1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Guess I'll post this in here also

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by jlee161, Mar 27, 2006.

  1. jlee161

    jlee161 LI Guru Member

    So here's the layout

    Main site is using ISA 2004 SP2

    Two routed class C private newtorks
    192.168.1.0/24
    192.168.30.0/24 (has an interface on 192.168.1.0/24)

    Remote Site 1
    WRV54G
    192.168.15.0/24

    Remote Site 2
    BEFVP41
    10.0.0.0/24

    My question is no matter how i setup the tunnel on either remoted site router they can't see 192.168.30.0 or each other

    I've set up the filters and rules in ISA 2004 so they should be able to. Are the linksys's incapable of this?

    I don't want to create multiple tunnels to multiple sites.
     
  2. jlee161

    jlee161 LI Guru Member

    from linksys

    Dear Valued Linksys Customer,


    Thank you for contacting Linksys Technical Support.

    The remote site is unable to reach other subnets probably because you have not created separate tunnels for those other subnets which you would like the remote site to have access to.

    For us to be able to provide you with more appropriate solutions, please reply to this email with the following information:

    a. Model number of the routers on the main and remote sites
    b. Type of Internet connection used on both ends
    c. A screenshot of your VPN configuration on both ends
    d. Description of your network set-up

    We shall be looking forward to your reply with the information that we need so we can assist you more effectively.

    Thank you and have a nice day.

    If you have further questions, please send us an e-mail at support@linksys.com so that we may further assist you.

    You may also visit our knowledge base at www.linksys.com/kb for other concerns and basic troubleshooting of your Linksys product/s.


    Sincerely,


    Jacqueline Neri
    Badge ID 16543
     
  3. jlee161

    jlee161 LI Guru Member

    Seperate Tunnels!!!

    You've got to be kidding me. I'm aware that creating tunnels between the remote sites and between the two subnets at the mainsite will work, sort of. It will also chew up precious bandwidith. What a piece of you know what.

    All these IPSec tunnels running to each other and to a main site. Please tell me she doesn't know what she's talking about. Tell me this router isn't that dumb.
     
  4. TazUk

    TazUk Network Guru Member

    It's not the routers fault, it's doing exactly what it's been told to do i.e. encrypt traffic for the 192.168.1.0 network, all other traffic is treated as internet traffic so is unencrypted. On the WRV54G you can enable the VPN Gateway option, this will force all traffic down the tunnel, the downside to this is that internet traffic would take that route too.

    For each site to see each other the best way would be to create a tunnel between them.

    Any reason why your running two networks at the main site?
     
  5. jlee161

    jlee161 LI Guru Member

    This is a test lab for site to site VPNs. Two subnets as the "main site" is just a lab enviroment.

    Creating all these tunnels is what cisco and some others I guess would call mesh, which is a pain. I'm looking to create a hub and spoke design.

    In reality the Hub site may have many subnets, and some of the remote sites as well.

    Really testing a several things here: ISA, end points, tunneling protocols, and routing. Was hoping to use a more expensive hub, and cheap endpoints. I guess that's not going work at least not with this cheap solution.

    I see Cisco's Higher End stuff can do EIGRP, and thats really what i'd like to accomplish. Have all traffic directed to the right desitnation by the hub over single tunnels to each site.. I belive L2TP and PPTP are cable of this as well.
     
  6. jlee161

    jlee161 LI Guru Member

    If anybody has any suggestions other than buy a Cisco 7000 and some 29xx's please let me now :) . I'm new to the networking thing, mostly concentrated on the server OS side.
     
  7. TazUk

    TazUk Network Guru Member

Share This Page