I have a balance 30, talking PEPVPN to a fusionhub located on a unique public IP on a colo server in hyper-V. The balance clients can surf out OK through the VPN.
Now I want to be be able to go the reverse - have outside access, through the vpn, to the balance interface, and with select port forwards set in the balance.
So I guess i need to take the public IP where the Fushion resides, as make it an extra IP to the balance?? Not sure how? And then the VPN part has no NAT, and forwards all traffic? Of course it means the Fusionhub has only one client, but that’s OK.
Is that the right approach? Or can we only do port forwds on the fushion??
Note: all my ISP’s are now carrier grade NATed, hence the VPN to bypass it.