2 RV110w route all traffic to home office over VPN

caryawilson · ‎06-16-2013

I've recently purchased two cisco RV110 Wireless VPN routers. I've configured an IP Sec VPN site to site tunnel between them. The IP Sec connection is established. My home connection has network 192.168.5.1 and my remote office is 192.168.6.1. Each site can access the private network of the other.

However, I want to force all Internet traffic from my remote office to route over my home network's internet connection. I want the remote ofice to route it's internet traffic over the IP sec tunnel and then routed to the internet via the the home router's rv110w.

I assumed this was possible with two Cisco rv110w. However, it appears they only route the private LAN connections. Is there a way to make the remote rv110w use a default route of the IP Sec tunnel and have the home office route this traffic out the WAN interface for internet traffic? If NOT can someone guide me on a wireless routers that I should buy. This is the only feature I need.

Thanks for the guidance!!!

jeffrrod · ‎06-18-2013

Dear Cary,

Thanks again for contacting the Small Business Support Community.

I previously suggested changing the “Routing operating mode” and try to setup a default route to the home office router, however I am not positive it will do the job, and I am afraid none of the Small Business Routers accomplish your VPN needs.

I'd suggest you to go for a QuickVPN setup (remote access VPN). Below is a link with the QuickVPN application notes so you better understand how it works;

http://www.cisco.com/en/US/docs/routers/csbr/app_notes/QuickVPN_an_OL-25680.pdf

Refer to the RV110 admin guide, page 98, for details in how to configure the remote access VPN application on the Home router, notice you can only have up to 5 QuickVPN users configured;

http://www.cisco.com/en/US/docs/routers/csbr/rv110w/administration/guide/rv110w_admin.pdf

Some QuickVPN installation tips for Windows OS;

http://sbkb.cisco.com/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=2922

Notice you must enable VPN IPSec Passthrough on the office router. Please do not hesitate to reach me back if there is anything I may assist you with in the meantime.

Kind regards,

Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer

*Please rate the Post so other will know when an answer has been found.

Jeffrey Rodriguez S. .:|:.:|:. Cisco Customer Support Engineer *Please rate the Post so other will know when an answer has been found.

SamirD · ‎07-11-2013

One way I've been able to do this on the rv-series is to run a PPTP server on your home network and PPTP clients on the office side. This way, they'll get a second IP address from your home rv110 and then route all traffic over that connection even though it is doing so over the site-to-site vpn.

You won't have to worry about PPTP security issues since you're running all of this inside your secure site-to-site vpn. Let me know if this work for you.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

caryawilson · ‎07-11-2013

I understand the "client" architecture, and I appreciate your comments. However, I do NOT want to install a client on every computer and gets more difficult with mobile phones and tablets. Ideally, I would like to run the client on the router so all machines that connect will user the home office connectivity.

I just bought the Netgear, Inc ProSafe VPN Appliance,FVS318N, which appears it will support a VPN client in the router. This should solve the issue?? My idea is to run this in the remote office and connect to Cisco RV110 in the home office. Any cisco products have similar support

SamirD · ‎07-13-2013

Actually, you won't have to install a thing as most every phone and computer in the last decade as a built in PPTP client.

I have the FVS124G and FVS114, and they basically do the same thing as the Cisco. But if also depends on if you set up your VPN site-to-site as a client to gateway, which can be done in the Cisco as well.

I think I remember a trick in another thread on this same subject--try putting in 0.0.0.0 as your desination address for your VPN tunnel at the office. Supposedly this will route ALL traffic from what I recall. I'll see if I can find that other thread and post a link here.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

yayoayala · ‎11-08-2017

I am trying to do the VPN site to site and force all the traffic though the tunnel. But unfortunately you cannot create a route 0.0.0.0/0 or a Tunnel-ID 0.0.0.0/0