Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1272
Views
0
Helpful
4
Replies

RV340 IPSEC Site2Site VPN Issues

Go to solution
JayJenkins35869
Level 1
Level 1

‎01-19-2021 04:00 PM

I have two RV340 routers that are configured for a VPN IPsec Site2 Site tunnel. the tunnel shows to be up on both routers but i cannot ping any device behind the routers (switches, cameras, ect.)

i was able to configured the routers so i can remotely manage them but i need to remotely manage other equipment at the sites also.

 

i am a self taught networker so please keep responses easy to follow. firewalls totally confuse me... i get the idea but the terminology eludes me.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sujoy Paria
Cisco Employee
Cisco Employee

‎01-20-2021 03:01 AM

Hi,

You may check the following things…

  • Please make sure both the routers having different LAN IP subnet, IP subnet should not overlap each other. Example, site A LAN IP subnet 192.168.1.1/24 and site B LAN IP subnet 192.168.2.1/24.
  • Please disable the ‘Block WAN request’ once under Firewall Basic Settings and check the status.
  • Please check the Access Rules on both the Routers, whether any existing access rules denying the ICMP (Ping) traffic.
  • Whether the devices behind the routers (switches, cameras etc.) are configured with the gateway IP address as the respective router LAN IP address (For the IP subnet advertised in VPN tunnel).
  • From inside the router at each side, whether you are able to ping the devices (switches, cameras etc.) behind that router.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-20-2021 01:41 AM

Did you allow those subnet IP address part of the Tunnel to access ? (is ping allowed also )

 

check below config : Local and remote group to add for reference :

 

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5513-configure-a-site-to-site-virtual-private-network-vpn-connect.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Sujoy Paria
Cisco Employee
Cisco Employee

‎01-20-2021 03:01 AM

Hi,

You may check the following things…

  • Please make sure both the routers having different LAN IP subnet, IP subnet should not overlap each other. Example, site A LAN IP subnet 192.168.1.1/24 and site B LAN IP subnet 192.168.2.1/24.
  • Please disable the ‘Block WAN request’ once under Firewall Basic Settings and check the status.
  • Please check the Access Rules on both the Routers, whether any existing access rules denying the ICMP (Ping) traffic.
  • Whether the devices behind the routers (switches, cameras etc.) are configured with the gateway IP address as the respective router LAN IP address (For the IP subnet advertised in VPN tunnel).
  • From inside the router at each side, whether you are able to ping the devices (switches, cameras etc.) behind that router.
0 Helpful

Go to solution
JayJenkins35869
Level 1
Level 1
In response to Sujoy Paria

‎01-20-2021 03:08 PM

i got it working. the VPN has some weird flaw that will not allow "any" setting to be selected on both ends as the local setting. 

I had to set both VPNs at each end with "Subnet" settings in the local and remote portions. it started working great.

 

0 Helpful

Go to solution
Sujoy Paria
Cisco Employee
Cisco Employee
In response to JayJenkins35869

‎01-27-2021 02:41 AM

Hi,

Thanks for your reply. Glad to know that VPN is working now.

 

Regarding the “Any” settings under the VPN, please try to use ‘Remote IP Type’ as “Any” at local site and check the status, if that works.  

0 Helpful
Customers Also Viewed These Support Documents