Buy or Renew
Buy or Renew
This forum is no longer in read-only mode. See this post for updates
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2096
Views
5
Helpful
4
Replies

routing via another router through vpn

Go to solution
jpblcm001
Level 1
Level 1

‎04-12-2016 08:16 AM

Hello,

Here is the topo :

RV042G <--------VPN-------> Router1<---lan1-->Router2<---lan2--->

I have a RV042G connected to a router "1" (LAN1) through a VPN. I have another router ( "2" for LAN2) behind the router "1" with another Lan (not bridge, different IP).

At this time, I can PING the router "2" wan IP from the RV042G, but from the distant RV042G I cannot access the devices behind router "2" on LAN2. The opposite is right, from LAN2 I can ping every devices on any LAN included the LAN behind the VPN

On the RV042G, I set a static route to indicate that the IP from LAN "2" was reachable from router"2"WAN, but a traceroute always shows that I don't use the VPN and ask my provider gateway instead. The list of static route is not showing the route I set.

At this point I'm a bit lost. What can I do to tell the RV that the route to router2 is through the vpn and not my provider's gateway ?

Thank you for any help (and sorry for my poor english)

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to jpblcm001

‎04-13-2016 12:28 AM

Having read this guide:

http://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv0xx/administration/guide/rv0xx_AG_78-19576_310513.pdf

...take a look at page 110. The 'Remote Group' is where you would list the subnets which are accessible via the VPN. Currently this group should contain 'LAN1' so you will need to add 'LAN2' to it.

cheers,

Seb.

View solution in original post

4 Replies 4

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎04-12-2016 08:53 AM

Hi there,

You will have an ACL which is used by the VPN between RV042G and ‘router1’, this ACL determines which traffic is encapsulated and sent down the VPN. You need to ensure that the LAN2 subnet is included in that ACL as a ‘permit’.

With this configured, any traffic leaving RV042G destined to LAN2 will be routed via the VPN to router1.  I assume that router1 will have an entry for LAN2 in its routing table and will know to route traffic towards router2.

 

Cheers,

Seb.

0 Helpful

Go to solution
jpblcm001
Level 1
Level 1
In response to Seb Rupik

‎04-12-2016 09:00 AM

Hello Seb, 

Thank-you for your quick help. Where is the access to this ACL ? the RV042G web interface does not show it.

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to jpblcm001

‎04-13-2016 12:28 AM

Having read this guide:

http://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv0xx/administration/guide/rv0xx_AG_78-19576_310513.pdf

...take a look at page 110. The 'Remote Group' is where you would list the subnets which are accessible via the VPN. Currently this group should contain 'LAN1' so you will need to add 'LAN2' to it.

cheers,

Seb.

Go to solution
jpblcm001
Level 1
Level 1
In response to Seb Rupik

‎04-13-2016 02:55 AM

Hello Seb, You lead me on the right path. The RV042G doesn't not have the "network policy" function to add like you said, multiple subnets through the VPN, but I created another tunnel with the LAN2 settings to the same distant VPN gateway, I also add the new network policy over there ( the router has the function)... and all is ok now. A big thank-you.
0 Helpful
Customers Also Viewed These Support Documents