Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

RV042 to RV042 Behind Existing Router

I had an existing RV042 to RV042 Gateway to Gateway VPN working successfully. 

The modem failed at one of the locations and it was replaced by a Comcast X-finity Gateway/Router.  Unfortunately, I have no choice on this device.  I am trying to get the VPN to work from the 2 locations again.

VPN Gateway-to-Gateway Configuration (no change, other than IPs)

Local - IP Only, Subnet

Remote IP Only, Subnet

Location 1:

Existing network configuration, no changes

Just updated the IP address for Remote Group Setting on the RV042

Location 2:

New modem configuration.

Enabled DMZ on new "Gateway" and put the RV042 in it, disabled all firewall rules on the gateway, and disabled any other type of filtering options I could find.  I can access the RV042 port forwards remotely as it should, so I know the DMZ is working.

Systems will conenct, however no data is being passed.  I did a bunch of searches and based on results tried turning on/off NAT Traversal, and Agressive Mode.  Same result.

Tried initiating the connection from both RV042s.  Both instances shows connected, but no data.

I have 2 theories -

1) While putting the RV042 in the gateway DMZ, it doesn't have full access.  I tried doing a PPTP vpn to the unit which worked before, but will not complete the connection process now.

2) The IP address of the double NATed RV042 is 10.0.0.3.  Is this throwing off the VPN connection?

What else should I check?

3 REPLIES
Community Member

RV042 to RV042 Behind Existing Router

Do both RV042 have public IP on their WAN interfaces? What are LAN subnets?

Community Member

RV042 to RV042 Behind Existing Router

Only 1 has a public IP (previously both did).

192.168.10.x

192.168.111.x

Community Member

RV042 to RV042 Behind Existing Router

Hm...there is no conflict between IPs on the LAN and WAN side...in that case I would do this:

-Take out the RV042 on Location 2 from DMZ, then put it behind NAT, turn off all firewall..

-Make configuration where one router on Location 1 has static public IP, and second router on Locaion 2 is behind firewall n this situation Remote Security Gateway Type setting on router in Location 1 should be Dynamic IP + FQDN or Dynamic IP + Email Address, and Local Security Gateway Type on router in Location 2 should be Dynamic IP + FQDN or Dynamic IP + Email Address)...

You can find the guide to configure this on this

link: http://www.cisco.com/en/US/docs/routers/csbr/app_notes/rv0xx_g2gvpn_an_OL-26286.pdf

in section Site with a Dynamic WAN IP Address

Good Luck,

868
Views
0
Helpful
3
Replies
CreatePlease to create content