I have RV160 Router that is part of my network, the RV160 is only used for VPN access. When I am connected to the VPN I am unable to access local network. IE can't print to printers or access mapped network drives.
My network topology is as follows:
ISP Modem cat 5 to > RV160 WAN Port (RV160 172.16.10.1) LAN 1 to > Linksys MX400 Wireless Router 192.168.2.1. The Linksys MX400 handles internet access for all my wired and wireless devices.
The RV160 Configuration: WAN Settings: IPv4 Settings: Connection Type: DHCP DHCP Settings: Use DHCP Provided DNS Server > Dynamic DNS Enabled using No-ip.com account. > VLAN Settings: VLAN ID: 1, Name: Default, Inter-VLAN Routing: Enabled, Device Management: Enabled, IPv4 Address/Mask: 172.16.10.1/24, 255.255.255.0, DHCP Server 172.16.10.100-22.214.171.124 > Static Routing: Network: 192.168.2.0, Mask: 255.255.255.0, Next Hop: 172.16.10.2, Hop Count: 1, Interface: VLAN 1 > Entry 2: Network: 10.1.4.0, Mask: 255.255.255.0, Next Hop: 192.168.2.0, Hop Count: 1, Interface: WAN > Firewall: NAT: Interfaces: WAN, Enable NAT: Yes
VPN is configured as follows: OpenVPN is Enabled, Interface: WAN, Client Address Pool: 10.1.4.0, Netmask: 255.255.255.0, Protocol: UDP, Port: 1194, Encryption: AES-256, Tunnel Mode: Split Tunnel with following IP Address: 172.16.10.0 255.255.255.0 and 192.168.2.0 255.255.255.0
I am able to connect to the VPN. I am also able to RDP into a PC on my network using 172.16.10.2 and the port number.
However, when not connected to the VPN and just on my local network, when I login to the RV160 and go to: Administration > Diagnostic > Ping or Trace on IP Address and I attempt to ping the Linksys Router (192.168.2.1) the network is unreachable.
But if I go to CMD on Windows PC while connected to local network and ping 192.1682.1 or 172.16.10.1 I get replies as i should.
a) from your description of the static-route entry you have added in RV160 for reaching the network 192.168.2.0/24, you have mentioned that the next-hop is configured as 172.16.10.2
b) So is this 172.16.10.2 a router? Or is it a windows-host configured with 2 interfaces - 1 interface configured with 172.16.10.2 and another interface configured with a ipaddr as 192.168.2.x????
- iam assuming that you have tried to configure a windows-host (with 2 interfaces ) as a router...becos you have mentioned that you are able to connect RDP to 172.16.10.2 from the openvpn client after the vpn-tunnel is UP
a) I wonder why you did not connect the Linksys-Router wan interface directly to the LAN1 port of RV160 AND configured it a ipaddress of 172.16.10.2???
- why did you introduce a internal-router in between the Linksys-router and RV160?
3. One more thing, immediately delete the Static-Route Entry2 (for network 10.1.x.x), its unnecessary and its wrong to add this route.
- when you configure openvpn-server with the ip-pool 10.1.x.x, it knows how to route to the clients (via the wan interface)- you dont assume that you need to add a explicit route additionally...remove it!
4. As for you being able to reach 192.168.2.1 from a windows-host in the lan-network ...which windows-PC are you talking about?..is this the same PC with the ipaddress 172.16.10.2 (and also has one more interface with the ipaddr in 192.168.2.x network??)????
5. I would very strongly recommend and suggest the following:
lets assume that:
- the lan-side network behind Linksys-router is 192.168.100.0/24, and the lan-interface ipaddr of Linksys-router is configured as 192.168.100.1/24
- also lets assume that all the wireless-hosts and other lan-hosts conneted to lan-network of Linksys-router are configured with the ipaddr in the network 192.168.100.x/24 AND very importantly their Def-Gateway ipaddr is configured as 192.168.100.1
step-a) Instead of a Internal-Router (that too a windows-PC!!!????), as mentioned by me above, you should configure the wan-interface of Linksys-router with the ipaddr 172.16.10.2/24 (and default-gw 172.16.10.1) and connect it directly to the lan1 port of RV160....
step-b) and once you have connected as in step-a above, add a static-route entry in RV160 for 192.168.100.0/24 and next-hop is 172.16.10.2 (the Linksys-Router wan ipaddr)
c) In the split-tunnel config in OpenVPN server on RV160, add the 2 subnets 172.16.10.0/24 and 192.168.100.0/24
d) thats all you will need to do for the openvpn clients to access the 192.168.100.x network & 172.16.10.x network after establishing the vpn-tunnel
No you dont want to follow suggestion-1 and insist on using the Internal-router connectivity that is deployed now...then please enable IP-Routing/IP-Forwarding on the Windows-Router that you have configured...this has to be done in registry...its NOT enabled by default..thats windows for you
OR the better method would be to replace the Windows-Router with a Linux-Host (say a Ubuntu-Linux) and it has IP-Forwarding/IP-Routing enabled by default...and will route traffic between its directly-connected interfaces (172.16.10.2 and 192.168.2.x) easily
This Chat covers the intersection of technology and social impact from community to global levels. Learn how digital maturity accelerates SMB growth and profits that can fund social programs and enable sustainable business practices like remote work.
This Chat covers the intersection of technology and social impact from community to global levels. Learn how digital maturity accelerates SMB growth and profits that can fund social programs and enable sustainable business practices like remote work. We'l...
Join us live on Thursday, April 29 at 10 am PT as we discuss how the pandemic affected non profits and find out what their secret weapon was to weathering the past year. Our guests will share how giving back during this challenging time actually enabled t...
Join us live on Thursday, April 29 at 10 am PT as we discuss how the pandemic affected non profits and find out what their secret weapon was to weathering the past year. Our guests will share how giving back during this challenging time actually enabled ...
Discover the cybersecurity strategies that small and midsize business (SMB) leaders are using to thrive in today's ever-evolving threat landscape.
The Cisco Cybersecurity Report Series is a collection of thought leadership studies. This spin-off from our...