so, if I dont want PCs in

georgedlake1 · ‎07-02-2015

Hi,

I have 2 RV082 connected via VPN tunnel.

I now want to set up VLANs on both sites.

The question is will the VLANs of the same number see what is on the other side?

In other words.

Router 1:

IP 192.168.200.x

VLAN1 192.168.200.10-20 (Fixed IPs)

VLAN2 192.168.200.50-55 (Fixed IPs)

Router 2:

IP 192.168.1.x

VLAN1 192.168.1.10-20 (Fixed IPs)

VLAN2 192.168.1.50-55 (Fixed IPs)

Can PCs on VLAN1 on Router 1 reach the PCs on VLAN1 on Router 2?

Joshua Beatty · ‎07-02-2015

Yes, the VLANs will see each other. The only problem you run into with networks and VPNs is if the Subnets overlap. There is no VLAN tagging sent over the VPN so they are not aware of the VLANs on the other side of the VPN tunnel, just the networks.

georgedlake1 · ‎07-03-2015

so, if I dont want PCs in VLAN1 from router 1 to access things on VLAN2 on Router 2 I would have to set up some sort of rules on the Firewall of each router?

And also, is there a VLAN that can see all others? hoy would I access all devices as an admin?

Joshua Beatty · ‎07-07-2015

What VLANs can see each other is based on the IPsec policy at each end. So if you had on side A

Local Security group 192.168.200.0\24

Remote Security Group 192.168.1.0\24

And on side B

Local Security group 192.168.1.0\24

Remote Security group 192.168.200.0\24

Both VLANs on each side would be allowed to talk to each other. However if you set the local security group on A to be

Local Security Group 192.168.200.0 \27

you would allow 192.168.200.0-31 but not 192.168.200.32-255 across the VPN

RV082 VPN+VLAN