I'm having an issue with routing VPN traffic through the VPN with public IP addresses used on each side.
Router is in Gateway Mode "Multiple Subnets" and DMZ are both disabled
Lan Network: 192.168.2.0 LAN IP: 192.168.2.3 Wan Interface: 184.108.40.206 ISP side of WAN segment 220.127.116.11
My side: Server: 192.168.2.2 One to One nat: 18.104.22.168 => 192.168.2.2
Other Side: Gateway: 22.214.171.124 Server: 126.96.36.199
VPN Gateway to Gateway:
Local Group: 188.8.131.52 / 255.255.255.255
Remote Gateway: 184.108.40.206
Remote Group (IP Address): 220.127.116.11
Nat Traversal is On
Connection established without any problem.
Problem is when I traceroute from server 192.168.2.2 to the remote group computer traffic goes out through the internet. It is as if the router is completly ignoring the vpn tunnel. The RV042 will only allow me to setup static routes and bind to interface WAN1, WAN2 or LAN.
I am connecting to a ASA 5510 on the other side.
Destination IP Subnet Mask Default Gateway Hop Count Interface
Obviously from looking at the routing table and watching the traceroutes I can see the problem. Router is sending 18.104.22.168 to ISP side of Wan connection, instead of through VPN. WHY?
Question is: why isn't the router picking up on the ip address in the VPN setup and sending that data throught the tunnel? Is the RV042 not able to route public IP addresses through IPSEC tunnel?
Debug on other side show: Group = 22.214.171.124, IP = 126.96.36.199, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 188.8.131.52/255.255.255.255/0/0 local proxy 184.108.40.206/255.255.255.255/0/0 on interface outside
Also if I add rule to block traffic to the one to one nat address, everything still comes to server... RDP, ICMP... everything. Even if I setup a deny ALL services from Source WAN1 to 220.127.116.11 from ANY ip address...
Doensn' make sense to me, seems like I have a basic config option wrong or router is hosed....
Article ID:5728 Configure a Teleworker VPN Client on the RV34x Series
Router Objective The Teleworker VPN Client feature minimizes the
configuration requirements at remote locations by allowing the device to
work as a Cisco VPN hardware client. When the T...
Article ID:5708 Configure the LAN and DHCP Settings on the RV34x Series
Router Objective A Local Area Network (LAN) is a network limited to an
area such as a home or small business that is used to interconnect
devices. LAN settings can be configured to li...
Article ID:541 Firmware Upgrade on RV016, RV042, RV042G, and RV082 VPN
Routers Objective To upgrade the firmware, a specific file must be
downloaded from the Internet and uploaded to the device. Firmware
upgrades can fix software bugs, improve features, a...