Cisco Routers :: RV042 VPN Tunnel For Multiple Subnets?
Aug 5, 2011
We have 4 RV 042 routers and cisco router at HQ, we have Site to Site VPN tunnels in between, All branch offices are connected to HQ via S2S VPN tunnels
10.10.1.0/ 24 HQ
10.10.2.0/24 Branch 1
10.10.3.0/24 Branch 2
10.10.4.0/24 Branch 3
10.10.5.0/24 Branch 4
now lets say i am branch 1, i can access 10.10.1.0/24 network but cant access 10.10.5.0/24 network, means i dont have branch to branch connection, it should be through HQ, means my RV042 at brnach should fwd all traffic to HQ for another branches also. Under VPN tunnel if i try to configure remote destination 10.10.0.0/21 its not allowing me it says network overlaping with local network, how i can sole it, I know how to do in cisco, we can permit those networks in access lists.
View 1 Replies
ADVERTISEMENT
Jan 22, 2013
Here's what I want to do with my RV042: I have a bunch of devices, including a server, inside my network at 192.168.1.100
I've set up VPN using PPTP. It works, but if my clients have their own remote DHCP set up to 192.168.1.x, they can't get to the server. If their home DHCP is 10.x.x.x., everything works
I am considering changing my internal network to something obscure.
My server has two NICs. So I thought, I why not set one address up to 10.x.x.x But the two nets can't ping each other. I tried using "multiple subnet" on the RV042, setting up 10.1.1.1, but no luck.
View 1 Replies
View Related
Aug 16, 2011
We have Point to point T1 environment where 3 additional WAN sites get internet access through our RV042. When we setup load balancing we have problems with https traffic, so we setup protocol binding for https and everything worked great from the local LAN. When trying to access https content from the remote LAN across the WAN the sites failed and I see no option to add additional subnets to the protocol binding. Is there a command line feature that supports adding additional subnets for protocol binding or is the local LAN the only option?
View 7 Replies
View Related
Nov 27, 2011
We have RV 042 deployed for internet access/firewall purposes. Due to growing number for Wireless devices and also to separate WLAN traffic from wired devices, we have created a separate VLAN/IP Subnet for the wifi devices. We are having trouble accessing the internet from the WiFi VLAN/IP Subnet. Cisco 3750 is layer 2 and layer 3 device. We have VLAN 1 (10.10.10.0/255.255.255.0), all wired devices and RV 042 are part of VLAN 1. Connectivity to internet from VLAN 1 is good. VLAN 2 (192.168.1.0 / 255.255.255.0) was created for wifi devices, 3750 does the inter-vlan routing, I have enabled the multiple subnet feature on the RV 042 and added 192.168.1.2 / 24 to the subnet list, we still have issues accessing internet from vlan 2 devices.
As a workaround, I shutdown vlan 2 and added 192.168.1.0/24 as secondary address to the VLAN 1 interface on 3750 and i was able to access internet from 192.168.1.0/24 network with wifi devices also on vlan 1, we want wifi devices to be on separate vlan / ip subnet. Looking at the documentation for RV series routers, it talks about supporting multiple subnets access to internet by enabling multiple subnet feature but it doesn't seem to work.Are there restrictions on having multiple vlans?
View 4 Replies
View Related
Dec 21, 2011
I have a static DSL connection and my ISP is giving me 4 static IP's. I have connected my RV042 to the DSL modem and I have now 1 subnet at 192.168.0.0. What I want to create is a WEB server/ Email server, but to sit on a different subnet - 192.168.5.0. For now I have connected the server to the DMZ port, but I am unable to to access it from WAN, only from LAN. How to configure properly the 2 subnets (192.168.0.0 and 192.168.5.0) and how to forward my static address to the server which I which to be on the 192.168.5.0.
View 4 Replies
View Related
Jan 4, 2013
I have setup 15 x RV180W's so far for a particular client.They have requested that we add a Corporate Wireless VLAN for their laptop users (not guests) and add a Special Use WiFi VLAN for a particular mobile platform that is being deployed (in this case we need 2 separate WiFi VLANs to ensure compliance).Also, none of the VLANs can talk to eachother and they have their own subnets.I have the Wireless and VLANs setup, no problem... but I am having an issue wiht the VPN settings.I have the wired network's subnet working fine. But I do not know how to add the subnets for both Wireless VLANs to the traffic selection.The IP schemes will not allow me to just select a large subnet... here are some examples:
Wired VLAN: 10.10.x.y
Corporate WiFi VLAN: 10.15.x.y
Special WiFi VLAN: 10.18.x.y
x is the octet that defines the physical unit location (unit 1 = .23, unit 2 = .24, etc...) y is the octet the host.Since they are not in a contiguous block, I cannot just use a larger subnet mask.I can add multiple traffic selection rules to the ASA5515 at HQ, so that side of the tunnel is perfect... I just don't know how to add the three VLANs to the RV180. Is it as simple as using commas or semicolons?
