Site-to-Site VPN with public addresses using Linksys RV042 Appliance

gerardr01 · ‎12-07-2010

Hello,

I'm having a problem setting up a site-to-site VPN using a Linksys RV042 VPN router.

To access services provided by a wireless service provider, we need to use a VPN link.The service provider's requirements are as follows:

IPSEC VPN required to connect to the service provider's infrastructure
Encryption domains for the VPN endpoints must consist of publicly routable IP addresses
Servers and other devices that communicate over the VPN are assigned private address that must be NATed to the public encryption domain addresses

I've attached a diagram that gives an overview of the system.Note that the IP addresses shown in the diagram are made up, so as not to give away the particulars of our system.

The system works properly if no NATing is performed on the client side (i.e. if the client server is assigned a public IP address that is part of the client's encryption domain). If the server is assigned a private address, and a one-to-one NATing rule is defined, the server is not able to communicate with the service provider's infrastructure.

Is the scenario I described supported by the RV042 device? If not, would it be supported with another Linksys or low-end Cisco device?

Thanks,

Gerard

Herbert Baerten · ‎12-08-2010

Hi Gerard,

this should definitely no problem on a Cisco IOS device (e.g. 800 series router) or a Cisco ASA (e.g. the ASA5505) since they do NAT before encryption.

On a Linksys a.k.a. Cisco Small Business router, I don't know. Perhaps you can ask in the forum where there are probably more people with Linksys expertise.

hth
Herbert