cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1253
Views
0
Helpful
0
Replies

RV340 routing/Firewall issue between VLAN and Networks

Sistemas EYSE
Level 1
Level 1

Hi people!

 

I am implementing a solution and I’ve detected some problems on all Cisco RV340 I am working with: 

 

Scenario:

 

In my network, I have a layer 3 switch as a default router, in this, I have defined four VLAN:

VLAN 1: 10.5.0.0/19

VLAN 2: 10.5.32.0/19

VLAN 13: 192.168.3.0/24

VLAN 15 192.168.5.0/24

 

In the switch, each VLAN has defined your interface IP:

VLAN 1: 10.5.1.1

VLAN 2: 10.5.33.1

VLAN 13: 192.168.3.11

VLAN 15: 192.168.5.11. 

 

Description:

 

I am using a RV340 in one of this VLAN 15: 192.168.5.0/24, It is connected in a port on the switch defined as access in VLAN15 and the IP LAN is 192.168.5.1.

I have defined, in RV340, the follow static routes:

network 10.5.0.0/19 to 192.168.5.11

network 10.5.32.0/19 to 192.168.5.11

network 192.168.3.0/24 to 192.168.5.11

I have defined GRE tunnel between another network 192.168.16.0/24 also using a RV340 in remote site.

In Local Equipment, inside on GRE tunnel configuration, in Routing Protocol section, it is defined “do split tunneling” and static route 192.168.16.0/24.

On the another hand, in remote RV340 equipment, which has IP 192.168.16.1, inside on GRE tunnel configuration, in Routing Protocol section, it is defined “do split tunneling” and as static routes 10.5.0.0/16, 192.168.3.0/24 and 192.168.5.0/24.

 

See  “My network with RV340 and GRE Tunnel (It doesn’t work, see problem description)"

 

 

The problem

 

I´ll explain what my problem is with the follow example:

 

I have a PC connected in VLAN 15: 192.168.5.0/24 with IP 192.168.5.20 mask 255.255.255.0 and def. route 192.168.5.1, I have another PC connected in VLAN 2: 10.5.32.0/19 with IP 10.5.32.10 mask 255.255.224.0 and def. route 10.5.33.1, another in VLAN 1 and VLAN 13.

 

When I send ping from PC 192.168.5.20 to 10.5.32.10 I receive the reply but when I send ping from PC 10.5.32.10 to 192.168.5.20, I receive time outs. The same happens with nodes in VLAN 1 o 13. Of course, in PCs, the firewall is disable. The problem is not only with ICMP protocol, it happens whit any service. When I start the connection from any PC in network 192.168.5.0/24 using as default router 192.168.5.1 to any PC in another VLAN, it works. However, if I start the connection from any PC in any VLAN to PC in network 192.168.5.0/24, It doesn’t work.

It’s very strange because, in remote network 192.168.16.0/24, there is a PC with IP 192.168.16.30 mask 255.255.255.0 and def. router 192.168.16.1, when I send ping from this PC to any node in VLAN 1, 2 ,13 or 15 I receive the reply and from those nodes in different VLAN to this PC I also receive the reply.

 

I have a RV320 and I have configured it with the same parameters but without GRE Tunnel because the router doesn’t allow it. However, I don’t have this problem, ping is answered in all the cases.

See "With RV320 (It works)"

 

I have tested RV340 without GRE tunnel, but the problem continues.

See “With RV340 and without GRE Tunnel (It doesn’t work, some issue)”

 

I have also tested taking out static routes and defining VLAN 1, 2 13,15, assigning an IP in each interface and then set one port as trunk, one untagged VALN and others tagged, in RV340, and connected with switch in port with same definition but the problem continues.

See "With RV340 connected to switch by Trunk and without GRE Tunnel (It doesn’t work, some issue)"

 

Another thing I did, was add some rules in RV340 firewall allowing the networks and VLAN but it happens the same

I don’t know what happen, but It is clear there is an issue, I think or suppose It is in the firewall.

Has someone had a similar situation? Could you fix it?

 

Thanks!RV340 issue-My Network with RV30 and GRE Tunnel.jpgRV340 issue-RV340 without GRE Tunnel.jpgRV340 issue-with RV320 and without GRE Tunnel.jpgRV340 issue-with RV340 connected to switch by trunk and without GRE Tunnel.jpg

0 Replies 0