Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
894
Views
0
Helpful
6
Replies

No access to remote net (Site to Site tunnel) on RV340 router

adminRADA
Level 1
Level 1

‎01-19-2022 04:01 AM

Hi,

I'm not a expert on vpn  and routing, but i have to configure access for some remote workers to banch office (BO) via vpn. The workers have to have access to branch network and headquarters' network.

 

The topology is:

BO (left side) <-> HQ (right side)

 

BO: Cisco RV340 works as gateway, WANIP - D.E.F.170/30, LANIP: 192.168.10.0/24 (VLAN1) + 192.168.7.0/24 (VLAN7)

HQ: Linux RedHat works as gateway, WANIP - A.B.C.254/30, LANIP: 172.16.0.0/12

 

I succesfully setup Site To Site tunnel between RV340 and Linux. I can ping any pc in HQ from BO, and vice versa.

 

Now I have configured SSL VPN, and gave IP pool as 192.168.200.0/24.

I have added 192.168.200.0/24 network to:

1) ip address group as my local network ("left side") on RV340 site-to-site vpn,

2) and on LINUX ("right side") as remote network.

 

I can successfully connect to RV340 using AnyConnect from MS Store (the free version), but i can only ping pc from VLAN1 and VLAN7 on my branch office, not from HQ.

 

Could anyone help me properly configure the vpn connection?

 

Best regards,

Mariusz

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎01-19-2022 05:04 AM

Hello,

 

hard to say...is the firewall enabled on the RV160 (it is by default) ?

 

Under Firewall > Basic Settings, uncheck 'Enable' to find out if the firewall is blocking anything.

0 Helpful

adminRADA
Level 1
Level 1
In response to Georg Pauwen

‎01-21-2022 02:59 AM

Yes, the firewall is enabled. I turned off the firewall for a while on RV340 and PC, but nothing changed

0 Helpful

Georg Pauwen
VIP
VIP
In response to adminRADA

‎01-21-2022 04:37 AM

Hello,

 

check your split tunnel and VPN passthrough (enabled by default) settings (page 97/98 of the attached admin guide).

 

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/RV340/Administration/EN/b_RV340x_AdminGuide.pdf

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎01-19-2022 05:37 AM 

I can successfully connect to RV340 using AnyConnect from MS Store (the free version), but i can only ping pc from VLAN1 and VLAN7 on my branch office, not from HQ.

So is this issue with any connect IP address you getting site to remote access, how about to Lan to Lan Site to site VPN works as expected.

 

then you need to Look Access policy the VPN remote access to be part of Allowed list.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

adminRADA
Level 1
Level 1
In response to balaji.bandi

‎01-21-2022 03:35 AM

Dear Balaji, unfortunately my english isn't so good and because of this i have some problem undestanding your advice. Maybe I didn't explain the situation well enough. Let me explain again:

 

After connecting my tablet to RV340 router via SSL VPN, I can ping any pc in vlan1 and vlan7 (both vlans are on my RV340 router), but i can't ping any pc in network in HQ.

HQ is conneced with BO by Site-to-Site tunnel. There is no problem with connectivity between HQ and BO. 

 

Could you explain me again, what i should check?

 

Best regards,

Mariusz

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to adminRADA

‎01-21-2022 04:37 AM 

After connecting my tablet to RV340 router via SSL VPN, I can ping any pc in vlan1 and vlan7 (both vlans are on my RV340 router), but i can't ping any pc in network in HQ.

Do you have Access Policies to allowed your VPN pool allowed - "HQ is conneced with BO by Site-to-Site tunnel"

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents