I'm Aurélie. We have 2 sites in differents town and i want to configure VPN site to site on the two routers RV340. i have followed all the steps in the web site https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5513-configure-a-site-to-site-virtual-private-network-vpn-connect.html and the routers don't want to communicate. In the two sites, our ISP don't give us a public address and i have used the IP address gave by the ISP router 192.168.100.X. it is beacause, i have to configurate firewall inside routers ?
Please i want your help, because since several week i don't understand where the problem is.
thank your for your response.
On your ISP routers, have you forward the following protocols/ ports to the RV340 inside (192.168.100x) address from the public interface:
protocol 50 (ESP)
We thank you for your response. We have already added the protocols/ports 50(ESP), UDP/500, UDP/4500 and no result. The VPN is not up on the two rv340 routers. Our public addresses are not a fix addresses but a dynamics addresses because our ISP connection type is POE. Is it possible to do VPN with those dynamics addresses? if yes, how can i do that?
I know with the ASA you can initiate an IPSec connection with one end of the connection having a dynamic IP address, but I do not believe it is possible with two dynamic endpoints.
You could look into a dynamic DNS service to essentially create a static address for one or both sites.
As it stands with dynamic addresses it is not possible by itself, once the IP's changed either site wouldn't be able to locate the other.