CISCO RV340 AnyConnect and Remote Sites

AP_1967 · ‎09-14-2020

I was wondering if it is possible and if so how to access the RV340 via AnyConnect client and then use the RV340 to get to another site which is connected via Site to Site tunnel. I am able to connect just fine via AnyConnect to my RV340 and access all local IP's on my VLAN as well as the Internet.

But when i try to access for example 192.168.0.1 which is a gateway on the other End of the Site to Site tunnel it fails as it trys to route these thru the public gateway. When i try to access this Address from a local IP on my VLAN i goes over the VPN site to Site Tunnel. So i am not sure where i setup in the RV340 that AnyConnect SSL clients use the same routes as clients on the VLAN.

balaji.bandi · ‎09-14-2020

If your VPN IP address needs to access the other side of the site to site VPN, your VPN IP address to be in the Tunnel interesting traffic ACL to allow. (both the site) and routing arrangements if any required.

make that changes that should allow accessing remote sites also.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

AP_1967 · ‎09-14-2020

i am a bit confused here..

My setup is as following

My Internet connection is on WAN 1 with lets call it IP 98.164.194.158

My Local Subnet is 192.168.1.0
My SSLVPN Subnet is 192.168.100.0

My Remote Tunnel Subnets a 192.168.0.0, 192.168.2.0, 192.168.8.0

Since the tunnel has the remote Subnets registered there is no routes for them in the Rote Table. So what and where do i make changes to make sure when 192.168.100.2 (AnyConnect) client wants to get to 192.168.0.1 it takes tunnel and not the Internet Gateway

nagrajk1969 · ‎05-11-2021

Hi AP_1967

Its like this...

The below attached schematic is your present deployment setup

So for the Anyconnect client (with virtual-ip of 192.168.100.x) to connect to the subnets behind RV340-B site via the S2S tunnel between siteA and siteB....you will need to Re-configure the existing S2S tunnel as below:

On RV340-A

==========

Step-1: In the system-Management/IP-Group page, create the IP-Groups as below

Local-GrpA:

ip-subnet1: 192.168.1.0/24

ip-subnet: 192.168.100.0/24

Remote-GrpB:

ip-subnet1: 192.168.0.0/24

ip-subnet2: 192.168.2.0/24

ip-subnet3: 192.168.8.0/24

Step-2: In the S2S tunnel config page

Local-IP-type: Select IP-Group "Local-GrpA"

Remote-IP-type: Select IP-Group "Remote-GrpB"

and all other configs remain the same...apply and save the config

On RV340-B

==========

Step-1: In the system-Management/IP-Group page, create the IP-Groups as below

Local-GrpB:

ip-subnet1: 192.168.0.0/24

ip-subnet2: 192.168.2.0/24

ip-subnet3: 192.168.8.0/24

Remote-GrpA:

ip-subnet1: 192.168.1.0/24

ip-subnet: 192.168.100.0/24

Step-2: In the S2S tunnel config page

Local-IP-type: Select IP-Group "Local-GrpB"

Remote-IP-type: Select IP-Group "Remote-GrpA"

and all other configs remain the same...apply and save the config

thats it...now your Anyconnect client can communicate to the subnets behind RV340-B via the S2S tunnel established between RV340-A and RV340-B....