View 1 Replies
View Related
Dec 16, 2011
how to establish tunnel between rvs 4000 and rv042 ?
View 2 Replies
View Related
Dec 14, 2011
here's my setup :
office 1 :
rv042 hw3
ISP:Obtain an IP automatically
office 2 :
rv042 hw3
ISP:PPPoE
VPN tunnel between both rv042, everything's fine but when i try to ssh from office 2 to an office 1's server, my connection drops.
When it drops, i can still ping pc in office 1, this is really strange!if i change the office 2 ISP to another provider (obtain an IP automatically) everything's ok !
i try to use another PPPoE ISP for office 2 and it's doing the same thing!I've also tried other rv042 in both locations with the same setup and it's doing the same thing, so it's not a router issue.
i've tried older firmware and it's doing the same thing, so it's not a firmware issue!
View 3 Replies
View Related
Jun 27, 2012
I have configured a VPN tunnel between two remote locations using static IP addresses on two RV042 routers. The tunnel seems to work but the problem is that when the two hosts attempt to ping each other only one can successfully ping. One PC with IP address 192.168.1.100 can ping across the network but the second PC with IP address 192.168.2.100 cannot. These are laptops seperate from the intranet used to test the tunnel. Someone had suggested NAT may be the issue so I enabled NAT Transverse on the routers but still no luck. The following is the results from a ping test.
PC 1
ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=116ms TTL=63
[Code] ......
View 1 Replies
View Related
Aug 24, 2011
I have a RV042 with multiple subnet, 192.168.10.0 and 192.168.9.0. 192.168.10.0 is assigned to the LAN, 192.168.9.0 is created under multiple subnet. Both subnet can access Internet by accessing IP address, but 192.168.9.0 cannot access Internet by using host name. It looks like DNS is not working for the 9.0 network.
View 1 Replies
View Related
Sep 15, 2011
I was hoping that the latest firmware would fix my (2) 'bugs', but it did not. We are using the RV042s at our remote medical clinics as an end-point VPN router to our Nortel 1700 VPN router, replacing our old Nortel Contivity 100s.When I try and do a reset when connected remotely via the WAN interface, the RV042 hangs and will only reset by re-powering.
View 1 Replies
View Related
Feb 18, 2013
I have an RV042 VPN tunnel with an RV082.The RV042 has a public IP Address obtained by PPPoE, the RV082 has a public IP Address obtained via Static IP.The problem I see is a really slow performance. Both internet conections are idle and the performance is about 2 or 3 kbyte/s My question are if I should I enable any of this:
- Agresive mode
- NAT Traversal
- IP Compresion
- Dead Pear Detection
How can I troubleshot this slow performance?
View 2 Replies
View Related
Aug 15, 2012
We have setup a new internal web server so now we have two internal web server and both or hosting sites on port 80. Currently we have port 80 forwarding to one of the web servers and users are able to hit it from the outside.
Is there any way to configure the RV042 to route web traffic to the correct web server by using the site name or dns? If a user puts in the address{URL}, be routed to one web server but if they put in {URL}, be routed to our second web server. I've checked with our vendors and the both web servers applications need to run on port 80. If we have forwarding setup on the RV042 to forward port 80 to web1 then users can't access web2 from the outside?
View 3 Replies
View Related
Sep 27, 2012
I'd like to set each individual LAN port with different address i.e. LAN 1 192.168.1.1 and LAN 2 10.1.1.1 instead of using the multiple subnet feature and having all ports replying for the addresses created.
View 3 Replies
View Related
Feb 11, 2012
I have a pair of RV082 routers and I'd like to configure gateway to gateway VPN tunnel as described in a cookbook, "How to configure a VPN tunnel that routes all traffic to the Remote Gateway," (file name Small_business_router_tunnel_Branch_to_Main.doc). I followed this cookbook and found that my while the Main office has internet connectivity, the branch subnet doesn't have internet connectivity.
Routing does behave as advertised, where all traffic does go to the main office. However, the 192.168.1.0 subnet in the branch office does not get internet connectivity. I've read in other posts that the Main office router will only provide NAT for the local subnet, not the branch office subnet. Is there a way to configure the RV082 router to provide NAT for all subnets?
If not, which Cisco product will provide the VPN Tunnel connectivity as well as the NAT for all subnets? Can the RV082 be used as part of the final solution or are my RV082s a wasted expenditure?
Following is the configuration that I'd implemented, (real IP and IKE keys are bogus).
Gateway To Gateway
Remote Main Office
Add a New Tunnel
Tunnel No. 1 2
Tunnel Name : n1-2122012_n2-1282012 n1-2122012_n2-1282012
Interface : WAN1 WAN1
[code].....
View 2 Replies
View Related
Oct 6, 2011
if possible with the RV042.Primary External IP address uses port forwards for some ports, all okay.I would like to have other external ip addresses assigned to machines on my lan.Basic host multiple web servers, on different IP addresses, using port 80. [code]
From what i am reading, it looks like the RV042 can do this, but I am not real clear what my rules should look like.
I would think my high priority rule for each external IP address would be to deny all traffic first for each machine on the lan.Then create one entry with source 202.x.x.2 port 80 -> 192.168.168.2 ?
How should I set my rules to do this, and what settings should I have on the Nic of the second machine?
View 3 Replies
View Related
Sep 13, 2011
I configured ASA5520 and RV042 for site-to-site IPSec VPN tunnel.Tunnel get connected, but no ping, no traffic between both end network.
Network:
=======
192.168.113.0/24----------192.168.113.6 -ASA--------public, static IP address------Cisco 2821--------Internet
192.168.10.0/24-----------192.168.10.1 -RV042-----public, static IP address------Cisco 2821--------Internet
ASA5520 config:
----------------------
name 192.168.10.0 VPN
!
interface GigabitEthernet0/1
nameif NET
security-level 100
ip address 192.168.113.6 255.255.255.0
[code]....
View 5 Replies
View Related
Jul 18, 2011
Im able to create a gateway tunnel with two rv042 routers in different locations ( i can see the tunnel connected in the router) but the quick vpn utility is not working , i also tried to use the pptp as server as an alternative( im able to connect using windows connection to the pptp server but whenever I browse any of the four ip's allowed for the pptp server \10.0.0.200-204 it takes me to the documents of the local computer....I attached the configuration for one of the routers it is the same as the other end , just the information is flipped.
Message was edited by: Adrian Torres
View 7 Replies
View Related
Aug 29, 2011
I recently purchased a RVS 4000 (firmware V2.0.0.3) and am having some issues creating a second (third...fourth?) IPSec VPN Tunnel. The first one is up and running just fine. On the VPN Summary screen it says [1 Tunnels Used 4 Tunnels Available].
When I go to configure the second tunnel, I select --New-- from the "Select Tunnel Entry" drop down and proceed to fill in all the connection information. When I click Save, it seems to be processing and after a few seconds just returns me to the same screen, with none of the information I just input and no connection created. No errors given.
I have another RVS4000 to connect at a different location which will require a similar setup, but don't want to do anything with it until I have the one mentioned above working fully.
View 1 Replies
View Related
Dec 21, 2011
I have a static DSL connection and my ISP is giving me 4 static IP's. I have connected my RV042 to the DSL modem and I have now 1 subnet at 192.168.0.0. What I want to create is a WEB server/ Email server, but to sit on a different subnet - 192.168.5.0. For now I have connected the server to the DMZ port, but I am unable to to access it from WAN, only from LAN. how to configure properly the 2 subnets (192.168.0.0 and 192.168.5.0) and how to forward my static address to the server which I which to be on the 192.168.5.0.
View 1 Replies
View Related
Apr 30, 2013
Small office, 2 RV042, 2 DSL connections. 1 is used striclty for the business side, and the other is for our CCTV network. They also have seperate DSL connections as we have 2 external IP address for clients to connect remotely. We don't want to take away our exisring setup, but would like to bridge both networks so a few of our internal clients can connect to our CCTV network and use some of the devices. Right now they come in on VPN but its not as fast.Is this doable without adding additional hardware? Both networks need DHCP enable as well.
View 1 Replies
View Related
Apr 9, 2012
I am struggling on a problem for over 2 weeks despite of various researches.
We have a Cisco router, then an ASA 5520 8.4(3).
