A simplified explanation of a problem I am running into with two company NASs at two different offices.
I have LAN 1 and LAN 2. Both are separate physical sites on the internet with different WAN IPs. On LAN 1 I have a service running on a NAS (NAS 1) with LAN 1's router port forwarding (DST NAT rule on MikroTik router) port 1234 (for explanation's sake) to NAS 1. I have a client PC on LAN 2 that connects to this NAS 1 over the internet via the WAN IP of LAN 1 and port forward. HTTPS/SSL is active and a certificate works fine. The client software shows the certificate is trusted.
I want to have another NAS (NAS 2) on LAN 2, running the same service as NAS 1. I want the client software on LAN 2 PC to also add a connection to NAS 2. First, I open port 1234 on LAN 2 and forward it to NAS 2. Before even trying to add NAS 2 to the client software, the connection with NAS 1 from LAN 2 Client PC breaks. Client software reports untrusted SSL certificate now. A packet trace on client machine seems to show that the open port 1234 on LAN 2 is getting in the way of communication with NAS 1 and LAN 2.
I understand changing the port # is a potential solution, but this cannot be done as the port number 1234 is hardcoded into the client software for connections to NASs.
What other solutions do I have, or am I configuring something wrong here? Shouldn't the router not be confused where to send anything because NAS 1 is accessed through client software with a different WAN IP than LAN 2? 1.2.3.4:1234 is totally different than 4.3.2.1:1234...
No comments:
Post a Comment