RV042 Redundant VPN/WAN links problem

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by WildCard, Apr 11, 2007.

  1. WildCard

    WildCard LI Guru Member

    I have an RV042 (firmware v1.3.8.2) with DSL and Cablemodem connected to the two WAN ports. I have it set to Smartlink with preference on the DSL connection.

    DSL connection works decently, with exceptions occasionally - hence the cablemodem backup.

    On WAN1 I connect with VPN to two other offices. VPNs work great on that WAN port.

    When WAN1 goes down, so does the VPN. Upon looking closer at the settings, I noticed that the VPN tunnel interface can only be set for a specific WAN port and not both. No problem, I assumed I would be able to duplicate the settings for the secondary WAN port.

    Bad assumption though, I get an error stating that there is an IP conflict with WAN1 and the IP I have listed in 'Remote Group Setup'/remote security group IP address (subnet).

    I called Linksys tech to tech, they suggested that I take it off Smarklink and set it to load balance - which gave the same error/conflict. After doing a little reasearch, I found that this http://www.linksysinfo.org/forums/showpost.php?p=294195&postcount=2 link says that someone that upgraded to v made it so that there redundant links were non-editable - but used to be possible.

    Another link I saw mentioned a need to create a VLAN at both locations so that the LAN IPs could be differentiated and therefore be able to create the connections. I don't have the link to that post, but I printed it, and it was from this forum with a topic of 'RV042 - gateway to gateway vpn with dial wan - how to?'

    The administrator of the other two city's offices is a pain to deal with so I was hoping to deal with him as little as possible - and just use the WAN1 port credentials. Doesn't look like that is possible.

    Thanks for any advice you can help me with,
  2. ifican

    ifican Network Guru Member

    The conflict you are seeing makes sense. From the simple standpoint that the tunnel only identifies "interesting" traffic by way of the remote lan (fancy way of saying how it knows where to send data destined for the remote lan). If you have 2 different tunnels with the same remote lan the router has no way of knowing which lan it is suppose to send the traffic too. Interesting dilemma indeed, the question is how to go about bypassing that?

    The only way to get this done would be to vlan both sides, you are not going to be able to get away with vlaning just one. Both sides are going to have to have different remote groups so the routers on both ends know what traffic goes where. Then at that you run into the issue of how to put 2 ip's on each host. None of this cant be gotten around with some creating networking but nothing comes to mind that will fix your issue with current equipment just by making a few config changes.
  3. WildCard

    WildCard LI Guru Member

    Thanks Ifican for your post. Setting up a vlan on both sides is a little out of my expertise. Simpler than it sounds or is there a FAQ/walkthrough that might help that you suggest?

    I know of vlans, just never have set up one. I am pretty positive the linksys switch we have utilized at this site (I think an SRW224) said vlan configurability was available.

    Now I just have to deal with the other side too.

    Thanks again,
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice