I was looking into being able to VPN into my home network when I am out and about. Thinking about using L2TP which would require a port forwarding setup with some TCP and UDP Ports. This appears to be possible using the new interface via the web page.
I also would need a port forward a non TCP/UDP port - namely EPSEC Type 50. I cannot see a way to port anything other than TCP or UDP Ports using this interface. Is this an oversight or perhaps intentional?
Any suggestions welcome
@shukin -- most Shaw Internet users are entitled to have 2 "public" IP-addresses:
* one for the Shaw cable-modem,
* one for your device that you want to have unfettered/unfiltered Internet access. For "security", open only the ports that need to be open, and close all the other ports.
Check this article from CISCO's web-site for details.
Yes, I have tried this in the past. I would throw the modem into Bridge mode and get one IP address without issue. The issue was always with the second device. The IP address assignment was always spotty and often would end up with a power down of the shaw device for 15 - 30 seconds and then sometimes the second device would pull an IP.
with the modem in routed mode, I have not had to power down, etc.
But I can't see how to port forward anything other than TCP and UDP. No other protocols seem to be allowed. I am looking for AH, ESP and / or GRE
@shukin -- No other protocols seem to be allowed.
Correct.
> I am looking for AH, ESP and / or GRE
Those are protocols that create special content "inside" an IP packet. TCP transmits every IP packet, and assures that the IP packet gets delivered (or retried). Hence, "TCP-over-IP".
The cash-heavy Brinks truck is heavily fortified, as it goes bank-to-bank, but it travels on the same roads, obeying the same routing as a Lada.
More information: https://networklessons.com/cisco/ccie-routing-switching-written/encrypted-gre-tunnel-with-ipsec