Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1031
Views
10
Helpful
6
Replies

Site to Site VPN with RV340W - Windows File Sharing

Davester34
Level 1
Level 1

‎06-22-2018 04:40 PM - edited ‎03-05-2019 10:39 AM

I have two SMB routers at 2 sites.  Both are model RV340W.

I have successfully configured a VPN, status shows connected and the VPN lights are solid green.

The host network is 192.168.0.1/24 and the remote is 192.168.1.1/24

From the host network I can ping the remote router (192.168.1.1) and vice versa, but I cannot ping any of the client computers behind the opposite side of the VPN. (EDIT: I can now ping the other side by ip address)

 

I need to be able to ping the remote computers, and will also want to use Windows file sharing between them (access \\hostpc\share )


I've followed the instructions here https://supportforums.cisco.com/t5/small-business-support-documents/configure-a-site-to-site-virtual-private-network-vpn-connection/ta-p/3170641 , with one exception.  There is a link in the document which is supposed to guide you on adding an IPSEC entry, but the link is broken / links to a different document.  The broken link points to https://supportforums.cisco.com/t5/small-business-support-documents/configure-a-bluetooth-device-on-a-cisco-ip-phone-8800-series/ta-p/3168558 and can be found in Step 3 of the remote setup in help document 3170641 (linked above)

I've managed to get a connection without those instructions (using 'Default' IPSEC profile), but maybe I've missed something ?  Regardless, I can only ping as far as the other router, not the clients behind, and am unable to connect to UNC shares  ( \\hostpc\sharename )

Do I need to create ACL entries ?  Is there any guidance / instructions on this ?

Hope you can help

Thank you

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎06-23-2018 10:31 AM

Hello,

 

hard to tell what you missed. Did you specify the local and remote networks when you set up the tunnel (page 78 of the attached user guide) ?

 

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/RV340/Administration/EN/b_RV340_AG.pdf

Davester34
Level 1
Level 1
In response to Georg Pauwen

‎06-23-2018 02:29 PM - edited ‎06-23-2018 02:59 PM


Thanks for your reply,

Yes I configured the local and remote identifuers to FQDN (dyndns.com domain names) and set to ... subnets -192.168.0.1 /24 and 1.1/24

I got the ability to ping the other computers now, (I believe that came since checking to enable NetBios broadcasts)

still not able to connect to a windows file share though.

Over the Lan I can hit the shares fine, but not over the vpn. Is there are firewall rule adjusts. Firewall is current set to allow all over lan, and deny all over wan. Since the pings are getting through, i assume it is treating vpn traffic as LAN traffic and not WAN traffic.

0 Helpful

Georg Pauwen
VIP
VIP
In response to Davester34

‎06-24-2018 12:03 AM - edited ‎06-24-2018 12:10 AM

Hello,

 

if you can ping the other side that means traffic is going through the VPN.

 

Disable the Firewall altogether to check if the rules need to be adjusted:

 

Firewall --> Basic Settings (page 65 of the user guide

 

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/RV340/Administration/EN/b_RV340_AG.pdf

 

Also, make sure you are running the latest firmware release (1.0.01.18)...

 

Davester34
Level 1
Level 1
In response to Georg Pauwen

‎06-24-2018 10:35 AM

Thanks for the reply! I won't have access to the site(s) again until Tuesday night.  I'll check that then.

0 Helpful

Georg Pauwen
VIP
VIP
In response to Davester34

‎06-24-2018 10:41 AM

Hello,

 

ok, curious to know what you find. To be sure, check if the local machines themselves might be blocking the shares...

0 Helpful

Davester34
Level 1
Level 1
In response to Georg Pauwen

‎06-28-2018 04:55 AM

Took another look at this last night.  Wasn't making much progress and suddenly the router web admin page popped up that there was an update.  The version # of the update was 1.0.02.9000 .  I had been running the newest version 1.0.01.18, which is still the newest version shown on the Cisco site.  IT seems the router web admin software might be the best way to find the newest version.

After downloading the update, the VPN started working again.  However please note, some of my configuration settings didn't carry over properly to the new version.  For instance WAN went from PPPOE to DHCP losing internet connectivity.  I must say the new software seems much much better once you address these kind of configuration changes and the windows networking started worked as soon as I upgraded.  If I didn't have physical (non remote) access to the router when I did the firmware upgrade I would have been in trouble. 

 

The new software is much better, looks totally different all around.  I love it, but I got lucky that I was able to access both physical customer locations last night, after the update knocking out my WAN connection (among other configuration losses / changes)

Sharing this hoping it can help others avoid a terrible experience, and to share that the site to site VPN in the newest firmware seems to work much better.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card