Re: RV320 to RV340 upgrade/migration issues

HectorG · ‎12-19-2018

Hi community,

I will describe briefly my situation, I have an RV320 that we will like to upgrade to an RV340. This device is use mainly as our gateway. The device has 2 connection only, WAN port is connected to our ISP provider and LAN 1 is connected to our back-bone switch: Netgear S3300. If I'm missing something please let me know!!! don't be shy to ask.. :-}

The RV320 has the following Network settings:

If I understand correctly, the last 3 IP will be as secondary on VLAN 1. Am I correct?

Here is the VLAN Membership screen:

I try to achieve the same on the RV340 but I'm not able to do so because of software changes. There is no "Multiple Subnet Table" option on the RV340, instead I tried this:

Now, when I put this device live, everthing seems ok, until my partner tries to connect using a VPN tunnel site-to-site. The tunnel is up, he can ping the router (10.63.1.1) but he can't see (ping or RDP) the machine he needs which has IP 10.63.1.4.

Can someone please help me out!

Thanks.

Richard Burts · ‎12-19-2018

We do not have enough information about your environment and your topology to be able to identify issues or to make good suggestions. Having looked at what you posted I can say that what you have configured on the 340 is significantly different from what was configured on the 320. So I am not surprised that some things do not work.

Here is what I notice in what you have posted:

1) the 320 configured 2 vlans. the 340 has configured 5 vlans.

2) the 320 uses vlans 1 and 100. The 340 uses vlans 1, 10, 15, 25, 30, and 35. I am not sure that changing vlan numbers matters very much. But I do suspect that creating new vlans does matter. (more on that later)

3) you have not shown us the part of the 320 config that does anything with the 3 addresses that are not in either vlan 1 or vlan 100. I very much doubt that they are secondary in vlan 1. And if they were secondary in vlan 1 then having the 340 put them into new vlans sounds like a serious mismatch.

4) it looks to me like the 320 treated the connection to the Netgear as an access port. Since the 340 is treating multiple vlans as tagged it implies that the 340 is treating the connection as a trunk. If I am correct then this is a serious mismatch.

5) We do not know anything about the Netgear. From the little bit that we know I am guessing that the Netgear may have multiple vlans configured for which it is routing. And I am guessing that the 3 addresses shown on the table of the 320 may be routed on the Netgear.

If you can provide additional information to help us understand what is going on then perhaps we can suggest some solutions.

HTH

Rick

HTH

Rick

HectorG · ‎12-19-2018

Hi Rick,

Could you please tell me what you need to know so I can give you more info.

As per the Vlans... the RV320 is the only place showing or having them... everything here is only one big Vlan: Vlan1.

I have on the same vlan:

192.168.0.0/24

192.168.1.0/24

192.168.20.0/24

10.63.1.0.0/24

The idea of having those subnets was to make the RV320 the gateway for each subnet. So I was told back in the days when I first installed this device that is the way of doing it.

Richard Burts · ‎12-19-2018

As a start can you verify that on the Netgear that all ports belong in a single vlan?

I know (at least sort of) what the 320 is doing with 192.168.1.0 and with 192.168.0.0. I do not know what it is doing with 192.168.6.0 or 10.6.3.0 or 192.168.20.0. I am not sure where to find them in the 320 config but would suggest starting with the pages for Forwarding, for Advanced Routing, and for Port Address Translation.

Since you mention that there was a problem when you attempted to use VPN it might also be helpful to post the pages in that section of the configuration.

HTH

Rick

HTH

Rick

HectorG · ‎12-19-2018

Richard!!

Like I said before there are no other vlans here only default everywhere...

net 192.168.0.0 holds networking devices (switches, cameras, etc.)

net 192.168.1.0 holds workstations

net 192.168.6.0 holds another branch devices via VPN Tunnel

net 192.168.20.0 holds voice system (not phones)

net 10.63.1.0 holds servers accessed by VPN tunnel

The tunnels are UP, but who ever connects can only ping the IP of the RV340 (10.63.1.1 or 192.168.6.1 or 192.168.20.1) and nothing beyond that.

Richard Burts · ‎12-20-2018

It would help us if we understood more about how the 320 is configured. I asked for several screens from the 320 configuration. Can you provide them?

HTH

Rick

HTH

Rick

HectorG · ‎12-20-2018

What else do you need!!???

Richard Burts · ‎12-20-2018

Here is what I previously requested

I am not sure where to find them in the 320 config but would suggest starting with the pages for Forwarding, for Advanced Routing, and for Port Address Translation.

Since you mention that there was a problem when you attempted to use VPN it might also be helpful to post the pages in that section of the configuration.

HTH

Rick

HTH

Rick

HectorG · ‎12-20-2018

Here you go!

[cid:image001.png@01D49861.5E5DEB10]

[cid:image002.png@01D49861.5E5DEB10]

[cid:image003.png@01D49861.5E5DEB10]

Richard Burts · ‎12-20-2018

I am not sure what the issue is. But I am seeing a reference to an image but am not able to see the image.

HTH

Rick

HTH

Rick

HectorG · ‎12-20-2018

Richard Burts · ‎12-21-2018

I am now seeing the screen shots for forwarding and for advanced routing. Unfortunately they do not provide the information that I had hoped that they would. So I still do not know how the 320 was using those addresses and therefore do not have suggestions about the 340.

Your post mentions that there was a problem with vpn access. Perhaps if you post the screen shots from the 320 config for vpn and the corresponding ones from the 340 we might make some progress is resolving that part of the issue.

HTH

Rick

HTH

Rick

HectorG · ‎12-21-2018

Hi

Thanks for trying to help me.

I'm out of the office for the holidays but I'll post back those next year.

Although, I don't quite get why you need to see my tunnels to help out. Tunnels are up but they can only ping the router using 10.63.1.1 the rest of the subnet is inaccessible.

Anyways.. until next year... happy holidays.

Richard Burts · ‎12-21-2018

Part of the vpn configuration deals with the remote peer and bringing up the tunnel and another part of the configuration deals with what traffic should be carried through the tunnel. If they are not able to access some resources that they should access then perhaps part of the configuration is not correct.

Happy Holidays

HTH

Rick

HTH

Rick

HectorG · ‎12-22-2018

Ok... but I don't think that is the case cause the tunnels configuration is the same that part of the software on both devices did not change.