07-07-2015 03:08 AM
I have configured a RV325 (Firmware v1.2.1.13) with 2 VLANS:
VLAN1 (Port 1-13) 192.168.1.0/24 intended for VPN connection (Internet & VLAN4 not allowed)
VLAN4 (Port 14) 192.168.2.0/24 intended for Internet usage (VPN & VLAN1 not allowed)
Without a VPN tunnel DHCP and Internet access works fine on both VLAN.
If I build up a VPN tunnel for SRC=192.168.1.0/24 (VLAN1) and DST=any to 5510 ASA (tunnel works fine) the traffic stops for VLAN4 (no Internet connection) although it is not intended to stop.
what can i do to have a VPN tunnel for VLAN1 and Internet connection (without VPN) for VLAN4?
kind regards
Peter
07-07-2015 07:12 AM
Hello,
Yes your configuration should work. What is the IP subnet on the ASA? If it is the 192.168.2.0/24, this would explain the failure.
Best Regards,
Mike
07-07-2015 10:40 PM
The RV325 is at a remote location and the PC's on Port 1-13 (VLAN1) must have access to all the networks (0.0.0.0/0.0.0.0) at the headquarters (ASA). Internet is not allowed for them (Tunnel everything). It is not allowed to see VLAN4. At Headquarters there is no 192.168.2.0/24.
There must be one PC with Internet Connection on Port 14 (VLAN4). It is not allowed to see the VLAN1/VPN.
My VPN Configuration on RV325:
Local Group Setup
Local Security Gateway Type: IP Only
IP Address: xxx.xxx.xxx.xxx
Local Security Group Type: Subnet
IP Address: 192.168.1.0
Subnet Mask: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP Only
IP Adress xxx.xxx.xxx.xxx
Remote Security Group Type: Subnet
IP Address: 0.0.0.0
Subnet Mask: 0.0.0.0
If the Tunnel is up the PC on VLAN4 can't ping its default gateway on RV325.
07-08-2015 03:05 AM
I solved it!
It was neccessary to add a static route. But it did not work immediately, but only after a reboot.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide