Routing and RV042 site to site VPN

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by fred3, Apr 22, 2007.

  1. fred3

    fred3 Network Guru Member

    I'm building a site to site VPN with RV042s.

    There's a VPN tunnel defined on each RV042 that complements the other. I guess that's the right way, eh?

    The two RV042s are showing their tunnel is connected - although not necessarily at the same time. One seems to lag the other as far as being "connected". They are kept alive.

    At this stage I'm unable to Ping across the tunnel. So, that seems not right. The packets stop at the local VPN LAN IP address with Destination Host Unreachable. ????

    I figure this must be some simple routing problem.

    Both LANs are on separate subnets so that routing to one or the other can be directed to the VPN router LAN IP address. The idea is that the VPN takes over from there, no? Well, not yet!

    Maybe there's something else in the RV042s that needs to be set up? Or, is simply setting up the VPN at each end by itself sufficient?


  2. slam5

    slam5 LI Guru Member

    You have to use a different subnet on both ends. eg: if one side's dhcp range from - Then the other end must use something that is different eg: to Otherwise, your router will not know whether you are pinging the local address or the other end. There are more than one private address range and one of them is 10.x.x.x. I would suggest you look on wikipedia under "private address".
  3. Toxic

    Toxic Administrator Staff Member

    are you allowing access to each others Subnets in the remote Sbnet setting on the vpn tunnels? or have you assigned an IP address only.
  4. fred3

    fred3 Network Guru Member

    slam5: I'm using different subnets so inter-LAN routing can be done.

    Simon: Oh! I was using the usable IP address range for the Remote Group Setup. I've now changed that to the remote group subnet. Might that also be a good idea for the Local Group Setup?

    I'm still looking for a configuration file that just works so I can modify things to suit this particular situation.

    I've set up a whole set of Firewall rules that I'm experimenting with to see which, if any, are necessary.

    The objective in the end will be that these RV042s will be VPN devices *only* and internet connection to the LANs will be separate (these will end up on an RV042 DMZ port).

    So any pointers will be greatly appreciated.


  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice