Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
611
Views
0
Helpful
2
Replies

RV320 to RV320 (GW to GW VPN), One Behind Another Router

Go to solution
Jim Lloyd
Level 1
Level 1

‎06-03-2019 10:37 AM

I need to set up a temporary VPN tunnel between two sites (both fixed IPs), but one is behind an existing router.  Can I port forward IP ports from the existing router to the RV320 I want to set up on it? If so, which ports?  I think I have come up with a possible list: 50, 51, 500, 1000, 1701, 4500, 10000.

 

I am guessing, that I can then follow the instructions for creating a Gateway-to-Gateway VPN tunnel set.

 

Thank you for any assistance you can provide!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jim Lloyd
Level 1
Level 1
In response to Glenn Martin

‎06-04-2019 04:24 PM - edited ‎06-04-2019 04:30 PM

First off, it is done and just got back from installing the hardware at the remote site...

 

We are relocating to a new building, and some employees have begun relocating to the new facility.  I had the first person on a private VPN through the ISP's provided Wi-Fi router... with only one static IP  Cell coverage is horrible at the new location, and we just '...have to have our cell phones!'

 

Since the RV320 doesn't have Wi-Fi, and to keep the segments isolated, I temporarily put a RV320 on the inside of the ISP router.  So, I found that I was correct... Assign the RV320 at the new location a fixed IP off the ISP router and forward the ports I listed to the original post to it:

 - UDP 500, 1000, 10000

 - L2TP TCP 1701

 - NAT-T TCP 4500

 - TCP 50, 51

.  That seems to have covered all the bases, except the PBX.  The ISP has port 5060, so I set up a session border controller and all is routing!

 

This is definitely not standard, and would have been smooth with two static IPs instead of one, but there it is (:>) 

 

Incase this is useful to anyone else... OK to close.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Glenn Martin
Cisco Employee
Cisco Employee

‎06-04-2019 12:17 PM - edited ‎06-04-2019 12:46 PM

what router do you have in the middle? Need to look at this a little closer as I'm not sure why you have this configuration. For Instance, is it: Rtr ---- WAN ---- Rtr ---LAN ---Rtr/Rtr --- LAN ---RTR --- LAN --- Rtr

 

Glenn

 

 

0 Helpful

Go to solution
Jim Lloyd
Level 1
Level 1
In response to Glenn Martin

‎06-04-2019 04:24 PM - edited ‎06-04-2019 04:30 PM

First off, it is done and just got back from installing the hardware at the remote site...

 

We are relocating to a new building, and some employees have begun relocating to the new facility.  I had the first person on a private VPN through the ISP's provided Wi-Fi router... with only one static IP  Cell coverage is horrible at the new location, and we just '...have to have our cell phones!'

 

Since the RV320 doesn't have Wi-Fi, and to keep the segments isolated, I temporarily put a RV320 on the inside of the ISP router.  So, I found that I was correct... Assign the RV320 at the new location a fixed IP off the ISP router and forward the ports I listed to the original post to it:

 - UDP 500, 1000, 10000

 - L2TP TCP 1701

 - NAT-T TCP 4500

 - TCP 50, 51

.  That seems to have covered all the bases, except the PBX.  The ISP has port 5060, so I set up a session border controller and all is routing!

 

This is definitely not standard, and would have been smooth with two static IPs instead of one, but there it is (:>) 

 

Incase this is useful to anyone else... OK to close.

0 Helpful
Customers Also Viewed These Support Documents