Showing results for 
Search instead for 
Did you mean: 

RV340 VPN Issues

Level 1
Level 1



I managed to define a SSL VPN connection from my android device to my RV340, but I can't access any of my servers in the LAN once the connection is established.


I watched the video that guides how to do that, which is exactly what I did, but it doesn't help:


I'd appreciate your help.



11 Replies 11

Hall of Fame
Hall of Fame

Do you have ACL to allow VPN pool to Access Internal LAN,. also check what Firmeware you have, there were some discussion they have old firmware, after upgrade all fixed by it self


best is test with ACL is ok before upgrade,



***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

A D'Auria
Level 1
Level 1

Do you have for your server VLAN the option Inter-VLAN routing enabled?

I have the SSL VPN configured and no ACL was required.


I do have a device that is not accessible directly via the SSL-VPN - to reach it from remote, I have to do it via another device within the same VLAN - but that says more about the device itself and not the SSL-VPN as I have no trouble accessing anything else in my network. 


Just to make sure that all the simple things are correct, I am assuming that you can reach the internet from the servers in your network - that the default gateway on them is configured and no firewall rules are in the way. Also the SSL-VPN client address pool must not overlap another address pool in your network. I think the router will not let you even create an overlap.





Hi A D'Auria and balaji.bandi


I believe that your suggestions are exactly to the point.


I do not have such rules. I have the default VLAN1 where all my servers are and another one for guests that is irrelevant in that case, but I'm sure I'm missing some ACL or Inter-VLAN rules.


How do I set these up? I have this rule ( is the range of the SSL VPN clients), but it doesn't seem to be helpful:





BTW, I'm using the latest firmware



Take a look in your VLAN set-up.


LAN->VLAN Settings:

Look at the 3rd/4th column "Inter-VLAN routing" - make sure that it is turned on/checked for your server VLAN.





My "Inter-VLAN routing" is indeed enabled on all my VLANs:






What I find strange on the android side is the routes that are declared in the AnyConnect screen. Why My "Split Tunneling" checkbox in the Group policy isn't checked


One more thing I checked on the android device is the interfaces and routes. Same thing. Nothing specific that points to the AnyConnect's interface (tun0):

$ ifconfig
dummy0: flags=195<UP,BROADCAST,RUNNING,NOARP> mtu 1500
inet6 fe80::744d:f7ff:fe97:d36f prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 25 bytes 1750 (1.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet netmask
inet6 ::1 prefixlen 128 scopeid 0x10<host>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1 (UNSPEC)
RX packets 82 bytes 27217 (26.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 82 bytes 27217 (26.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

rmnet_data0: flags=65<UP,RUNNING> mtu 1430
inet 100.1xx.1xx.xx netmask
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 21837 bytes 23558811 (22.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13179 bytes 1722479 (1.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

rmnet_ipa0: flags=65<UP,RUNNING> mtu 2000
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 11340 bytes 23821215 (22.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13179 bytes 1827911 (1.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tun0: flags=81<UP,POINTOPOINT,RUNNING> mtu 1329
inet netmask destination
inet6 fe80::9761:e537:a850:8ac5 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 113 bytes 68333 (66.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 122 bytes 10145 (9.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
100.1xx.1xx.xx U 0 0 0 rmnet_data0


Hello dst_u,


You should have enabled Inter-VLAN routing  (LAN-->VLAN Settings-->Inter-VLAN Routing on your VLAN1) although it would not affect VPN client connectivity to your servers. How do you try to access your servers through the Android mobile phone? Do they have enabled remote access (RDP, etc.)?


My advice is to restore to default rules the Firewall Access Rules on your RV. (Access Rules --> Restore to Default Rules), save and apply config. Then reconnect the VPN client and see if you have access to your servers.




Hi Martin,


I have Linux servers, so I access them by SSH.


As I responded to D'Auria, the Inter-VLAN routing is indeed enabled.


As for the rules, I can't reset them. I have too many that I added over years. Are there any specific rules that are related to VPN->LAN access that I need to create/enable?



Hello dst-u,


Please do create access rules that allow traffic from your VPN network (network subnet) to your servers VLANs.






I have. It didn't help


That's the rule that I created:


This is the same issue i have been trying to fix over the last few weeks


no matter which acl you add for vlan or routes once connected on the vpn , you can't talk to any host on the lan network, seems like the router doesn't allow the traffic to go accross, no routes are shown and you can even select tun0 as an interface to send routes thru. does anyone have any updates or solutions for this