WRVS4400n to WRVS4400n VPN tunnel

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by flochie, Dec 7, 2007.

  1. flochie

    flochie LI Guru Member

    Hi linksysinfo community,
    I need your help with the following issue:
    I have to connect our remote office in Dubai to the headoffice in Italy. The web traffic in Dubai is heavily restricted and VOIP is blocked. This is why I have a dedicated line in the Italian office to which I would like to build a permanent tunnel and route ALL OR SELECTED traffic from Dubai. So far we are having PPTP vpns to the W2003 server over a different line but the bandwith is not enough to support all our traffic and voip, this is why we have build the following config.
    As you can see from the screenshots with the config below, my IPSEC tunnel is up, but I can't ping anything besides the 2 routers.

    Here are my questions:
    1. Is it possible to route all the traffic through a IPSEC tunnel between two WRVS4400n?
    2. If 1. is yes, is it possible to select the traffic to be routed, or to select the IPs of the machines to be routed?
    3. Additionally, once we are not in the office but around, of course also QVPN should do the same thing of routing the whole traffic. Since I was not able to build a connection with QVPN, its better to ask you if it is technically possible. Is it possible?

    This is my config:
    This is the setup in Italy
    PPPOE Adsl line with static IP
    AM200 modem in bridge mode
    WRVS4400n is set to PPPOE, getting static IP correctly.
    LAN IP is

    This is the setup in Dubai:
    PPPOA Adsl line with dynamic IP
    Dlink DSL-322T set to bridge mode and WRVS4400n behind it. gets dynamic IP.
    LAN IP is

    both WRVS4400n have

    below you can find the whole configs of both routers in screenshots:

    ITALY overview
    ITALY vpn status
    ITALY ipsec config
    ITALY WAN status
    DUBAI overview
    DUBAI vpn status
    DUBAI ipsec config
    DUBAI WAN status
  2. DocLarge

    DocLarge Super Moderator Staff Member Member


    post your shots one more time, but "block out" your WAN ip address. Just because we are a community doesn't mean there aren't a few who might be curious about your setup :)

  3. DocLarge

    DocLarge Super Moderator Staff Member Member


    the most apparent thing I see is that you're trying to use a "public" ip scheme (i.e., 130.xxx.xxx.xxx) on your local LAN. It would probably yield better results if your local LAN had a "private" ip scheme of 172.16.xxx.xxx thru 172.31.xxx.xxx "or" 192.168.1.xxx.

    Let's start from there...

  4. flochie

    flochie LI Guru Member

    Unfortunately that is one of the only things I can't change, the whole company network runs on that "public" ip scheme 130.10.0.xxx. What I can do is I can change the ip of the WRVS to something like 192.168.1.xxx, since it is a low priority task to communicate with the pc's in the remote network but the traffic routing is high priority. would that help?
  5. DocLarge

    DocLarge Super Moderator Staff Member Member

    Pardon me if I wasn't clear... :)

    My intent was for you to change your "LAN" settings, not your "WAN" settings because that's provided to you by your ISP. Changing your LAN settings to 192.168.1.xxx would be a start, so, yes, do that (definitely).

    FYI, I've set up tunnels with Kspare's WRVS4400N and it ran for a little while (his 4400N was "borked" on delivery :) ) *HeH* Mine is still standing through it all!!!! :)

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice