DD-WRt - VPN works from home, but not away

[stevedawg85]

I hope my network lingo is spot on, lmk if something doesn't make sense. I have a DD-WRT Router

My goal - log into home network while I'm at work to access network LAN drive and remote into local/home PC's

I changed my subnet to 192.168.85.xxx, w/ router on .1.
*I enabled PPTP under Services
*DNS & WINS left blank
*Server IP = 192.168.85.1
*Client IP = 192.168.85.151-160
*CHAP Secrets = username * password *

I used whatismyip.com and can succesfully VPN into that IP when I'm home(ipconfig shows IP address of .151). But when I VPN at work into same IP, it doesn't connect and get an error.

What am I missing or what did I do wrong?

 

[bill001g]

Does your work use a NAT ip address or do you have actual routable real ip addresses. PPTP uses GRE to create tunnels your work network would have to be configured to allow this. Many times consumer routers just do VPN passthough by default but it is common for a commerical organization to disable this feature or not turn it on. It is generally off by default on commercial firewalls/routers

The only one that consistently works is SSLVPN since it looks like a https session.

 

[stevedawg85]

Does your work use a NAT ip address or do you have actual routable real ip addresses. PPTP uses GRE to create tunnels your work network would have to be configured to allow this. Many times consumer routers just do VPN passthough by default but it is common for a commerical organization to disable this feature or not turn it on. It is generally off by default on commercial firewalls/routers

The only one that consistently works is SSLVPN since it looks like a https session.

I'm not sure, but if I give you the info, you can probably tell....
I have 2 work PC's, when I go to whatismyip.com - both PC's give me the same IP - 129.x.xx.61
ipconfig shows me 172.yy.yy.254 & 172.yy.yy.216

 

[bill001g]

It is being natted if the ips are different. 172.16.0.0-172.31.255.255 are private non internet routable ip. It is very likely there is some issue getting PPTP to pass though the company nat. You could try l2tp...ie ipsec ...you will need to run it NATT mode to avoid the a similar issue with protocol 50 used by ipsec. NATT uses UDP. It still may not work if they do not allow UDP to pass which is a common restriction.

It is very common for companies to not allow anything but port 80 and 443 though their firewall/routers. The only thing you will be able to pass though a connection like that is going to be sslvpn. Even then if they really want to block vpn "openvpn" which is commonly used free SSLVPN can be blocked by many firewalls since it violates the SSL rules in a way that is detectible.

You may want to ask IT what method works and if it is allowed. Do not think the IT guys can't find you.

 

[stevedawg85]

Thanks for the info!