Don't know. I talked to their local service guy, and walked him through
setting up the VPN. He dialed in, and it all worked. So case closed.
It's one of those cases where their software "must" be on the local net,
or they have a very narrow path they must walk from the outside.
Probably doesn't help that their protocol is UDP; so they never actually
make a "connection". They just spew UDP packets off into space and pray
they get somewhere logical.
bp
On 5/6/2011 2:23 PM, Scott Reed wrote:
That makes sense. So what if the other end did the reverse? Portmap
with the application facing side having the same address as the the
controller. Then the traffic appears to come from the address that is
in the data.
On 5/6/2011 5:14 PM, Jacob Heider wrote:
It sounds like the device (unwisely) puts its IP address in the data
stream. That's the only reason I can think of why it might need to be
mangled. A la FTP, SIP, etc. Usually such protocols require
application-layer gateways to fix up their traffic.
At least, that's my inference from their request.
On 2011-05-06 5:11 PM, Scott Reed wrote:
That is how portmap works. You map a port on device A to point to
device B. All communication to the outside appears to come from the
device doing the map.
Can you create a VPN between the controller side and the outside
service so it looks like it is on the same network?
On 5/6/2011 4:41 PM, Bill Prince wrote:
We have a client that has a new HVAC system (Delta Controls). It
uses a controller that can only talk L2. The HVAC guys for the
client asked me to set up a portmap for port 47808.
I did this, but it appears that the MT portmap substitutes the
original (public) source address with the router's internal gateway
address.
So the device replies with it's own private address, which gets
sent back to their monitoring software, and when they reply to the
private IP, it gets lost.
So they are asking me to mangle the portmapped packets to stick in
the original public IP, to fool their controller.
I have no clue how to do this.
_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS
_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
