Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
539
Views
0
Helpful
6
Replies

1 VPN tunnel to Multiple Subnets on R325

phantom999b
Level 1
Level 1

ā€Ž02-06-2015 06:46 PM

I recently obtained 2 R325 routers and I am tying to configure the routers to do multiple remote groups (3 different routes) over 1 VPN tunnel. Has anyone figured out how to do this by only using 1 tunnel? I know I can setup multiple tunnels to achieve this but, I am looking to replace multiple ASA's with this device and the ASA's are able to do this without the extra tunnels setup and VPN overhead for each route.

 

Thanks in advance for any help with this issue.

Labels:
0 Helpful
6 Replies 6

cchamorr
Level 5
Level 5

ā€Ž02-09-2015 09:07 AM

Hello, 

The answer to your question is that it is not possible to access multiple remote groups using a single tunnel. This device just doesn't have that capability.

Now, there may be a workaround (I haven't try this yet), but it will depend on the subnets you are trying to reach across the tunnel. 

Could you give me an example of all the subnets you are trying to reach? I will try the workaround later today and see if it works, but it would be good to have that info from you. 

0 Helpful

phantom999b
Level 1
Level 1
In response to cchamorr

ā€Ž02-09-2015 11:09 AM

cchamorr,

Thank you for your response, I am a little disappointed that this product is unable to do what equipment that is already in place is doing. Currently I am working with 2 different subnet's 192.168.1.0/16 data network and 172.16.0.0/16 phone network.

 

Thanks for looking into this. 

0 Helpful

cchamorr
Level 5
Level 5
In response to phantom999b

ā€Ž02-09-2015 12:05 PM

Thank you for the information, 

I checked the device using your settings and subnets and there is no way to have the device pass traffic for both subnets on the same tunnel.

Please keep in mind the ASA units are Enterprise level, meaning they have more features and so they are also more expensive, but this Rv325 is a very good unit for the price.

 

0 Helpful

SamirD
Level 5
Level 5

ā€Ž02-24-2015 07:03 PM

I'm not sure why you don't want the three tunnels.  I know bandwidth can be a premium, but try it vs the ADAs and do some iperf tests on both configurations.  I doubt you'll see more than 5% difference between the two.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful

phantom999b
Level 1
Level 1
In response to SamirD

ā€Ž03-04-2015 06:35 PM

Samir, 

I am working with multiple sites that have some aging equipment, and the sites are connected by a full mesh network setup. One site could have a minimum of two tunnels going for some of the of the main services and x number of tunnels established to enable the full mesh network. One unit has been deployed with up to fifteen tunnels connected to it due to the limitation of each IP range needing to have a separate tunnel connected to it, which the aging equipment did not have. I am working with the network administrator to make sure that the one that has been deployed does not cause too much overhead and there is no issues preventing us from deploying a few more of these devices where they are needed. 

0 Helpful

SamirD
Level 5
Level 5
In response to phantom999b

ā€Ž03-04-2015 08:24 PM

I understand.  As you begin to push the limits of the device, watch for things like lockups, required reboots after a few days to restore full functionality, and general slowness.  Your configuration may push these units to the edge of their usable design.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful
Customers Also Viewed These Support Documents