Here is what I suggest to be done.
1. Use your own Router instead of the the provided by the ISP.
ISPs typically will provide a modem that has a built in function of a router. Most of the time, to keep costs down, these modem/routers are rather basic or has limited functions or has rather poor WiFi capabilities.
When you set up your network in this manner, you Router is the one that maintains the internal network and because you can keep it running regardless of the ISP that you change to, your internal network remains the same.
That means you don't need to reconfigure all your Printers, your Network Access Storage, your Apple TVs, etc. every time you change a different ISP.
In this setup, if you have an outgoing VPN connection, you can keep using it without changing or setting up anything else.
In most cases, this is all that needs to be done! Just set your Modem to Bridge mode if it has the function and if not, just set the DHCP Server to ON and you can carry on using your home internet with minimum fuss and without the need to change anything else.
HOWEVER.....
If you are running a Network Access Storage i.e. your own cloud at home, you will want to be able to access your data when you are roaming the earth. In this setup, your own Router will not be able to see your External IP address (unless it comes with a built in function for that), but see that its external IP address is what the Modem has issued it.
2. Configure your ISP Modem to pass through to your Router
Bridge Mode
In most cases, the modems that the ISP has provided should have a "Bridge" function. This means that the modem is configured into nothing more than a conversion of its incoming connection, into the Ethernet Cable that provides the Internet Service into your home. E.g. Fibre Optic to Ethernet, ADSL to Ethernet.
In the Bridge mode, the External IP address should also be passed onto your own Router which then makes it easy for you to set up a DDNS Service which allows you to access your home network without the need to keep knowing the exact IP address you are currently having. If you don't know what a DDNS service is, please scroll down.
Port Forwarding
If your ISP modem doesn't have Bridge mode, then what you will need to do is to forward incoming traffic that is looking for a VPN service to your own Router (I'm assuming you already have a VPN Server setup on your existing Router, since this post is about setting up existing network with different ISPs).
Here are the ports you need to forward over from your ISP Modem to your Router:
1. PPTP : TCP 1723
2. L2TP : UDP 500 and UDP 4500
3. SSTP : TCP 443
4. OpenVPN : UDP 1194
You don't need to forward everything. Just what you need to get your VPN Server working.
If you are using FTP, you will also need to forward:
1. FTP : TCP 21 and TCP 20
FTP is a little tricky as other ports might also be used for the Passive mode. That would be an entire chapter on its own.
Setting up the correct ports for Port Forwarding should solve most of your VPN Server problems.
IF AND ONLY IF......
After setting this relevant ports and you STILL have issues... then you need to weigh between security and functionality. When ALL ELSE FAILS....
You can set the ENTIRE Port Range to your own Router. This passes the whole security firewall to your router. Not really advisable but well... if you think about it, a Bridge Mode does pretty much the same thing.
So, the Port Range would be 1:65535
Once again, I wouldn't recommend it, but well... if you are desperate....
3. Using a DDNS
A DDNS Service is very convenient. Most ISPs require extra $$ for Static IPs. Usually used for businesses, or if your ISP provider is hiding you behind another layer of IP addresses (of which case, you can skip this entire section altogether, coz you have no other choice then to purchase a Static IP from your ISP). For Home Users, we usually do Dynamic IPs. What this means is that the ISPs will decide for you what IP you get every time you turn on the Modem, or when the lease time is up.
So, you switch on your modem and it might get an IP address of 12.254.12.223 from your ISP. Turn it off, and turn it on again, and it might change to 12.254.12.226. Most of the time, this doesn't affect anything. But if you are using a VPN Server at home for you to access your NAS, then it is rather a pickle.
What you need is a DDNS service to which you convert the IP address of 12.254.12.223 into something easier to remember and doesn't change, e.g. iamahunk.dyn.com
Some Router makers like Dlink and Asus have their own DDNS service that they provide for free. But if you are using none of them, there are also plenty of FREE DDNS services available on the Internet. Sign up for one of these.
On your ISP Modem (if the function is available), key in your login details on the DDNS page.
What this does, is that it will update the actual IP address to your Modem given by the ISP, to the domain name iamahunk.dyndns.org everytime it changes. So you never need to remember or find out your IP address, but just access your network through iamahunk.dyndns.org.
IF your ISP modem is a piece of crap that doesn't have a DDNS function, then you will need to update the DDNS on your Router end. Now, this becomes tricky.
If your ISP Modem has a Bridge Function.... then great... no big deal since your external IP is passed on to your Router. Just do the above on your Router and it will work fine.
If your ISP Modem doesn't have a Bridge Function and you are doing the Port Forwarding, then your own Router needs to have a the ability to update the external IP address. This is a little tricky as not all routers, even high end ones, have the ability to extract your external IP address via a 3rd party website.
Most good Routers will be able to pull the IP address from your router's WAN connection and use that IP address to update the DDNS service. Works great with a Bridged Modem. But it doesn't work when you are Port Forwarding from your ISP Modem.
What you need is the ability to do an External IP Check and the DD-WRT routers are great for that. The External IP check function will be able to determine your external IP using external websites which report your IP address as seen from the Internet, and update that into your DDNS service.
You might also want to check to see if your NAS has a DDNS function that allows it to update the external IP on its own. If so, great! Problem solved. But if not, then you might have to consider getting a used/old router that is lying somewhere in the house and flash its firmware with the DD-WRT firmware just for the purpose of updating the DDNS automatically. Please take note that this is a Serious BlackBelt Tech Procedure. Doing it wrong might turn your old router into a brick. But hey, its lying somewhere collecting dust anyhow right?
One more option you can have if you have an Andriod TV Streaming Box around, is to use Duck DNS (https://www.duckdns.org). They have an app in Google Play that you can use to update the IP address. If you use this, then you don't need to flash a DD-WRT router to get the job done, but you will still need to forward the relevant ports for VPN access into your home network.
Take note that if you are connecting a seperate old router into the network just only to pull the DDNS function, then you need to set it up like a secondary router with the DHCP function disabled. Follow this guide to set up the secondary router properly (http://hometech101.blogspot.sg/2016/08/setting-up-secondary-router.html).
I hope this helps... Have fun!
