1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Vpn to VPN/WAN

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by bishop_III, Feb 13, 2007.

  1. bishop_III

    bishop_III Guest

    I Recently purchased 2 rvs4000 boxes for a remote office we are setting up.
    I have successfully established an IPsec VPN tunnel that link the 2 LAN sides of the boxes. Is there a way to route all packets through the Tunnel so that they hit and go out the WAN interface on the OTHER rvs4000 behind a larger corporate firewall rather than just routing the packets for the LAN side of rvs4000

    IPs have been changed to protect the guilty

    [​IMG]

    So I want ALL packets from the remote office computer to go to the 128.194 subnet. Here is the kicker i can't get around: the rvs4000 behind the firewall also has a 128.194. address. Can I Tell the remote office rvs to route everything except 128.194.104.3 to the WAN port side of the 128.194.104.3 rvs? My experimentation with static routes has failed miserably.

    Any hints on how this could be configured? did I get the wrong box(ie. can this box not do that? (if need be we can assign 128.194.*.* addresses to the machines in the remote office. we can also loop a port from the LAN side of 128.194.104.3 back to the 128.194.104 building net, again my fumbling experimentation did yield fruitful results

    my Temporary/Other soluotion is to use full blown linux boxes with openswan and iptables managling to do this. But I would prefer to use the smaller/much less powerdraw vpn boxes.

    My other thought was if there was a telnet hack like for the rv042/82/16 series i might be able to hack iptables directly on the rvs4000, but I guess it hasn't been out long enough for that.


    Maybe this is easy and I am just overcomplicating it.
    Any thoughts would be appreciated. thanks.
    B3
     
  2. ifican

    ifican Network Guru Member

    No your not overcomplicating this, from my experience non of the small soho devices like to accept vpn traffic over the wan interface and then turn right around and send that same traffic back out the same interface it was received on to internet bound traffic.

    Now as you've discovered its not very easy to static route this traffic either as the remote router still wants to send its default traffic to its isp. There are a couple things that come to mind but I am hesitant to say just yet as they are total guesses at this point. I will do a little testing as soon as i can get some time.
     

Share This Page