1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRV200 routing problems with two WANs in the same ethernet

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Sfor, Jul 12, 2007.

  1. Sfor

    Sfor Network Guru Member

    My WRV200 is connected to a WAN ethernet network. There are two separate IP subnets there.
    The one I connect to the internet is made with DHCP. The other one through a static IP (VPN connection is made with one of it's IP). Both subnets do have different subnet IP.

    The problem is, how to configure the router to have the access to the internet with one net, while using the VPN with another. I can not put the VPN traffic through the Internet gateway. It should be sent directly to the target IP, as it is in the same physical ethernet NET (but in a different subnet).

    So far, I connected two routers to the WAN. Each one is set to different WAN subnet IP. The WRV200 is the gateway to the internet. I added a rule to redirect all traffic heading to the second WAN through the LAN interface and the other router as the gateway. This gives the ability to work with the second WAN. But, I do not know if an IPSec VPN tunnel can be redirected that way. Unfortunately the second router is not WRV200 and it's abilities are very limited.

    I had not much time to think about this problem, as I had just one WAN today morning. Luckily the VPN is not necesary, right now. So, I have a few days of time.
     
  2. Sfor

    Sfor Network Guru Member

    After thinking about the problem I got to a conclusion: it would be enough to route all traffic through LAN interface to another router with exception of 192.168.0.0 255.255.0.0 subnet. The WRV200 would be just a gateway to the WAN I have the VPN connection in. All other traffic would be directed through my internet access WAN.

    Still, I do not know how to fit the idea in the WRV200 routing table.
     
  3. Sfor

    Sfor Network Guru Member

    I think I found a proper solution. The old router is the internet gateway, now. All traffic to 192.168.0.0 subnet is routed through my LAN to WRV200. Luckily my old Digitus DN-11005 routing table is able to do it.

    The WRV200 was degraded to be a IPSec VPN gateway and 192.168.0.0 gateway, only. I lost the QOS ability on the internet access, but it was not a big help anyway. The other LAN connected through VPN is in a 192.168.123.0 subnet. So, I do not need another routing table entry in the Digitus router. Luckily, I'm not using wireless LAN cards. The whole idea would not work, if WRV200 would have to be a wireless access point, probably.
     

Share This Page