Re: Need help with RV345 SSL VPN Configuration

ScottyPoppy · ‎11-05-2020

RV345 Router configured with 3 VLANs. 192.168.1.1 is management with nothing on it. 192.168.0.1 is family VLAN with lots of devices and the network I want to VPN to and remote control devices. 192.168.2.1 is for renters in apartment.

VLAN3 for family is set up this way:

192.168.0.1/24

255.255.255.0

DHCP Server: 192.168.0.100-192.168.0.200

I would like the VPN to assign addresses 192.168.0.220 or 221 to me when I connect from outside. But when I enter the network address of 192.168.0.220 into the SSL VPN Client Address Pool field I get a Subnet Range Error. The Cisco configuration guide for setting up an SSL VPN states that "Make sure that the IP address range does not overlap with any of the IP addresses on the local network." I am guessing the error is because the VLAN is set up for 192.168.0.1/24. How do I configure this correctly?

I have tried putting 192.168.3.0 for the SSL VPN Client Address Pool and it works to let me save setting. I am then able to connect to the VPN, however I cannot connect to any devices in my family network of 192.168.0.1/24 which is what I want to do. Please help.

balaji.bandi · ‎11-05-2020

you can have access rule from 3.0/X network to 0.0/24 network allow traffic

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5491-configure-access-rules-on-an-rv34x-series-router.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ScottyPoppy · ‎11-06-2020

This suggestion did not work because the 3.0 network is not a VLAN. When I go to create an access rule I see a menu of interfaces and VLANs which includes VLAN1 (.1.0), VLAN2 (.2.0) and VLAN3 (.0.0). The location of the VPN (.3.0) isn't listed. If I try to create a VLAN with .3.0 it won't save. I tried creating a VLAN4 on .4.0 which worked but then I get an error when I try to assign that to the VPN.

Martin Aleksandrov · ‎11-06-2020

Once you configure the access rules just disable and then enable the firewall.

Regards,

Martin

ScottyPoppy · ‎11-06-2020

If you look at my reply to the message above, you see that the access rules don't work because the location of the VPN on .3 is not a VLAN and the Access Rules menu only shows VLANs and router interfaces.

Martin Aleksandrov · ‎11-06-2020

Hi Scotty,

On RV's Access Rules you do have Source Interface and Source Address. You should choose "any" and source address "IP Range" or "Subnet" from the drop-down menu.

Regards,

Martin

ScottyPoppy · ‎11-06-2020

Seems like that should work, but after implementing rules I still have no communication between the two ranges. Do these rules look right?

Martin Aleksandrov · ‎11-08-2020

Hello Scotty,

Rules seem fine. Did you enable Inter-Vlan routing on 192.168.3.0 network?

Regards,

Martin

Martin Aleksandrov · ‎11-08-2020

Hi Scotty,

Do you have access to 192.168.2.0 network from the VPN?

Regards,

Martin

ScottyPoppy · ‎11-09-2020

Here is a screen shot of VPN setup:

ScottyPoppy · ‎11-09-2020

Access Rules setup:

ScottyPoppy · ‎11-09-2020

192.168.3.0 is not a defined VLAN. In my VPN setup for the IP Address range I put 192.168.3.0. Once I enable the VPN with the IP Address range of 192.168.3.0 I can't define a VLAN with 192.168.3.0. If I define a VLAN of 192.168.3.0 I can't create a VPN of 192.168.3.0. Once I have connected to the VPN I cannot access any other subnet on the router.

DhrSHondong44141 · ‎02-02-2021

Goodmorning,

I've got exactly the same problem with SSL VPN, I've tried to create ACL's and route policies but this won't work.

Does anyone have any ideas for us?