The private interface of the ASA is connected to a switch, and so on connected to one interface of the router.
The private interface is as following : 129.88.63.253 255.255.248.0 (/21) =>
It is in the 129.88.56.0/21 subnet
Here is the part of the router config we are interested in :
!
interface Vlan32
ip address 129.88.63.254 255.255.248.0 (this is the tunnel default gateway configured on the ASA - 129.88.56.0/21 subnet)
ip address 129.88.71.254 255.255.255.0 secondary
ip address 129.88.75.254 255.255.252.0 secondary
ip access-group CVPN-depuis-129.88.56 in
ip access-group CVPN-vers-129.88.56 out
ip verify unicast source reachable-via rx allow-default
no ip redirects
mls rp ip
!
On the ASA, there is currently one default route for the tunneled traffic :
route Private 0.0.0.0 0.0.0.0 129.88.63.254 tunneled
As you can see, it's on the same subnet as the primary IP address of interface Vlan32 on the router.
The scenario is as following :
- we can connect to the VPN with the appropriate alias (LDAP connection), then we get an IP address in the defined range (it's a local ASA pool)
- the pool is : 129.88.71.0/24
- but, once we are connected, we can't do anything, because it seems like we don't have any network access
View 9 Replies
View Related
Mar 2, 2012
I've currently got my ASA (5505) serving a /28 public subnet. I've ran out of IPs, so my DC has issued me an additional /24 subnet that they have routed to my ASA. What needs to be done on my ASA so be able to use these new addresses? I've been trying to search and not been able to find a good answer (some say I shouldn't have to do anything, everything else references NATing, which I currently don't do and would rather not do).The servers I assign these to, I'd like them to have the public ip assigned directly to them.
View 5 Replies
View Related
Aug 26, 2011
I am setting up my home lab to practice and play around.I have VMWARE ESXi environment with two workstations as my servers.I would like to setup two domains with two domain controllers but i want each domain to have its own subnet.So this is my setup. I have Cable modem from cablevision , thay connects to my router which is Apple Airport which acts as the DHCP server. DNS server and default gateway. The network on the router is 10.0.1.xThen i have two switches . One is a 5 port unmanaged switch that connects to the three physical desktops .Then i have a Cisco small business switch SG200-08 that connects to my ESX servers and NAS. Now currently all is good and working but like i said all my machines physical or virtual get an IP that is 10.0.1.x and they get all this from the router. And i think i can setup two domains with two domain controllers without an issue and they will all get an IP address of 10.0.1.x. This is all good but i want to have one domain on one subnet and other on another so for example one domain will have 10.0.1.x and other 10.0.2.x. I am just not sure what i need to to get this setup like this. I know my SG200-08 supports vlans and i am pretty sure on the apple router you can only have one subnet i think. So can i do this with my current setup by setting up a DHCP server with two scopes ?
View 3 Replies
View Related
Mar 26, 2013
I have an ASA5510 that is connected to outside for WAN, inside for LAN (10.22.254.0/24), and a iSCSI switch plugged into Ethernet 0/3 (10.22.244.0/24). I can ping the Eth0/3 interface (10.22.244.1) but I can't ping across that interface from WAN or LAN side.
START CONFIGURATION
ASA Version 9.1(1)
!
hostname ASA5510
[Code].....
View 7 Replies
View Related
Jun 23, 2011
NAT command on 8.4? I am trying to PAT multipule Inside subnets to an IP address. With the example I found I can only PAT one subnet. If I do it the way I have below, it will end up with the last subnet (3.3.3.0) stay in the config. What is the best way of doing it? I have about 20 inside subnets I need to PAT.
object network obj-Inside-sub1
subnet 1.1.1.0 255.255.255.0subnet 2.2.2.0 255.255.0.0subnet 3.3.3.0 255.255.0.0nat (inside,outside) dynamic 199.246.5.2
View 5 Replies
View Related
Jan 24, 2013
I have a Windows 7 Pro Desktop with an on-board Ethernet and an Axis USB To Ethernet adapter. The on board Ethernet is configured as dhcp and obtain the address 10.162.146.123 with 255.255.255.0 subnet. The Axis USB to Ethernet adapter is static ip configuration with 10.38.25.37 and 255.0.0.0 as subnet. Under the adv settings I have also another ip 11.38.25.37 with 255.0.0.0 subnet. When the Axis is communicating 10.38.0.1 network I can not access the internet using the on board Ethernet 10.162.146.123. I have to disable either one of the cards to access one network at a time.
