RV320 VPN CONFIG

petreski1 · ‎03-07-2015

Hi,

i have make a vpn configuration "G to G" and the vpn is connected but i can't ping the server on the other side.

i read that the RV320 need to have a public address to make the tunnel working properly. is that true ?

i use a internet adsl box for access internet but i can't change the working mode to bridge.

have you a solution on the rv320 to bypass this problem ?

thank for your help and sorry for my bad english.

Toni.

cchamorr · ‎03-07-2015

Hello Tony,

What you say is true, when you have a modem/router that is not on bridge mode in front of the router then you will run into weird issues, one way traffic, disconnections and such.

Ideally you want to have your modem on bridge mode, if that is not the case, you still have a few option (unsupported but still good workarounds):

1- See if the modem supports DMZ, if so, setup the RV320 on a DMZ port on the modem.

2- If no DMZ then try to forward all the ports from the modem to the WAN IP address of the RV320.

Lastly, it is possible that everything is working already but the server itself is blocking pings due to a firewall setting, try the following:

1- Disable the firewall on the server and try again.

2- Try to access the server using a different method, you can try using remote desktop to see if there is any connectivity.

Please try to above mentioned steps and let us know if it works for you.

petreski1 · ‎03-08-2015

thank you for your reply,

i have configure the DMZ on the internet box but nothing better.

my conf :

vpn with preshared-key and 3des and sha1 for the phase 1 and 2.perfect forward secret is disabled.

the problem is that in the log everything seam ok - the tunnel is up and my partner in side can see the same - tunnel up on phase 1 and 2 but he dont see any packet arriving on them firewall.

maybe you have a test platform that can i use to test - just pinging one IP.

thanks for your help.

Toni.

cchamorr · ‎03-08-2015

Hello and thank you for the reply.

I'm sorry it s still not working. You never said if you tested using the remote desktop.

What do you mean with a test platform? What would you like to try?

petreski1 · ‎03-08-2015

the dont manage the 2nd router and i have not able to diag the problem because the rv320 have no error log reported.

i try to connect to one server using http or ssh.

for the test plaform i dont have a second router to validate my configuration and i was thinking maybe you have on your office some test access that we can use.

and for the end...i need to by an other router with more debug options ?

thanks.

cchamorr · ‎03-09-2015

I don't think the issue is related to the router itself but more related to the fact that the router is behind another router.

Unfortunate at the moment I don't have a router that I can let you connect to for testing.

petreski1 · ‎03-11-2015

Hi,

It was a problem on the internet Box, the Dmz was not configured properly.

thanks.

i will open a new discution because the firewall rules dont affect the VPN connection.

cchamorr · ‎03-11-2015

Hello,

I'm glad you found the problem.

Please don't forget to grade or mark an answer as correct if it was helpful to you so that other members can benefit from it.

In regards to the access rules and the VPN, you are absolutely right. The VPN is like if you were directly connected to the router, so the access rules don't apply to VPN connections.

petreski1 · ‎03-12-2015

Just for information,

I configure a DMZ on my Internet Box (forward all packet to my RV320 with a privat address) and everything work fine for the moment.

No Nat tranversal set but i set the MTU as 1472.

Thanks.

kolladmin · ‎03-16-2015

Hello cchamorr,

I would like to ask you if the public IP adress of the LTE modem/router (with no brigde mode) is reached through in this case (with the DMZ)? Because I would like to set up a VPN (G2G) with the static IP and until now I was not able to get the IP to the RV320.

Thanks

kolladmin