Azure S2S vpn configuration on RV340

Princetimber · ‎03-15-2018

Hi there,

I am new to Cisco but recently got a Cisco RV340 Dual WAN Gigabit VPN Router for the purpose of using its S2S functionality to establish a connection to Azure Cloud.

The Router is behind another edge NAT with port forwarding to udp ports 500, 4500.

The internet facing router has an internal IP Subnet 19.168.0.0/24 Public IP 83.12.x.x

The WAN IP for the cisco Router is 192.168.0. x/24

The Azure VPNGateway has an IP 40.91.198.x. with the VirtualNetwork IP 10.10.0.0/16 , Subnets 10.10.1.0/24, 10.10.2.0/24.

How do I configure this on the router, although I have only just purchased this for training purpose.

I really need your help on this.

Kind regards

Princetimber

nagrajk1969 · ‎05-10-2021

Hi

So basically your setup/deployment will be like below:

(local-an-nw)-----eth3.1[RV340]192.168.0.x----0.1[nat-router]83.12.x.x---{inet}-----(49.91.198.x)[AZ-Gw]----(10.10.0.0/16 local-nw)

So here the Local-Lan-Nw behind the RV340 can be assumed to be say for example 192.168.1.0/24

- Also assuming that the S2S tunnel would be using IKEv2...

- Since this RV340 is behind a NAT-Router, the S2S tunnel would be enabled and using NAT-T for sure

So in the S2S tunnel config page on RV340,

- select Local-ID as FQDN and give value such as gw1.test.local

- select Local-subnet as 192.168.1.0/24

- Select Remote-ID as FQDN and give value as "gw2.test.local"

- Select Remote-subnet and give value as 10.10.0.0/16

On Azure-Gw, reverse the configuration values as applied on RV340...

- Additionally since the RV340 is behind a nat-router, and since all traffic/tunnel is initiated by RV340 only...on Azure-Gw, confgure the remote-peer ip as "Dynamic-IPaddr" meaning that the Azure-Gw is configured as a responder-only passive gateway...