RV320 "Router Mode" Not Working

Taylor Vick · ‎10-21-2014

Alright, here's the situation:

I have three RV320 routers and a small block of public IP addresses from my ISP. Currently, I have one router setup in router mode that acts as my border router. It is connected directly to my DSL modem and I've subnetted my public address space into three different VLANs. Then, connected to the border router are two additional routers; one for each VLAN. The border router is in "router" mode and the two additional routers (lets call them core routers) are in "gateway" mode. I also have one-to-one NAT for some public facing servers. I have the two core routers connected with a gateway to gateway VPN tunnel to connect each side within the private 10.X LAN. This VPN tunnel is horrible and is always dropping the connection, failing to pass packets, and after a few days just fails to work all together. I see no reason this should happen since these boxes are literally a single hop apart.

Anyways, what I'd like to do is reconfigure the setup so that the border router becomes a gateway and the core routers become actual routers instead of doing NAT. Essentially remove the routing of the public address space I currently have set up.

So, I created the following two VLANs on the border router:

VLAN-114

Router IP Address: 10.114.1.31

Mask: 255.255.255.192

and

VLAN-142

Router IP Address: 10.142.1.31

Mask: 255.255.255.192

Then, on one core router, I changed the WAN1 IP address to 10.114.1.1 with a mask of 255.255.255.192. I can ping the border router and vice versa. Then I switch the router from "gateway" mode to "router" mode and my connection drops and I can no longer ping back and forth.

Same situation with the other router. If I leave them in gateway mode I can ping the WAN IP address from a host within each LAN but I cannot ping a host within the opposing LAN. i.e. From a host behind core router one (10.114.1.1) I can ping core router two (10.142.1.1) but I cannot ping a host beyond that. Does that make sense? If I switch from gateway to router mode, then I can't ping anything. What is going on here? I tried manually adding routing table entries in all sorts of ways with no luck. The firewalls are turned off. Am I missing something? The Cisco documentation says router mode is used if another gateway is hosting the internet connection (which there is, the border router) and there are other routers on the network. What I'm trying to accomplish should be possible but I can't seem to make it work.

Any help is greatly appreciated and let me know if I need to clarify anything. The attached picture is what I'm trying to accomplish. the .251.2## addresses are my public addresses.

Thanks!

Nagaraja Thanthry · ‎10-29-2014

Hello TaylorVick90,

First of all, the IP address you have used on the VLAN's seem to be broadcast address for that subnet (10.114.1.31/27). Secondly, have you tried configuring the devices in router mode and then turn on dynamic Routing protocol like RIP to see if that would help? Also, please check out the below link that may help.

http://sbkb.cisco.com/CiscoSB/ukp.aspx?vw=1&docid=e3ab11fbd8a548a9b658c734062ada17_Advanced_Routing_Configuration_on_RV320_Routers.xml&pid=2&respid=0&snid=9&dispid=0&cpage=search

Nagaraja

Taylor Vick · ‎10-29-2014

Hello Nagaraja, thank you for your response!

I did notice my addresses were incorrect when I did the setup but even changing them from 31 to 30 did not fix the problem. I did not try turning on RIP.

As an alternate setup, is there a way to route traffic to specific WAN ports? In other words, I want all the 10.0.0.0/8 traffic to go through WAN2 with no NAT, and all other traffic over WAN1 with NAT. Would that be possible? Then I can just connect the two routers together instead of using VPN.

Thanks again!

Taylor

Nagaraja Thanthry · ‎11-02-2014

Hello TaylorVick90,

Are the two networks co-located? If yes, would you be able to use a single router (Border Router) with Two VLANs for the two private networks? If that is not possible, can you please share the screenshots of the configuration pages on the RV320? VLAN configuration page & Static Route Configuration page on the Border RV320, Static Route Configuration Page on Core Routers, and a screenshot of "TraceRoute" output from one of the hosts connected to the core Router?

Thanks,

Nagaraja

Taylor Vick · ‎11-07-2014

Well I've added a layer 3 switch connected to each router on port LAN2.

10.33.0.0/16 RV320 (R1) --> L3 switch (S1) <-- 10.11.0.0/16 RV320 (R2)

I created a new VLAN for routing between subnets. I assigned addresses for each router and the switch on the new VLAN.

R1 - 10.114.0.1/29

R2 - 10.114.0.2/29

S1 - 10.114.0.3/29

Inter-VLAN routing is enabled on each router. I created the following routing tables in the switch:

10.33.0.0 /16 10.114.0.1

10.11.0.0/16 10.114.0.2

In each router, I created similar routing tables under advanced routing. From the switch, I can ping addresses in each subnet. From each subnet, I can ping the switch and respective router but not the corresponding next hop. So, from 10.11.110.1 I can ping 10.114.0.2 and 10.114.0.3 but not 10.114.0.1. Same from the 10.33/16 subnet.

I just don't understand what is wrong here and why this will not work across routers. Both with or without the switch.

Screenshots of the setup are attached.