Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1306
Views
10
Helpful
4
Replies

Cisco RV320 USB Dongle and VPN - Redundant / Failover

Go to solution
KonstantinosMentis05264
Level 1
Level 1

‎11-20-2019 04:20 AM

Hello,

We are using 3 RV320's for VPN between our locations.

Failover/Load balancing between the two Wan work perfect wihtout having any issues.

I wanted to make also a failover/Redundant connection with a USB Dongle.

Before everybody starts asking if it works or not, we are using D-Link DWM-157 which worked without any problem, neither on setup or failover. Tried all the possible situations ( Failover Hot / Cold / Primary), and always connected after a while.

The problem is.. How can I set it up for VPN, since we are using static IP's on all locations, and we are using Gateway to Gateway VPN. 3G/4G will never be static, and the thing is, that the two locations connect to a specific ip.

Moreover the remote group areas have a designated ip range, and when the wan's fail, it should open the 3/4g and connect again, thus opening ports and re-establish the vpn, without changing the remote Group's IP Address.

Any suggestions?

RV320 Connection TableRV320 Connection Table

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
raluani
Cisco Employee
Cisco Employee
In response to KonstantinosMentis05264

‎11-21-2019 01:47 AM

Hello,

In the Local Group Setup, your IP address will be the public IP for WAN1.
Where in the Backup the remote IP is the Main IP of the Remote site.
The backup interface is the USB, so that is correct.

Regarding the the fact that the USB has no static IP, you can use FQDN.
This way you will have the same domain for both connection and overall for the VPN, but it will be resolved to different IPs.

You can consider that option too.

View solution in original post

4 Replies 4

Go to solution
raluani
Cisco Employee
Cisco Employee

‎11-20-2019 08:40 AM

Hi,
You can set a second VPN, where you can state the interface to be, for example, USB 1.
USB 1 will remain inactive until WAN 1 is active, so that VPN will normally be down, unless USB 1 becomes UP.

You need to configure a total of 4 VPNs on each location ( for one site-to-site VPN).
R1 WAN 1 - R2 WAN 1
R1 WAN 1 - R2 USB 1
R1 USB 1 - R2 WAN 1
R1 USB 1 - R2 USB 1

Most of our Routers have the VPN fail-over under the advanced settings for the VPN.
Please make sure to update to the latest firmware and check if that is implemented for your series.
This way you will need only 2 entries.
R1 WAN 1 - R2 WAN 1 ; backup R1 WAN 1 - R2 USB 1
R1 USB 1 - R2 WAN 1; backup R1 USB 1 - R2 USB 1
( If you set the backup to be R1 USB 1 - R2 USB 1 if any of the WAN 1 fails, the VPN will try to be established via both 3G lines. If the lines are set as backup ( you are not using load balancing) the VPN will fail - as one of the 3G lines will still be down, as WAN 1 on one side will remain up).

Hope that makes sense.

If you need further assistance, i recommend opening a case, so we can better review your topology and configuration and assist.
If the option is not present in your router, we can raise a feature request, but that would also require a case.
https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

Go to solution
KonstantinosMentis05264
Level 1
Level 1
In response to raluani

‎11-21-2019 12:56 AM

Hello,

Thank you for your prompt reply.

I was thinking exaclty about that.

Setup of Remote Location >

  • So you are suggesting,going to the below table, and set exactly the same IP Address to Remote Backup IP Address, using Local Interface WAN1or2, and that's it?
  • As far as can understand the Local Group Setup will remain the same, and that one side will continue to connect to the other side, without having any issue, right?

RV320 VPN Advanced-1RV320 VPN Advanced-1

But what about the other side, the main Location?

Since there is almost never a breakdown in the lines, should there be also another Setup / Backup.

Because the VPN Connection is set up like this:

Main Location Static IP> MMM.MMM.M.MMM ,Connect to ,Remote Location 1 Static  IP > RRR.RRR.R.RRR

Remote Location 1 Static  IP > RRR.RRR.R.RRR,Connect to ,Main Location Static IP> MMM.MMM.M.MMM

The question is, Since 3G/4G is not Static, is there going to be a problem?

RV320, Main and RemoteRV320, Main and Remote

Thank you

0 Helpful

Go to solution
raluani
Cisco Employee
Cisco Employee
In response to KonstantinosMentis05264

‎11-21-2019 01:47 AM

Hello,

In the Local Group Setup, your IP address will be the public IP for WAN1.
Where in the Backup the remote IP is the Main IP of the Remote site.
The backup interface is the USB, so that is correct.

Regarding the the fact that the USB has no static IP, you can use FQDN.
This way you will have the same domain for both connection and overall for the VPN, but it will be resolved to different IPs.

You can consider that option too.

Go to solution
KonstantinosMentis05264
Level 1
Level 1
In response to raluani

‎11-21-2019 01:53 AM

Ok, I think I got the point.

Thank you for your informations.

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents