, disable the firewall on the buyer PC. That goes for every other 3rd party safety software on the buyer PC to boot.
The other issue is routing. The device to which you are connecting, the server knows the return route because of the RRAS configuration, though if you ping the buyer PC it might not. Is the IP pool used for the VPN a subset of the same subnet as the server’s local community?If so be sure you be fine but if not you possibly can must add a route on the PC. I can give routing details if essential. If you have got a site to site VPN make sure you only have set DNS on the buyer to indicate ONLY on your inner DNS server/s. If you have got a router or ISP’s DNS server added as an alternative, it will fail.
You should also add the your inner DNS suffix, for the domain you want to join, possibly the remote eatbi. local, to the DNS tab of the community adapter under “DNS suffix for this connection”. In addition if the connecting laptop has more than one community adpter, wired or instant, disable all but one wired adapter until once you have joined the domain. Disable, don’t just disconnect. I assume these are alternative domains and not a spelling error?eatbi and eabi ?You might also verify there are no wrong static entries in the Hosts and LMhosts files.