RV320 Easy VPN Config and VLAN Access

Unanswered Question

Hello all,


I have a RV320 router with the Easy VPN configured and I am able to connect via the client.  My issue is that once I connect, I cannot access any resources in any vlans.  Can anyone point me in the right direction?  I have the admin guide but it doesn't offer much detail.


The ipconfig for the vpn connection looks like this:

IPv4 Address. . . . . . . . . . . : 172.16.100.100

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . : 172.16.100.101


I can ping the router's management ip address (on another vlan), but nothing else.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Tom Watts Wed, 11/06/2013 - 20:42
User Badges:
  • Green, 3000 points or more

Hi Jeremy, is the firewall of the other computers you're trying to access disabled?



-Tom
Please mark answered for helpful posts

Tom Watts Thu, 11/07/2013 - 11:36
User Badges:
  • Green, 3000 points or more

Jeremy, please disable the firewalls.



-Tom
Please mark answered for helpful posts

Hey Tom,


I finally got back on site.  I now have remote access enabled, and the VPN was working temporarily, however now I can't connect at all via Cisco VPN Client.  Oddly enough, I had to enable HTTPS on the outside interface to allow remote management.  My understanding is that the checkbox would take care of that. 


Here's the relevant client logs with the destination ip removed:

144    14:59:30.000  12/08/13  Sev=Info/4          IKE/0x6300004B

Discarding IKE SA negotiation (I_Cookie=CDA66B11F9AF1DF8 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING



145    14:59:30.001  12/08/13  Sev=Info/4          CM/0x63100014

Unable to establish Phase 1 SA with server "<##.##.##.##" because of "DEL_REASON_PEER_NOT_RESPONDING"



Cisco RV320 Log:

2013-12-08, 15:06:56Kernelkernel: [ACCESS_RULE]: IN=eth1 SRC= DST= DMAC= SMAC= LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=20127 DF PROTO=TCP SPT=2148 DPT=443 WINDOW=8192 RES=0x00 SYN URGP=0



I've tested the following:

1. Rebooted Router.

2. Recreated a VPN Easy Connect group with preshared key.



Any other ideas, thoughts?  The VPN stopped responding completely before today, and the reboot successfully allowed connections, briefly, before returning to the current state.


Thanks,


JN

Ok a little more progress.  Testing with a Sprint Mifi, the VPN now authenticates.  Either my home router or comcast is somehow blocking the vpn connection.


I'm still unable to access any resources, going to have the company disable the firewall on a desktop tomorrow and test.  I will report back here.


Thanks,


JN

Had a desktop disable it's firewall today, no joy.  The gateway incremented by 1 as well, which is really odd in the virtual ip space.  Here's what I get as output


IPv4 Address. . . . . . . . . . . : 172.16.100.101

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . : 172.16.100.102


Configuration:


Virtual IP Range

172.16.100.100 - 129


Easy VPN

Group No 1

Tunnle Name: Omitted

Min Password Complexity Enabled
Password: Omitted

Interface: WAN1

Enabled:

Full Tunnel

Ip address 192.168.10.0 /24

Extended Auth: local db


Ideas?


Thanks,


JN

Actions

This Discussion

Related Content