Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
472
Views
0
Helpful
0
Replies

RV340 - Cannot communicate with internal DNS environment

JordanReich53042
Level 1
Level 1

‎02-06-2021 05:25 PM - edited ‎02-09-2021 03:29 PM

I self-resolved this problem. Thank you.

I have a somewhat interesting setup and I need some assistance in figuring out I believe the static routing for the RV340. Although there could be something else that I am missing.

Subnets:
192.168.1.0/24 - RV340
192.168.1.1 - IP of RV340
192.168.1.108 - IP of MikroTik
10.1.0.0/24 - VPN subnet for connected devices to RV340
10.0.0.0/24 - MikroTik primary subnet (I have multiple other ones that don't matter for this)

Setup:
- RV340 is the perimeter router where the internet comes into. I have two different WANs set up in failover. I have a MikroTik router plugged into LAN4 of the RV340.
- Had the MikroTik router setup as a DMZ HOST (192.168.1.108).
- I port forward ALL-PORTS TCP/UDP (except 8443) to 192.168.1.108. Then use the MikroTik to take care of all of the data from there that runs a fairly complex internal network and subsequent joined AD-to-AD sites.

The Problem:
- Is when running the SSL-VPN (AnyConnect) on 8443. The only port I do not forward I can establish a connection without any problem and if my DNS is set to 8.8.8.8, for example, the internet works and I return the IP address of my site location. Ideally, though I want the DNS set to 10.0.0.3 for my internal DNS resolve so that all of my intranet sites and local devices work correctly with the connected VPN device.

Diagnostics:
- Logging on the RV340 has confirmed that the VPN device is attempting to dial the correct address:

kernel: [19851.450441] FIREWALL ACCEPT:IN=tun0 OUT=eth2 DST_MAC= src=10.1.0.12 DST=10.0.0.3 LEN=75 TOS=0x00 PREC=0x00 TTL=63 ID=28392 DF PROTO=UDP SPT=49425 DPT=53 LEN=55 MARK=0x100

- Logging on the MikroTik router to capture log data for all incoming anything to 10.0.0.3 has zero returns. So the data is never making it to the MikroTik router.

My guess is this has to do with the static port setup but I have tried numerous combinations without much success.

Any help you can provide would be greatly appreciated!

[UPDATES] - I added the following static routing path:
2021-02-06 17_49_33-RV340 Dual WAN Gigabit VPN Router.png
I also now see traffic hitting my MikroTik router from the RV340:
2021-02-06 17_51_11-38636@10.0.0.1 (ReichHub) - WinBox v6.46.8 on RB3011UiAS (arm).png


But I still cannot access the DNS and webpages continue to not load due to a DNS failure. Also cannot access the NAS storage area or anything as of yet. Packets are getting further but not returning.

Labels:
Preview file
9 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents