Meraki Community

DavisMurphy

I have 2 MXs, one at home and one at the office. I'm trying to setup an off-site backup solution where the office NAS sends files to my home NAS daily. For this, I needed to enable Port Forwarding from the source (Office) on my home MX.

Public Port: Synology Hyper Backup Port

LAN IP: Home NAS (Destination) local IP

Local Port: Same as Public Port

Allowed Remote IPs: Public IP of Office (Source)

Since doing this, I can no longer connect to my office network. I've tried Client VPN, it fails to connect at all. We also have an RDS server but that will only connect for a split second then drop connection. It just keeps doing that in a loop.

I've added another port forward to my PC's IP as a temp measure (Port 3389 / Public IP for the Office), and it seems to connect for a few seconds, but then drops connection.

Do you have any ideas? It can't be impossible to connect to a network that I'm port forwarding from. Can it? Thanks!!

cmr

Why don't you enable an AutoVPN between the two MXs?

DavisMurphy

I'm an MSP and the "office" in this scenario is a client. I left that part in the initial description to help with explaining the issue. My house serves as my Company HQ.

We both have Client VPN enabled already. Should I try a site-to-site? I've tried that before but since the internet at my company HQ is Starlink (CGNAT / no public IP) I had a lot of trouble.

PhilipDAth

For NAT port forwarding and client VPN to work the MX has to have a public I address directly on its WAN interface. You mentioned that one of the sites is behind Starlink - so you wont be able to use this approach for that site.

AutoVPN is your best bet. and having the two NAS units connect to each other directly using their private IP addresses.

Meraki Community

Port Forward b/w 2 MXs breaks VPN/RDP

Port Forward b/w 2 MXs breaks VPN/RDP