I want one RASPBERRY "SERVER" behind the firewall in a PRIVATE/COMPANY NETWORK with only VPN PPTP open
to be "visible to the internet"
using another NETWORK (OWN NETWORK/ HOME Fritzbox NETWORK) and if needed a RASPBERRY RELAY on a HOME NETWORK (as configurable "relay").
My thoughts:
Query1 to Fritzbox1 (Router1) over PORT 80 should be forwarded onto RASPBERRY RELAY behind the Fritzbox1 (HOME NETWORK).
This RASPBERRY RELAY should be connected over the Internet WITH RASPBERRY SERVER on another PRIVATE NETWORK (either as VPN Clinet OR RASPBERRY SERVER connected as Client to RELAY (VPN Server).
The RASPBERRY SERVER on the PRIVATE NETWORK must ACTUALLY process the original Query1/Request.
Questions:
A. Do I have to configure RASPBERRY RELAY as VPN SERVER? So the reverse connection from RASPBERRY SERVER to RASPBERRY RELAY is created (imho a clean solution).
B. Would a SOCKS proxy (or any other than VPN mechanism) be of any help?
ROUGH IDEAS and EXPERIENCES are WELCOME!
Caveats:
I. PRIVATE NETWORK supports only PPTP VPN so no direct VPN connection from Fritzbox is possible (it can only IKEv1). The PRIVATE NETWORK doesn't have any port forwarding options, only connecting as a client over PPTP is supported (this is what's known). II. I eventually need multiple "ports" to be "relayed". Say 80, 443, 22 and others.
NB: I'm a bit familiar with network terminology, but not very well with VPN internal mechanisms and don't clearly understand how RASPBERRY can forward traffic over VPN to a computer on the other Network. I want to configure everything by my own means, without public VPN services or any 3d parties. So if there are another questions differently formulated, please advise! Thank you all.
Related:
ssh reverse proxy? https://medium.com/dev-tricks/reverse-port-forwarding-220030f3c84a#.1quisbour