Windows – Multiple VPN connections through single router IP address

vpnwindows

I have a requirement to connect from an android phone to a windows box via a VPN.

The windows box sits behind a router on the LAN, the android phone is connected to the internet via a mobile network provider.

I have successfully setup a VPN using PPTP such that the phone can connect to the windows box, the phone is the client, windows box the server.

I specify the router IP address as the server address for the vpn on the android side, and set up port forwarding on 1723 to the LAN IP address of the windows box.

This works fine. Problem I have is that I need multiple phones to be able to connect to the windows box, each of them needs to open a vpn connection. Now it seems that this is not possible, certainly with my current router (a Zoom 4G N150 Portable Wi-Fi Router), only the 1st VPN connects successfully, all subsequent connections fail.

A bit of research has shown this isn't unexpected but I can't find a way round it.

Is there a work around to allow multiple connections?

Two options I thought of were

a) try and connect each VPN using a different protocol, i.e. 1st on PPTP, 2nd on L2TP etc. – I have had no luck with this approach

b) purchase a more capable router which allows multiple VPN connections – does anyone know of such a router that is available in the UK?

c) ditch the vpn approach and just create a server making the vpn requirement redundant. The only reason for me to use the VPN currently is to allow an android phone to connect to a windows box by making it look like it resides on the same LAN. If I had an actual server with its own IP address, I would connect direct with no need for a VPN.

hope that makes sense, any pointers gratefully received..

Best Answer

Solution A. Open PPTP passthrough option in your router (with port forwarding 1723).
Solution B. Set DMZ to the Windows box (without port forwarding 1723).

(Cation: Shutdown the firewall in the Windows box while testing.)

If none of above work, you need to replace your router with another one which supports VPN passthrough.

PS: PPTP is not secure (google it to find out why). If you want security, use other VPN protocol (such as L2TP over IPSec).

Update: (20161021 14:31 UTC)

@bph Sorry for not thinking this through.

PPTP Passthrough is for PPTP clients. If all clients are behind the same router, the router need to support PPTP Passthrough for multiple connections.
Please check this link for PPTP Passthrough in WAG320N: http://setuprouter.com/router/linksys/wag320n/vpn-13525-large.htm

In your case, the PPTP server is behind the router, so you have to configure DMZ in the router to forward GRE packets to the PPTP server.
Since you mentioned you'd set the DMZ in the N150 router, did your Android phones use N150's WiFi network or mobile data network? If the Android phones used N150's WiFi network, the failure could be caused by N150 not supporting PPTP Passthrough. But if the Android phones used mobile data network, this will be complicated and I need further info (such as Windows box system version and PPTP server service version) to troubleshoot this problem.

PS: Check this link for further understanding (PPTP Traffic Analysis by The Cable Guy - January 2003): https://technet.microsoft.com/library/bb877963

@fixer1234 @Mokubaiā™¦ Thanks for reminding me. I must have created the additional account by mistake. I'll submit the merging accounts request soon.

Related Question