cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.
Get the latest news in this issue of the Cisco Small Business Monthly Newsletter

229
Views
0
Helpful
4
Replies
Highlighted
Beginner

RV340 Configuration Interface entering Remote Endpoint as FQDN

I've been making good progress deciphering the RV340 interface.  But there are a couple of things I'd like to understand:

In VPN / Client-to_Site Tunnel Group / 3rd Party Client / Advanced there is an entry for

Remote Endpoint with a  pulldown that includes "Static IP" and "FQDN".

I continue to be confused over IP addresses and "IDENTIFIERS" because they are presented using the same terms.

Anyway, an "endpoint" is a new term for me in the lexicon and I can't tell which it's supposed to be.

I believe I need to use the remote identifier FQDN that I'm using.

HOWEVER, when the entry is made:

Pull down "FQDN"

Enter a name like ccn.com

It will not accept the name!!  This is even though the name is accepted elsewhere in the RV340 settings.

 

Is this a bug?

Is this cockpit error?

Am I breaking some rule for these entries?

THANKS SO MUCH!!

4 REPLIES 4
Highlighted
VIP Mentor

Re: RV340 Configuration Interface entering Remote Endpoint as FQDN

Not sure what is the Firmware you running here. (i do not have a device to test)

 

but as per the document and emulator, it takes any FQDN.   (versions 1.0.3.X)

 

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5513-configure-a-site-to-site-virtual-private-network-vpn-connect.html

 

 

BB
*** Rate All Helpful Responses ***
Highlighted
Beginner

Re: RV340 Configuration Interface entering Remote Endpoint as FQDN

BB: Thanks for the response!

 

I'm running the latest firmware.  1.0.03.18.

When I say it doesn't take it, that's exactly what is happening.

The typical entry, if accepted, results in a blue-ish frame around the entry box.

If not accepted, results in a red frame around the entry box - which means it isn't going to "stick".

So, any suggestions?

 

This is a Client-to-Site configuration.  (I should have said so).  Nonetheless, I have reviewed the Site-toSite document you linked for context and learning the terms and labels being used.  This is about actual interface behavior and not about what  anything says it's supposed to do.

 

You say: "any FQDN".  Unfortunately, it seems that VPN implementations call entries various things:

Certainly if it's an "Identifier" (I'm not sure in this one setting WHAT it means because it uses a colloquial term "end point" and NOT the normal REMOTE IP ADDRESS or REMOTE IDENTIFIER. 

The FQDNs were are using are not "real" and, thus, not resolvable.  And, for that matter, can't be resolved in our lab with a pseudo publlic internet address space.  So, if the RV340 were connected to a live public IP address then maybe the settings behavior would be different.  Maybe it would say: "not resolvable".  But then, in that case we'd be screwed because the remote endpoint is a roaming user with many locations - so we can't use IP addresses for them.  Even so, I *have* experimented using the actual IP addresses in the lab to see if we can't make progress.  I'm getting close but no final success yet.

 

 

Highlighted
Beginner

Re: RV340 Configuration Interface entering Remote Endpoint as FQDN

I have since learned through trial and error that there is ONE entry "Remote Endpoint" that applies apparently different, more stringent, rules to the structure of the names.  Heretofore, for years we have been using fvs_local.com and fvs_remote.com and I have been attempting to continue using the same IDs in the RV340 configuration.  However in Client-to-Site Tunnel/Group Settings in the Advanced Section, the Remote Endpoint entry will NOT ACCEPT those names.  This is apparently due to the underscore.  When the underscore is removed, the name is accepted there.  In all other entries of those names it works either way.  One might venture to suggest that this is a bug.  However, this one entry appears to be the only entry where the FQDN rules are more fully checked.  Underscores are not allowed in a formal FQDN.

Highlighted
VIP Mentor

Re: RV340 Configuration Interface entering Remote Endpoint as FQDN

after learning that. FQDN does not have any "_" nor I have seen godaddy offer that domain name with that.

so as per RFC the rule builds correctly, maybe it was accepted before, so new code will not take as it follows the proper process to look for name lookup.

 

glad you found a good point.

 

BB
*** Rate All Helpful Responses ***