This scenario refers to when the WinGate VPN machine is the only machine connected to a NAT Internet router.
When both the WinGate VPN Node machine and the rest of the LAN are connected to the NAT Internet router ( i.e. the router is the default gateway for the network) then please refer to Routing Scenario 1: The WinGate VPN machine is not the default gateway for the network for the appropriate set up details.
NAT Internet connection routers such as DSL/Broadband routers will usually have two network interfaces (each with its own IP address) so they can offer Internet connectivity using Network Address Translation (NAT).
This is a software network interface inside the router that will have a static private IP address (as defined in RFC 1597 and superseded in RFC 1918). This LAN interface is used to communicate to machines that are plugged into the router. If the router has a DHCP service, then it will usually offer addresses from this range to machines that plug into the router.
The other interface connects the router to the Internet. This interface is given a public IP address that it will receive from the ISP providing the Internet service. Usually this Internet interface will be protected by a firewall.
If WinGate VPN is to be installed on a machine attached to an Internet router that uses NAT then that machine will also have two network interfaces (as shown in the example below):
Connected to the local network, this interface is configured with a private IP address in the same range as used by the rest of the LAN. (This private IP address should not be the same range being used by the router, or it's DHCP service as mentioned above.)
There should be NO gateway listed in the Gateway setting of this interface.
This is the network interface on the WinGate VPN Node machine that is connected to the Internet router. This interface should be configured with a private IP address in the same range as used by the Internet router. (This should be a different IP range then is used by the LAN interface.)
As mentioned in the Internet router overview section above, this interface can receive all of the IP address details it needs automatically from the router's DHCP service. However, for the purpose of WinGate VPN we recommend that you assign static IP address details on this interface.
They should be similar to the following:
A private IP address in the same IP address range as used by the Internet router.
This should be set to the private IP address used by the Internet router.
This should be set to the private IP address used by the Internet router.
This network usage of this interface should also be marked as External in the Usage section of the WinGate specific properties of this interface (Found on the Network connections panel located at Control Panel > Network Connections in the WinGate Management console).
The example (below) shows how a sample WinGate VPN machine behind an NAT/Internet router might be set up:
In the example above, the LAN behind WinGate VPN machine uses a private IP address range of 192.168.6.1-254, and so the LAN interface on the VPN Host server is given the address 192.168.6.1.
The Router interface on the WinGate VPN machine is given the IP address 10.1.1.2, which is in the same private IP address range that is used by the Internet router. As such the Gateway and DNS entries on this interface are also set to the private IP address of the LAN interface on the Internet router (10.1.1.1).
The usage for this interface should be marked as External in the WinGate specific network options (Found on the Network connections panel located at Control Panel > Network Connections in the WinGate Management console).
With this set up the VPN Node will direct all traffic bound for the other side of the VPN (across the Internet) out through the router.
This is perfect for when the WinGate VPN Node is joining a remotely hosted VPN. If however the WinGate VPN machine is set to host a VPN, then you will need to make sure that all incoming VPN Client Node connections are forwarded from the Internet router, to the router interface on the VPN Node machine. This involves opening up the appropriate port for VPN communication in the Internet routers firewall and redirecting this traffic to the VPN Node machine.
You can use basic Full-Text Searches against the page title and body to find matching articles. Use the following search modifiers to refine your query: