Is it at all possible to channel all/some data traffic through an established ipsec tunneled connection using the RVL200?
I have successfully established an ipsec connection through RVL200 and RV042 routers and are able to connect to servers/computers behind it.
Now I want to channel all or some traffic through the ipsec-tunnel for computers that reside on 192.168.1.0 subnet of RVL200 network.
Main office - RV042 router - 10.200.62.1
Remote office - RVL200 router - 192.168.1.1
I am trying to use the Advanced Routing option to add static routes but I am not 100% sure if I am configuring the routes correctly.
To give an example of routing DNS requests for HOTMAIL.COM [220.127.116.11]:
Destination IP - 18.104.22.168
SM - 255.255.0.0
GW - 10.200.62.1
Hop - 1
Interface - LAN
For some reason this does not appear to work. I have also tried using the interface setting of WAN and tested - this also does not work.
Can this be done? If anyone has tried doing this I would be very interested in finding out how to configure this.
Solved! Go to Solution.
I came across the below information from the routers help page:
This Router is also capable of dynamic routing (see the Dynamic Routing tab). In many cases, it is better to use dynamic routing because the function will allow the Router to automatically adjust to physical changes in the network's layout.
In order to use static routing, the Router's DHCP settings must be disabled.
Is it actually necessary to disable DHCP in order to make static routing work properly?
I have a wireless router connected to the RVL200 which receives a DHCP address.
One thing I also noted was when I add the static route and save, the routes does is not displayed when I click on "Show Routes".
Could do with some pointers.
>Is it actually necessary to disable DHCP in order to make static routing work properly?
No, it's not necessary. The help info you referred to is incorrect.
Thank you for confirming that I don't need to disable DHCP in order to get Static Routing to work. I have spent quite a lot of time but for some reason just can't seem to register any static routes because when I look at the table it is not there.
Basically, what I have got setup is a Gateway-Gateway IPSEC tunnel. The configuration of both RV042 and RVL200 does not provide for adding any additional routes. There are two settings Local Group and Remote Group Setups.
The basic diagram of my network connectivity.
What I am trying to do is enable connectivity to a cloud hosted web based accounting application which is Geo-location restricted. The aim is to route the dns request of 192.168.1.0 clients of www.website.co.uk via the VPN tunnel.
Besides the access to the web application the tunnel is functionally working without issues for Windows AD authentication and print services, its just that I can seem to get the DNS resolution to work.
Tekliu, thank you very much for your reply. It looks like I will have to revert to using a RDP desktop in order to access the application across the VPN to get by until I can get upgrade to newer RV0xx routers. Just one last question.
Please advice if I can get away with replacing only one of the routers, in this case if this is possible which side should I replace first bearing in mind I need the split DNS to work from the remote office where the RVL200 router is sited.
Because the VPN tunnel is working very reliably and doing what it was meant to do. The Split DNS requirement is not a must have feature because the access to the web application is only required on ad-hoc basis once a month.
As a side note, I was wondering if anyone knows or has tried to overcome hardware split DNS for VPN tunnels by configuring some sort of lite weight DNS service on one of the client PCs at the remote site?
You can statically assigned the DNS server to the computer of a remote DNS IP. However, once the tunnel is down, your local machine won't resolve DNS without being able to reach the DNS.
Please mark answered for helpful posts
For some reason the DNS IP settings does not seem to work.
I started looking at the option of using the Quick VPN client which appears to have a setting for enabling Remote DNS.
I have setup a test user on both the RV042 and RVL200 to test if I can overcome the Split DNS limitation. But for some reason I can't connect to either of the two routers. I have installed the client on a 64bit Windows 7 client machine which has the Windows Firewall service enabled.
I keep getting the below error, there is no conflict with the IP address scheme and the password is correct.
Could it be this new client does not support the older Linksys badged RV0xx routers? Because Split DNS is only supported on v3 hardware. The firmware on my RVL200 is v1.1.12 .1.
What should I check to enable connectivity using this client? Or is because it does not support 64bit WIndows 7? I have even exported the certificates for both Admin and User into the C:\Program Files (x86)\Cisco Small Business\QuickVPN Client folder.