cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Get the latest Cisco news in this December issue of the Cisco Small Business Monthly Newsletter

1651
Views
0
Helpful
5
Replies
Highlighted
Beginner

Routing between tunnels on RV042

Hi,

I built a network with many RV042 routers as client networks and one main RV082 router as host network. There are gateway to gateway tunnels between them. Every client router is connected to main host router. Host router is 192.168.100.0/24 and clients are 192.168.101/24, 192.168.102.0/24, etc... I am able to ping every device in client networks from host network, but client networks aren't able to ping each other. I know that this is because RV042 offer tunnels only with the same subnet, I read many articles about it here and on many other forums. But isn't any way how to do it? I tried built tunnels with 255.255.0.0 netmask, but it didn't work. I think that it must be possible with some kind of static routing on host router, but i don't know how to do it.

Another problem is, that I have group VPN on host router for connecting from outside this network (from anywhere) which is working, but again... I can only ping devices on host network, client networks connected via tunnels are unreachable. Strange is, that when I set up second group VPN on host router with local subnet of some client networks I am able to ping that network from outside (so ping pass first time through one group VPN tunnel to host router and second time through tunnel to client router). So I decided to set up many group VPNs for connecting from outside the network (each tunnel for each client netwrok), but there is some silly limitation! Only two group VPNs can be created!!! Why!?! And again I am fuc*ed. I need to solve this problem ... some way.

This second problem is more important for me. I must be able to reach whole network from outside. So if anyone have some idea what to do, please help me. Thank You.

Everyone's tags (5)
5 REPLIES 5
Advocate

Routing between tunnels on RV042

Hi aaa, none of the small business products were really designed for multi site vpn like you describe. If you want this to work, you need to make a tunnel for each site per router.

The concept is actually very simplified, when creating a site to site VPN, the end points list the connecting gateway and subnet. Therefore it only updates the route table for the configuration provided.

You were clever to try to supernet the tunnel, but the router still maintains the limitation.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
Beginner

Routing between tunnels on RV042

Thank you for your reply... I was looking for solution whole day and finally I discovered simply hack for problem no. 1 on some other forum. I set 192.168.0.0/16 as local and 192.168.101.0/24 as remote on host router and 192.168.101.0/24 as local and 192.168.0.0/16 as remote on client rouer and it works!!! So now, I am able to communicate between whole network of RV042 routers with just only one tunnel per client router to host router!!! I am very happay about that and I think, that this information will be very useful for many people on this forum...

But it doesn't work with client-to-gateway connection. As I wrote if I could create more than 2 group VPN tunnels, everything should be fine... But there is this nonsense limitation. So I ask different question. How I connect to this VPN of RV042 routers from outside using normal tunnel instead of group VPN tunnel? Normal tunnel hasn't limitation but I don't know how to use it. I am using Shrewsoft VPN software using group VPN. So is there some way how to do it using standard tunnels? If yes, I am able to create some tunnels for each subnet and I am fine...

Contributor

Routing between tunnels on RV042

Interesting.  I have a configuration very similar to yours using multiple rv016s and some netgear equipment.  I use the PPTP server and can reach anything from anywhere once I'm inside the network.  I set up multiple tunnels, one from each router to all the others to create a vpn mesh.  Have you tried doing that?

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Beginner

Routing between tunnels on RV042

PPTP is disabled because I heard that it is not secure enough. I think, that PPTP is little higher layer than pure tunnels so router shouldn't to decide which IPSec tunnel is used for each packet. Because when I use pure tunnels, packet has original IPs source and destination device and it is compared with IPSec policies. But with PPTP it is maybe little different.

Yes, multiple tunnels one from each router to all the others is definitely technical solution but it is annoying to set if you have more than 5 networks. Too many tunnels.

How do you connect to the router via PPTP? Could you post some configuration details of the client?

Contributor

Routing between tunnels on RV042

Interesting.  Your explanation definitely makes sense.

As far as enabling the PPTP server and logging in, it's pretty easy.  I believe it is under VPN-->PPTP Server.  Enabled it and set up a user and password as well as IP range.  Then you can use the standard built-in MS client to connect:

http://support.microsoft.com/kb/314076

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com