Hi Wesley,

the RV220W is the gateway and i will use my laptop with the application "cisco quick vpn" to connect to the rv220W

so i need to setup an ike/ipsec policy i guess?

Thanks!

Dimitri

Dimitri B,

No the QuickVPN feature allows you to only configure the remote management settings and create a QVPN user. These settings automatically build the rest of the configuration for that VPN.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

but can a vpn user then communicate with a device in a specific vlan? our is that not possible?

not in time, but...

solution:

username PC1 password 0 !encrypted!

username PC2 password 0 !encrypted!

!

vpdn-group DEFAULT

! Default L2TP VPDN group

accept-dialin

  protocol l2tp

  virtual-template 5

!

vpdn-group PC1

accept-dialin

  protocol l2tp

  virtual-template 1

terminate-from hostname PC1.DOMAIN.COM

local name PC1

...

!

vpdn-group PC2

accept-dialin

  protocol l2tp

  virtual-template 2

terminate-from hostname PC2.DOMAIN.COM

local name PC2

...

!

interface Virtual-Template1

ip unnumbered Vlan1

...

!

interface Virtual-Template2

ip unnumbered Vlan2

...

!

interface Virtual-Template5

ip unnumbered Vlan5

...

!

Dimitri, I have exactly the same requirement. Did you ever find a solution?

Andrey, the RV220W doesn't support running scripts like enterprise routers/switches as far as I know.

Sent from Cisco Technical Support iPhone App

pptp should permit the intervlan communication. you won't be able to 'directly connect' to that one specific subnet but you will be able to communicate across a vlan as you wish... and the router supports inter-vlan acl so you may limit traffic as you wish.

-Tom
Please rate helpful posts

Thanks Tom. Is IPSec not an option at all on the RV220W for this particular requirement?

Of course I haven't verified it for myself but reading this sort of thing on Wikipedia doesn't inspire confidence: "PPTP is (as of Oct 2012) considered cryptographically broken and its use is no longer recommended by Microsoft."

Sent from Cisco Technical Support iPhone App

Historically your statement is true, the IPsec wouldn't be an option on this unit. You may try to make a LAN to LAN access rule in the attempt to make it work, since the LAN to LAN rules are a new addition, it may work (I haven't tested it for this purpose yet).

-Tom
Please rate helpful posts

It's the MS PPTP implementation that's broken, not PPTP itself.

See

http://www.schneier.com/pptp-faq.html

Richard Iemand:
 "PPTP is (as of Oct 2012) considered cryptographically broken and its use is no longer recommended by Microsoft."

Richard, really? Give me a link please!

And what  type encryption i can use for security?

(Sorry my English)      

Another option is the SSL vpn, this can be full tunnel or split tunnel. The router supports 5 SSL connections.

-Tom
Please rate helpful posts

Hi Thomas,

i dont think that the ssl vpn is a solution.

for example you cant add 1 ssl connection in vlan 10 and another in vlan 20.

greetz

Dimi

Hi Richard,

did not found a solution... do you?