View 3 Replies
View Related
May 23, 2011
I have an existing pair of PIX 515E that has two interfaces. One connected to the public internet via my ISP and one internal.
I recently ran out of IP's and had the ISP route an additional block to public IP of my firewall. This isn't working for some reason and I'm trying to figure out why.
The "ip address outside XXX" command defines the outside address and I don't see any way to add a secondary sub net.
I tried just adding a rule to the firewall for one of the IP's in the new subnet, but I can't seem to get traffic to pass though the device.
View 1 Replies
View Related
Feb 20, 2012
Is it possible to have multiple public IP addresses that are from different subnets going through one router? I have been told that this is not possible with most routers and that I would have to spend a lot of money on a router to be able to do it. I am still not totally clear on what defines a subnet even after reading up on them. What I am trying to achieve:
-My office has 10 computers.
-All would be connected to one router.
-My internet service provider has provided me with 10 public IP addresses, that are all very varied (which I asked for)
View 3 Replies
View Related
Nov 17, 2011
The ASA device is going to be the gateway for multiple distinct inside IP subnets. We can have have a unique outside IP address to correspond to each inside IP subnet if needed, but we need some means for a VPN client or a site-to-site VPN to have acess to a pre-definied IP subnet (i.e. if customer A establishes a VPN connection, they have connectivity to IP subnet X; customer B establishes a VPN connection, they have connectivity to IP subnet Y, etc.).Currently, the two inside IP subnets are 10.10.0.0/16 and 10.20.0.0/16. We will be adding more.The problem we are facing is that we cannot reach the VLAN 201 from the ASA we believe this is because. I have setup two addresses on port 0/1 Vlan1, 10.10.20.2 and 10.20.20.1 as an alias. How can we make traffic for the 10.10.0.0/16 subnet untagged and traffic for the 10.20.0.0/16 subnet tagged for VLAN 201.
View 1 Replies
View Related
Jan 5, 2012
I am new to Cisco products. We have currently got a Netgear FVX538 running in front of a few servers. We currently have 2 ranges of IP addresses provided to us on 2 separate subnets. We configured the netgear box with the first IP addresses of each subnet as the IP address of each of the primary and secondary LANs. This then allowed us to set the gateway addresses of servers on the network to either of those 2 addresses, depending on it's range.
This all worked fine - except for the fact that the Netgear box is incredibly flakey, so we decided to get a Cisco box.
We have gone for the SA520, which I have been trying to configure this afternoon. Unfortunately I am now having concerns as to whether it is possible to configure 2 separate subnets internally on this box in the same way we have done with the netgear box. ie - classical routing, one incoming WAN interface with multiple subnets?
View 5 Replies
View Related
Jun 29, 2012
I have a Cisco 2901 with the 4port gigabit ethernet switch module that I'm trying to get configured to have a seperate subnet for each port. So far I have it set up so each subnet is a vlan, then on each port I use the switchport access vlan command to tell it which subnet I want that port to be on. However, there is one port that I need to have 2 subnets on. The way I found to do that was to use switchport trunking on that port, but it doesn't seem to be working properly. how they would configure this? Right now I have vlan 101 as x.x.x.17/28 and vlan 103 as x.x.x.53/30. I think where I'm getting hung up is the proper association between the physical port and the vlan subnets.
View 5 Replies
View Related
Dec 20, 2010
We have a 6509 that was connected to 2 other locations(location A and B) and our local lan (location MAIN). We wanted to move the location A and B to a 3750 switch and only allow the traffic that needed to access our location MAIN to come through the firewall. The only problem I ran into is that before location A and B were on different interfaces so in the 6509 firewall the routes for traffic to our MAIN location was done by static routes.
I.E.
static (MAIN_intf,A_intf) 192.1.1.72 10.94.10.72 netmask 255.255.255.255 0 0
static (MAIN_intf,B_intf) 192.2.2.72 10.94.10.72 netmask 255.255.255.255 0 0
[Code]....
because it has a static overlap, which makes sense to me, but my question is how do I configure the network to get this to work? Do I have to reconfigure my network and access-list? Do I need to add more ports between the 6509 and 3750? I'm not sure if this is the best way to do what we want. If something is not clear I'll try my best to explain the setup, but I just took over for our I.T. guy when he left.
I put 10.10.10.72 instead I should have put 10.94.10.72. the routed port is on a different subnet than the computer I'm trying to access.
View 4 Replies
View Related
