cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
205
Views
0
Helpful
8
Replies
timo.woellner1
Beginner

RV345 IPSec Passthrough from WAN via NAT to a internal Destination-IP

Hello !

I would like to set up an extended route that allows me to set up a specific destination IP address with NAT from a special source IP address including all RV345's own services, including IPSEC VPN.

8 REPLIES 8
pman
Beginner
timo.woellner1
Beginner

Hi,
thank you, but that was not my intention. I know very well how to configure an IPSEC VPN tunnel between two RV345 or other remote stations. The point is to configure an additional VPN tunnel behind the RV345 on a different firewall.

pman
Beginner

So basically you want to create another VPN profile to new remote WAN IP and what will go through is another Local IP address (on RV345)?

if I got it right, then yes
here again:
I would like to forward a specific remote address incoming over a wan interface completely to an internal address at another firewall in a vlan on the RV345 including all ports and protocols. For IPSEC-VPN these are at least the ports 500udp, 4500udp and the ESP protocol.

i think that if you need a specific remote address incoming over a wan interface to get to a specific internal address behind the RV345 at certain ports then what you need is port-forwording + access-rule.

There may be another way to do this, maybe someone else will be able to give his advice

 

port-forwording

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5818-configure-port-forwarding-port-triggering-nat-on-rv34x-serie.html

 

access-rule

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5491-configure-access-rules-on-an-rv34x-series-router.html

 

thanks, i will test it tomorrow.

Can you tell me in which order the access rules and port forwarding and perhaps the other security functions are processed?

OK. I have tested.
Access Rule:
WAN1 from the specified remote ip address to the specified destination IP address in vlan 1 behind the RV345 with any traffic and any services, only work for services that do not run on the RV345 itself.

and now ?

OK. I have tested.
Access Rule:
WAN1 from the specified remote ip address to the specified destination IP address in vlan 1 behind the RV345 with any traffic and any services, only work for services that do not run on the RV345 itself.

and now ?