Buy or Renew
Buy or Renew
This forum is no longer in read-only mode. See this post for updates
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2706
Views
0
Helpful
5
Replies

Routing between tunnels on RV042

MaestroMroj
Level 1
Level 1

‎06-21-2013 09:40 AM

Hi,

I built a network with many RV042 routers as client networks and one main RV082 router as host network. There are gateway to gateway tunnels between them. Every client router is connected to main host router. Host router is 192.168.100.0/24 and clients are 192.168.101/24, 192.168.102.0/24, etc... I am able to ping every device in client networks from host network, but client networks aren't able to ping each other. I know that this is because RV042 offer tunnels only with the same subnet, I read many articles about it here and on many other forums. But isn't any way how to do it? I tried built tunnels with 255.255.0.0 netmask, but it didn't work. I think that it must be possible with some kind of static routing on host router, but i don't know how to do it.

Another problem is, that I have group VPN on host router for connecting from outside this network (from anywhere) which is working, but again... I can only ping devices on host network, client networks connected via tunnels are unreachable. Strange is, that when I set up second group VPN on host router with local subnet of some client networks I am able to ping that network from outside (so ping pass first time through one group VPN tunnel to host router and second time through tunnel to client router). So I decided to set up many group VPNs for connecting from outside the network (each tunnel for each client netwrok), but there is some silly limitation! Only two group VPNs can be created!!! Why!?! And again I am fuc*ed. I need to solve this problem ... some way.

This second problem is more important for me. I must be able to reach whole network from outside. So if anyone have some idea what to do, please help me. Thank You.

Labels:
0 Helpful
5 Replies 5

Tom Watts
VIP Alumni
VIP Alumni

‎06-21-2013 02:51 PM

Hi aaa, none of the small business products were really designed for multi site vpn like you describe. If you want this to work, you need to make a tunnel for each site per router.

The concept is actually very simplified, when creating a site to site VPN, the end points list the connecting gateway and subnet. Therefore it only updates the route table for the configuration provided.

You were clever to try to supernet the tunnel, but the router still maintains the limitation.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

MaestroMroj
Level 1
Level 1
In response to Tom Watts

‎06-21-2013 03:50 PM

Thank you for your reply... I was looking for solution whole day and finally I discovered simply hack for problem no. 1 on some other forum. I set 192.168.0.0/16 as local and 192.168.101.0/24 as remote on host router and 192.168.101.0/24 as local and 192.168.0.0/16 as remote on client rouer and it works!!! So now, I am able to communicate between whole network of RV042 routers with just only one tunnel per client router to host router!!! I am very happay about that and I think, that this information will be very useful for many people on this forum...

But it doesn't work with client-to-gateway connection. As I wrote if I could create more than 2 group VPN tunnels, everything should be fine... But there is this nonsense limitation. So I ask different question. How I connect to this VPN of RV042 routers from outside using normal tunnel instead of group VPN tunnel? Normal tunnel hasn't limitation but I don't know how to use it. I am using Shrewsoft VPN software using group VPN. So is there some way how to do it using standard tunnels? If yes, I am able to create some tunnels for each subnet and I am fine...

0 Helpful

SamirD
Level 5
Level 5
In response to MaestroMroj

‎07-09-2013 08:23 AM

Interesting.  I have a configuration very similar to yours using multiple rv016s and some netgear equipment.  I use the PPTP server and can reach anything from anywhere once I'm inside the network.  I set up multiple tunnels, one from each router to all the others to create a vpn mesh.  Have you tried doing that?

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful

MaestroMroj
Level 1
Level 1
In response to SamirD

‎07-09-2013 11:44 AM

PPTP is disabled because I heard that it is not secure enough. I think, that PPTP is little higher layer than pure tunnels so router shouldn't to decide which IPSec tunnel is used for each packet. Because when I use pure tunnels, packet has original IPs source and destination device and it is compared with IPSec policies. But with PPTP it is maybe little different.

Yes, multiple tunnels one from each router to all the others is definitely technical solution but it is annoying to set if you have more than 5 networks. Too many tunnels.

How do you connect to the router via PPTP? Could you post some configuration details of the client?

0 Helpful

SamirD
Level 5
Level 5
In response to MaestroMroj

‎07-10-2013 10:16 PM

Interesting.  Your explanation definitely makes sense.

As far as enabling the PPTP server and logging in, it's pretty easy.  I believe it is under VPN-->PPTP Server.  Enabled it and set up a user and password as well as IP range.  Then you can use the standard built-in MS client to connect:

http://support.microsoft.com/kb/314076

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful
Customers Also Viewed These Support Documents