I solved it! It was

CS@HV · ‎07-07-2015

I have configured a RV325 (Firmware v1.2.1.13) with 2 VLANS:

VLAN1 (Port 1-13) 192.168.1.0/24 intended for VPN connection (Internet & VLAN4 not allowed)

VLAN4 (Port 14) 192.168.2.0/24 intended for Internet usage (VPN & VLAN1 not allowed)

Without a VPN tunnel DHCP and Internet access works fine on both VLAN.

If I build up a VPN tunnel for SRC=192.168.1.0/24 (VLAN1) and DST=any to 5510 ASA (tunnel works fine) the traffic stops for VLAN4 (no Internet connection) although it is not intended to stop.

what can i do to have a VPN tunnel for VLAN1 and Internet connection (without VPN) for VLAN4?

kind regards

Peter

Michael Swenson · ‎07-07-2015

Hello,

Yes your configuration should work. What is the IP subnet on the ASA? If it is the 192.168.2.0/24, this would explain the failure.

Best Regards,

Mike

CS@HV · ‎07-07-2015

The RV325 is at a remote location and the PC's on Port 1-13 (VLAN1) must have access to all the networks (0.0.0.0/0.0.0.0) at the headquarters (ASA). Internet is not allowed for them (Tunnel everything). It is not allowed to see VLAN4. At Headquarters there is no 192.168.2.0/24.

There must be one PC with Internet Connection on Port 14 (VLAN4). It is not allowed to see the VLAN1/VPN.

My VPN Configuration on RV325:

Local Group Setup
Local Security Gateway Type:   IP Only
IP Address:   xxx.xxx.xxx.xxx
Local Security Group Type:   Subnet
IP Address:   192.168.1.0
Subnet Mask:   255.255.255.0

Remote Group Setup
Remote Security Gateway Type:   IP Only
IP Adress   xxx.xxx.xxx.xxx
Remote Security Group Type:   Subnet
IP Address:   0.0.0.0
Subnet Mask:   0.0.0.0

If the Tunnel is up the PC on VLAN4 can't ping its default gateway on RV325.

CS@HV · ‎07-08-2015

I solved it!

It was neccessary to add a static route. But it did not work immediately, but only after a reboot.

RV325 with 2 VLAN and VPN