WRV200 to WRV200 routing internet traffic over the VPN

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by ScottSi, Jan 22, 2008.

  1. ScottSi

    ScottSi LI Guru Member

    I wonder if anyone has implemented this scenario, or knows how i should configure the routers. I have the VPN connection established and the link is stable with no issue. The last part i wanted to do was to route the internet traffic, i.e. web browsing across the VPN tunnel, and for traffic to exit from the other router WAN interface.

    For example:

    Router A

    Router B

    I want all of the internet traffic from Router B i.e http/ msn / skype to pass through the VPN and exit from Router A

    Will it be as simple as adding a static route on Router B?
  2. Sfor

    Sfor Network Guru Member

    The WRV200 is not able to do what you want, I believe.

    For your idea to work, the VPN bound traffic should pass through local WRV200 NAT gateway service. You would have to use some other router to emulate the local IP for the remote computers, I think. Yet another NAT router could be necesary to do some NAT and LAN traffic redirection in the remote location, as well.
  3. pablito

    pablito Network Guru Member

    A bit strange considering that you used the internet to get to the other side anyway. However if you must for location reasons then you can do it easily on a protocol by protocol basis. web traffic can be done by pointing to caching proxy servers at the other end. better yet, put a proxy at each end with side A using side B proxy as a peer. This cuts way down on traffic even if you don't need to pop out of the other side. So for anything that can point to a proxy at the other end it isn't too hard.

    But if these nets are more local then other tricks can be done....
  4. ScottSi

    ScottSi LI Guru Member

    Caching Proxy


    Thanks for your reply, and the reply from sfor. Could you please detail any proxy caches you recommend i use? Thanks... As this is personal, the cheaper (if not free'r) the better....

  5. pablito

    pablito Network Guru Member

    The granddaddy of free web proxies is Squid http://www.squid-cache.org/
    You can do lots of tricks with squid. A basic setup is to point users from A to the proxy at B and you are then browsing via B. If you point B users at the proxy too then both sides benefit from the cache. Put up a pair or more of these and you can save bandwidth, get around restrictive or fascist regimes etc.

    I don't know about Skype but I use standards based SIP/IAX VoIP and you can run it over the VPN and do anything you want including free calls without using a 3rd party provider (like Skype).
  6. HughR

    HughR LI Guru Member

    Perhaps what you want is what FreeS/WAN calls "extruded subnets". For example, see the section with that title in http://www.freeswan.org/freeswan_trees/freeswan-1.99/doc/adv_config.html

    FreeS/WAN is code is mostly what is underneath the covers in the WRV200. It may be that the covers (the GUI interface) prevent you implementing this architecture.
