Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7505
Views
0
Helpful
13
Replies

Setting Up Cisco VPN Router With An Existing Router

Go to solution
jsnyman1011
Level 1
Level 1

‎07-03-2012 04:16 PM - edited ‎03-07-2019 07:35 AM

I purchased two Cisco VPN routers recently with the intension of setting up a VPN across two physically separate networks. I was able to set up the one without too much pain: I simply connected the cable modem to the Internet port on the Cisco router and the WAN IP address showed on the status page of the router configuration site.

At the second location, there is a Wi-Fi router / DSL modem (one device) provided by our ISP. Connecting one of the available ports on this device to the Internet port on the Cisco router doesn't work: the Cisco router seems unable to connect to the internet (no WAN IP address shows up on the status page). How should I configure the Wi-Fi router to make this work? For instance, should the Wi-Fi router's DHCP server be on or off?

I'd appreciate any help that can be provided. Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Alessio Andreoli
Level 5
Level 5

‎07-05-2012 11:29 AM

Hi there,

the cisco switchport is wrong. You need to use a layer 2 port to communicate with the modem.

Tagoing for my train

Alessio

View solution in original post

0 Helpful
13 Replies 13

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni

‎07-04-2012 06:50 AM 

Juan Snyman wrote:
I purchased two Cisco VPN routers recently with the intension of setting up a VPN across two physically separate networks. I was able to set up the one without too much pain: I simply connected the cable modem to the Internet port on the Cisco router and the WAN IP address showed on the status page of the router configuration site.
At the second location, there is a Wi-Fi router / DSL modem (one device) provided by our ISP. Connecting one of the available ports on this device to the Internet port on the Cisco router doesn't work: the Cisco router seems unable to connect to the internet (no WAN IP address shows up on the status page). How should I configure the Wi-Fi router to make this work? For instance, should the Wi-Fi router's DHCP server be on or off?
I'd appreciate any help that can be provided. Thanks!

Juan,

In your case that is on second location the tunnel will be created via wireless link and the router behind the link with private ip address. Could it be possible for you to check with ISP that they need to allow vpn connection between your vpn concetrator to others.

Hope it Helps !!

Regards

Ganeshh Iyer

0 Helpful

Go to solution
jsnyman1011
Level 1
Level 1
In response to Ganesh Hariharan

‎07-05-2012 11:34 AM

Thanks for your help! However, I am not having issues setting up the VPN. The problem is simply getting the Cisco router on the internet (a

prerequisite of creating the VPN).

0 Helpful

Go to solution
kototechnologies
Level 1
Level 1

‎07-04-2012 09:07 AM

Juan,

Your first issue is the DSL modem. They are typically set for DHCP for a NAT LAN address. You will need to do two things. First call the ISP and put the modem in Bridge mode then see if they have a static ip. One of your locations needs a static IP. If they are using DHCP then you need to set routers WAN port in DHCP mode.

Once that is done then you should be able to set up your VPN.

Neadom

Sent from Cisco Technical Support Android App

0 Helpful

Go to solution
jsnyman1011
Level 1
Level 1
In response to kototechnologies

‎07-05-2012 11:37 AM

The location with the Wi-Fi router / DSL modem does have a static IP address.

I will find out from the ISP how to put the router / modem into bridge mode.

Thanks a ton for your assitance. I will mark this as the "correct answer" once I hear back from the ISP.

0 Helpful

Go to solution
Alessio Andreoli
Level 5
Level 5

‎07-05-2012 11:29 AM

Hi there,

the cisco switchport is wrong. You need to use a layer 2 port to communicate with the modem.

Tagoing for my train

Alessio

0 Helpful

Go to solution
jsnyman1011
Level 1
Level 1
In response to Alessio Andreoli

‎07-05-2012 11:39 AM

Sorry for being stupid but I have no idea what you are talking about. What is a switchport and a layer 2 port?

(Also, I accidentally marked this reply as the correct answer. Is there a way to undo this?)

0 Helpful

Go to solution
kototechnologies
Level 1
Level 1
In response to jsnyman1011

‎07-05-2012 06:56 PM

Not sure what Alessio is talking about as all switch ports are Layer 2...

Did you get the info from the ISP?  Also what VPN Routers do you have?

Neadom

0 Helpful

Go to solution
Alessio Andreoli
Level 5
Level 5
In response to jsnyman1011

‎07-06-2012 02:29 AM

Hi Juan,

if you give me the cisco switch model you have i can confirm/correct what i was telling. However, on most of the smart switches the WAN port is a layer 3 port that means it can understand routed protocols like IP while the rest of the ports are layer 2 that means they are able to talk in terms of frames (like Ethernet).

Hope this clarifies

Alessio

0 Helpful

Go to solution
jsnyman1011
Level 1
Level 1
In response to Alessio Andreoli

‎07-06-2012 10:32 AM

The Cisco router I am using is the Cisco RV042 Dual WAN VPN Router.

0 Helpful

Go to solution
jsnyman1011
Level 1
Level 1

‎07-06-2012 10:30 AM

I did contact the ISP and found out how to put the modem/router they provided into bridge mode (the setting is called "transparent bridging" and is found on the "WAN" page where you configure PPPoE information). I also got the PPPoE password from them.

With the modem/router in bridge mode, I configured the Cisco router to use PPPoE with the information provided by the ISP. The Cisco router now lists the WAN IP address and DNS server on the status page! I was sure at this point that everything was working but apparently not.

The computer I connected to the Cisco router, did not have internet access. Running Windows 7's network diagnostics wizard tells me that the DNS server is not responding. However, using the DNS diagnostic tool on the Cisco router does resolve "google.com". Pinging "google.com" from the Cisco router's test interface does not work. I have no idea what to do now. As soon as I remove the Cisco router from the equation and enter the PPPoE details back into the ISP's modem/router, the internet works.

0 Helpful

Go to solution
Alessio Andreoli
Level 5
Level 5
In response to jsnyman1011

‎07-06-2012 12:23 PM

I guess you need:

a) Complete your NAT

b) try to set manually on your PC the DNS 8.8.8.8

c) ip name-server on the cisco router if you want a centralised control

d) DHCP server enabled

e) veifying if you need the ip helper-address command below the SVI that will provide connectivity to your PC

Let us know

Alessio

0 Helpful

Go to solution
jsnyman1011
Level 1
Level 1
In response to Alessio Andreoli

‎07-06-2012 03:11 PM

Forgive me for my ignorance but as I am not a IT professional I do not understand all the terminology you are using. I'll try my best to address the points you mentioned:

a) Complete your NAT

The only reference to "NAT" that I can find in the support docs for this router is about "One-to-one NAT". Apparently "[t]his process creates a relationship that maps a valid external IP address to an internal IP address that is hidden by NAT. Traffic can then be routed from the Internet to the specified internal resource." Not sure why I would need to set this up -- it sounds like something you would do if you needed servers to be accessible from the internet.

b) try to set manually on your PC the DNS 8.8.8.8

I have already tried this. Although Windows seems to think the lack of internet connectivity is due to a DNS issue, this does not seem to be the case as the router's diagnostic utility claims the DNS server is responding to requests. Furthermore, if it was an issue with the DNS server, changing it to a different one (such as Google's 8.8.8.8) should fix the issue, should it not? It doesn't.

c) ip name-server on the cisco router if you want a centralised control

No idea what you are are referencing here. Again, probably due to my own lack of knowledge. I do know that name servers have to do with DNS but have no idea what they have to do with centralised control or why I need that. Can you please elaborate?

d) DHCP server enabled

I actually have a Windows Server on the network that is running a DHCP server. I disabled the router's DHCP server so that they do not conflict. I can re-enable it if you think it will help. After looking over the router's docs, I noticed a DHCP relay feature that I haven't enabled. I think I should try turning that on but I am doubtful it will result in resolution of the internet problem.

e) veifying if you need the ip helper-address command below the SVI that will provide connectivity to your PC

Could you further explain this as well?

Thanks a ton for your time and effort. I really appreciate your assistance.

0 Helpful

Go to solution
Alessio Andreoli
Level 5
Level 5
In response to jsnyman1011

‎07-06-2012 03:35 PM

Hi There,

let's not talk about ignorance otherwise i should not say at all my opinion in Cisco world!!!!

ip helper-address ip_number 

is a command that you should put below the interface VLAN 1 (SVI = switched virtual interface or our common interface vlan x command)or whatever vlan you created to connect your PC and it is there to gather the DNS request on port 53 and to forward this request as a unicast to the address from you specified

when you set the DNS server address on the router, essentially you mantain control over this service from your router only. that is why you can talk about "centralised" control.

let's do some basic checklist:

1) can you ping from your pc teh gateway? that should be 192.168.x.1/24

2) if you can ping it, can you ping the external interface of the Cisco router?

3) if you can ping it all the LAN issues are not present.

4) are you sure about your PPPoE config?do you want to share your config?

check this link:

https://supportforums.cisco.com/docs/DOC-8063

it is a pratical link for the most of what you need.

Let us know

Alessio

0 Helpful
Customers Also Viewed These Support Documents