cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2101
Views
5
Helpful
6
Replies

Cisco RV042, VPN Hub and Spokes, connecting spokes issue

itadminasf
Level 1
Level 1

Hi,

I have few router Cisco RV042, and VPN links between them with a hub and spokes topology.

Every spoke VPN works, they succeed to connect to the hub.

The hub can see every spokes VPN active.

A computer under the hub can connect to a computer under any spoke.

A computer under any spoke can connect to a computer under the hub.

That works great.

Now, what I really need is to connect computers under a spoke to connect to computers under an other spoke.

This do not work.

Actual LAN configuration :

HUB     IP / mask: 192.168.0.1 / 255.255.255.0

Spoke1 IP / mask: 192.168.1.1 / 255.255.255.0

Spoke2 IP / mask: 192.168.2.1 / 255.255.255.0

I was wondering if the Cisco RV042 can be configure to allow that and HOW?

If it can't be done, what other router should I use as the HUB? Does I need to change the spokes as well?

Thank you and have a nice day

6 Replies 6

raga.fusionet
Level 4
Level 4

Hi Charles,

I dont have much experience with the RV042, but it looks like you just need to redefine your interesting traffic. If you can add more than one subnet per tunnel then I think that It should allow the communication between the spokes.

Check  out this post. I explained how to allow the communication between the spokes, using a Cisco IOS router. At least it will give you an idea of you need to do:

https://supportforums.cisco.com/message/3411951#3411951

Have a good one.

Raga

Thank you very much for this answer.

The configuration for the Cisco RV042 do not allow me to add many subnet to a VPN tunnel.

Also, when i try to create static routing in a spoke toward the hub, the rule I create do not seams to appear in the routing table listing.

The question remain: HOW can I configure my RV042 in order to make spokes see each other?

If I can't, does I need to change EVERY RV042, or changing only the HUB would do the trick?

With your answer, as I cannot configure the spoke VPN tunnel with many subnet, I need to change EVERY routers with Cisco IOS routers.

Is there an other solution?

Charles,

Given the limitations of the SMB Router I'm not sure if you could accomplish this kind of setup with the existing hardware.

You might get a better answer if you repost your question on the Small Business Forum:

https://supportforums.cisco.com/community/netpro/small-business

Have a good one.

Raga

shawncrystek
Level 1
Level 1

Hello Charles Montigny,

We had the same problem and were able to overcome it by modifying the subnet mask on the VPN tunnels.  For Example:

HUB Gateway to Gateway #1

Local Group Setup

IP Address: 192.168.0.0

Subnet Mask: 255.255.0.0

Remote Group Setup

IP Address: 192.168.1.0

Subnet Mask: 255.255.255.0

HUB Gateway to Gateway #2

Local Group Setup

IP Address: 192.168.0.0

Subnet Mask: 255.255.0.0

Remote Group Setup

IP Address: 192.168.2.0

Subnet Mask: 255.255.255.0

SPOKE (01) Gateway to Gateway #1

Local Group Setup

IP Address: 192.168.1.0

Subnet Mask: 255.255.255.0

Remote Group Setup

IP Address: 192.168.0.0

Subnet Mask: 255.255.0.0

SPOKE (02) Gateway to Gateway #2

Local Group Setup

IP Address: 192.168.2.0

Subnet Mask: 255.255.255.0

Remote Group Setup

IP Address: 192.168.0.0

Subnet Mask: 255.255.0.0

This was done using the latest (as of this writing) firmware v4.2.1.02.  RV042 Hardware V2 and V3.

This doesn't seem to be the correct way to do it, but suddenly all of the spokes can see each other.  I hope this helps!

-Shawn

I know I am very late to this thread but I wanted to say that Shawn's method worked perfectly. We have a main office and VPN's to two branch offices and I can now ping any device from any location.

hi, thanks for your time and help i try this setup for vpn routing between feews vpn but only i can get a ping request from the network and next tree timeouts

for example ping to remote office B:

Pinging 192.168.1.254 with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time=33ms TTL=62
Request timed out.
Request timed out.
Request timed out.
Reply from 192.168.1.254: bytes=32 time=33ms TTL=62
 

i am on the remote office C: my ip address is 192.168.2.X/24

 

ping from office c to main office hub

Pinging 192.168.0.5 with 32 bytes of data:
Reply from 192.168.0.5: bytes=32 time=18ms TTL=126
Reply from 192.168.0.5: bytes=32 time=18ms TTL=126
Reply from 192.168.0.5: bytes=32 time=18ms TTL=126
Reply from 192.168.0.5: bytes=32 time=17ms TTL=126

 

v4.2.3.03 (Mar 19 2014 19:59:48) on all sites