05-16-2016 08:50 PM
Hi,
I created a VPN network between office #1 (RV325 - 10.0.10.1/255.255.255.0) and office #2 (RV130W - 10.0.1.1/255.255.255.0). The VPN seems to be working well. Both routers can ping each other and I can ping from one office computer to the router of the opposite office successfully.
The problem I'm having is not being able to see from one office into the other office beyond the router. I'm under the impression the missing link might be setting up static routing tables correctly but I have not been able to successfully do that. The current routing tables are shown on the attached pictures as well as the section where to modify them.
Any help and guidance on how to make both offices visible to each other is greatly appreciated. The objective is to be able to access equipment across both offices. For instance, computer on office #1 can see and print on printer in office #2 and the other way around from the other office.
Thanks in advance.
05-17-2016 02:59 AM
Hi,
when you ping from office1 computer to the router on the other side, do you ping on the external IP or the internal IP 10.0.1.1?
Can you show the VPN local group and remote group on RV130W, so we can verify the IP addresses mirror the other side?
05-17-2016 03:06 AM
Hi Borgenstrand,
The ping is done to to the internal IP of each office. So router in office #1 can ping internal IP of router on office #2 and the other way around too.
Is what you are asking what I uploaded on image rv130w_tunnel.png on previous post?
05-17-2016 03:13 AM
Hi,
Yes, I saw that now. So, the Ping traffic can go over the VPN tunnel.
The printers you use, do you connect to them using their domain name or an IP address?
05-17-2016 03:23 AM
Hi Borgenstrand,
Printers are IP based.
Attempting to do a ping from any computer on on office to any computer in the opposite office fails. No device can see anything on the opposite network other that the opposite router.
05-17-2016 03:52 AM
Office1 RV325. 10.0.10.0/24
Office2 RV130W. 10.0.1.0/24
The VPN connection itself looks good.
If you do a tracert from an computer in Office1 to an IP in Office2 subnet, when does it stop?
From Office1, you can access the internet correctly right?
Same from Office 2?
I am thinking about your NAT config.
05-17-2016 11:36 AM
05-17-2016 12:20 PM
For me, it seems like the traffic gets nat'ed and then your ISP on Office1 side gets a packet to destination 10.0.10.100 so it drops it. Normally the "interesting traffic" should get denied from being nat'ed so it goes over the VPN tunnel instead.
On RV130w, can you go to IPSec Connection Status under Advanced VPN Setup?
05-17-2016 12:24 PM
05-26-2016 04:59 AM
Hi,
Are the resources in office 1 and 2 that you wish to access from each other site part of their respective Native VLAN?
If they are not try checking access to a resource which is on native VLAN of each site from the other site and share your findings.
Jeb
Toronto
05-25-2016 05:25 AM
Hello julifdela,
Did you end up fixing this problem?
All you needed to do was configure your ACL's to first deny the traffic between the sites, then permit it. (no NAT)
05-25-2016 12:47 PM
Hi Yasien,
I haven't been able to solve the issue yet. I did add some rules to the routers to allow access but it didn't work. Wondering if you could take a look at the attached images and let me know if you see it being configured wrong.
Office1 RV325. 10.0.1.0/24
Office2 RV325. 10.0.10.0/24
05-25-2016 11:09 PM
Hi hard to tell from those shots.
I would break the VPN config on both sides, and re-do again with the wizard.
Delete all reference to each site in the ACL lists.
The wizard should re-create the VPN tunnel with appropriate NAT config.
also, what are the 192.168.x.x networks in your list?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide