Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
846
Views
0
Helpful
8
Replies

RV345 IPSec Passthrough from WAN via NAT to a internal Destination-IP

timo.woellner1
Level 1
Level 1

‎09-27-2021 01:21 AM

Hello !

I would like to set up an extended route that allows me to set up a specific destination IP address with NAT from a special source IP address including all RV345's own services, including IPSEC VPN.

0 Helpful
8 Replies 8

pman
Spotlight
Spotlight

‎09-27-2021 01:51 AM - edited ‎09-27-2021 01:55 AM

Hi,

 

Could that be what you're looking for? :


https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/Configuring_Site-to-Site_VPN_on_the_RV34x.html

0 Helpful

timo.woellner1
Level 1
Level 1

‎09-27-2021 02:36 AM

Hi,
thank you, but that was not my intention. I know very well how to configure an IPSEC VPN tunnel between two RV345 or other remote stations. The point is to configure an additional VPN tunnel behind the RV345 on a different firewall.

0 Helpful

pman
Spotlight
Spotlight

‎09-27-2021 03:25 AM - edited ‎09-27-2021 03:26 AM

So basically you want to create another VPN profile to new remote WAN IP and what will go through is another Local IP address (on RV345)?

0 Helpful

timo.woellner1
Level 1
Level 1
In response to pman

‎09-27-2021 08:54 AM - edited ‎09-27-2021 08:55 AM

if I got it right, then yes
here again:
I would like to forward a specific remote address incoming over a wan interface completely to an internal address at another firewall in a vlan on the RV345 including all ports and protocols. For IPSEC-VPN these are at least the ports 500udp, 4500udp and the ESP protocol.

0 Helpful

pman
Spotlight
Spotlight
In response to timo.woellner1

‎09-27-2021 09:50 AM

i think that if you need a specific remote address incoming over a wan interface to get to a specific internal address behind the RV345 at certain ports then what you need is port-forwording + access-rule.

There may be another way to do this, maybe someone else will be able to give his advice

 

port-forwording

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5818-configure-port-forwarding-port-triggering-nat-on-rv34x-serie.html

 

access-rule

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5491-configure-access-rules-on-an-rv34x-series-router.html

 

0 Helpful

timo.woellner1
Level 1
Level 1
In response to pman

‎09-27-2021 02:23 PM

thanks, i will test it tomorrow.

Can you tell me in which order the access rules and port forwarding and perhaps the other security functions are processed?

0 Helpful

timo.woellner1
Level 1
Level 1
In response to timo.woellner1

‎09-27-2021 02:30 PM - edited ‎09-27-2021 02:30 PM

OK. I have tested.
Access Rule:
WAN1 from the specified remote ip address to the specified destination IP address in vlan 1 behind the RV345 with any traffic and any services, only work for services that do not run on the RV345 itself.

and now ?

0 Helpful

timo.woellner1
Level 1
Level 1
In response to pman

‎09-27-2021 02:30 PM

OK. I have tested.
Access Rule:
WAN1 from the specified remote ip address to the specified destination IP address in vlan 1 behind the RV345 with any traffic and any services, only work for services that do not run on the RV345 itself.

and now ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card