Can't connect to PPTP vpn server from outside network (ER7212PC)
I have created a Client-to-site VPN PPTP server on my ER7212PC router. This router has the WAN IP of 192.168.2.161. It's wan is connected to a Bell router/modem. This router/modem does have TCP 1723 (In addition to opening this port, I've also added the ER router to the DMZ, essentially opening all ports to this device). I'll note I've tried many different setting configurations including L2TP VPN (with the necessary UDP ports open/DMZ).
The ER router has the gateway 192.168.0.1 and on it is an ip camera with the address 192.168.0.101. I can take a device that is not connected to the router and connected to the router/modem and connect to the vpn successfully (both a PPTP and an L2TP VPN). For example if a device is connected to the router/modem, it has an ip address of 192.168.2.X and it cannot talk to the ip camera. Using 192.168.2.161 as the vpn address, this device can connect to the vpn and talk to the ip camera.
However, my goal here is to allow a device to connect to the vpn over the internet. My impression is that by opening these ports and/or putting the ER router on the DMZ of my router/modem a client should be able to connect to my VPN through my router/modem's public ip address. When I try this it always fails (timesout) as if it cannot connect.
I was hoping someone might have an idea what can be done here.
-----------------------------------------------
some more information about the router/network configuration.
This router is also a client to a PPTP vpn. It works, Any client of my ER router can communicate with any device on the VPN it is connected to. That vpn is a windows server vpn on a windows server with a dedicated forward facing ip address. The reason I bought this router was thinking that if I have the router connect to this VPN server my ip camera would get an ip address on that vpn. After communicating with tp-link support, they've told me this is not possible, that only the ER router will get an address on the VPN. Which means no other machine on the vpn can see the ip camera. My idea to achieve this is to have the ER router host it's own vpn, which machines could connect to if they need to see the ip camera. However, the problem above has prevented me from doing this. I thought since the ER router itself holds a vpn address, if a machine is able to communicate with the ER router due to it either being on the vpn or it being on the local network of the vpn server it should be able to use the ER router's vpn address to connect to it's VPN server. However, when I try this, I get the same result. I'll also note that my modem/router has a DIFFERENT IP under it's "WAN IP" than is my public IP (this confuses me). I've tried using both as the vpn's address. All three possible addresses give the same error. I wanted to solve this on the weekend so I don't have to spend more work hours fiddling with this, but tp-link support is only open during business hours. If anyone here has a solution, it would be much appreciated.
Thanks,