Solved: Re: RV180 VPN route all internet traffic through IPSec VPN

Jared Oliver · ‎07-31-2013

Hello,

I've setup my RV180 to VPN to our head office Fortigate 60C. It works really well

My only problem is that I'm not sure how to make internet traffic at our remote site go through to head office. We want to use this technique so that all sites have the same web filtering provided by our main Fortigate unit. I can clearly see that any traffic destined for our internal network will go trough the VPN tunnel, but internet traffic will go through our modem at the remote site.

My fortigate way of thinking said that I need a static route to forward all traffic through the VPN tunnel. I have read elsewhere that I need to setup some sort of ACL.

Does anyone else have any ideas on this/has anyone successfully set up somehting similar?

vvijaysa · ‎08-01-2013

Hello Jared,

I don't think RV180 supports full tunneling. Full tunneling allows you to route all your traffic through VPN. RV180 does only split-tunneling.

Thanks,

Vijay

Sent from Cisco Technical Support iPad App

View solution in original post

Jared Oliver · ‎07-31-2013

If I were using a Fortigate I would setup a route for 0.0.0.0/0.0.0.0 to go through the VPN interface. Is there something similar available for this router?

R0man Hardware · ‎10-11-2015

Hi Jared,

Did you find a solution for the configuration described above please ?

Thanks

Jared Oliver · ‎10-11-2015

Hi R0man,

Sort of - I threw the device away. I instead went with a couple of Cisco 881. There was a steep learning curve, but it was very rewarding. I used this website to help build a base configuration - http://www.ifm.net.nz/cookbooks/800-isr-wizard.html

Unfortunately, the 800 series is a bit under-powered - as soon as the WAN link went above 30mbps up and down it started freeze every so often. We're now looking at another compatible manufacturer. Tests are very positive. I can tell you more if you're interested.

Regards,

Jared

R0man Hardware · ‎10-12-2015

OK I understand that I have to sell my RV180W and find another config. But I can't say that I'll choose Cisco 881. Today it could be better (and less expensive) to build a small "server" on Intel J1800 or N3050 Mini-ITX fanless board and use it for routing and any other needs we can have than play with expensive and closed Cisco boxes. At least when you are a SME/SOHO ... Thanks anyway for reply, Jared.

Jared Oliver · ‎10-12-2015

I will say the Cisco 881 aren't very expensive and give fantastic uptime.

Have a look at Huawei AR160 if you get a chance. Very similar to 881, but with greater performance and multiple WAN options for fail-over i.e. Fibre, VDSL and 4G.

vvijaysa · ‎08-01-2013

Hello Jared,

I don't think RV180 supports full tunneling. Full tunneling allows you to route all your traffic through VPN. RV180 does only split-tunneling.

Thanks,

Vijay

Sent from Cisco Technical Support iPad App

Jared Oliver · ‎08-01-2013

Thanks Vijay. That makes sense. Would you happen to know of any small business routers that do support full tunnelling? Say the RV220W? Is there an easy way to tell?

Sent from my keyboard

vvijaysa · ‎08-01-2013

Hello Jared,

Thanks for rating the answer. Yes, you can search for the term "Full tunnel" on the administration guides of RV routers. Also, search for "split-tunnel" support/"split-tunnel" mode (as if it has a split-tunnel option, turning it off means you are actually on full tunnel mode).

Yes, RV220W and RV320 can support full tunnel-ing.

Hope this helps,

Vijay

Jared Oliver · ‎08-01-2013

That's cool. I notice the full and split tunneling features on the RV220W are for SSL VPN. Does this apply for IPSec VPN also?

mpyhala · ‎08-01-2013

Jared,

Split/full tunnel setting is for SSL VPN only on the RV220W.

- Marty

HidetoshiNemoto · ‎08-13-2013

but would a static route works for the scenario ?