cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2549
Views
5
Helpful
6
Replies

Using RV042 in series with another router

bob.hornick
Level 1
Level 1

In the past, I have been able to put two Linksys routers in series no problem but this doesn't seem to work with an RV042.

I have a number of customers that need to connect to a private email network via a router based VPN, but since VPN traffic is not filtered in the firewall, I would like to use an older Linksys router to manage the VPN(s) and have it pass data in through the filters of an RV042 on the DMZ port.

Example:

              +-------------------+

              |     RV042         |

              |            WAN IP |--------------------------- Internet

192.168.1.x --| 192.168.1.1       |

              |                   |       +---- Linksys ----+

              |       192.168.2.2 |--DMZ--| 192.168.2.1 VPN |--Internet

              +-------------------+       +-----------------+

I am getting stuck on the very frist part of this. Although I can connect to both the RV042 and LinkSys directly (by adjusting my subnet), I cannot ping the Linksys when it is connected through the DMZ port even if I disable the RV042 Internet port.

I know both the Internet and DMZ ports work on the RV042. I suspected that perhaps the RV won't pass through private IPs and tried known available pubic IPs instead of the 192.168.2.x subnet, but still no ping.

What would be limiting the RV in this case? Is is possible to setup the RV to work in series with another router? Is there any other way to filter VPN traffic?

Thanks,

Bob.

6 Replies 6

paolo bevilacqua
Hall of Fame
Hall of Fame

Wrong froum, try "small business - routers". You can move your post using the Actions Panel on the right.

TL-MiLeRE
Level 1
Level 1

Dear Bob.

We're having a quite similar combination/problem. Did you have any Luck with your kind of setup?

Regards

Michael

Michael,

No - never got anywhere with it.

Good luck - please post a solution if you find one.

Thanks,

Bob.

My first thought is that there MUST be a better way for you to go about this, but I'll let that go for now.

Have you superseded the default DMZ blocking by adding Allow rules to the firewall on the RV042?

Have you disabled the "Block WAN Request" setting on the Firewall-General tab (not sure if this is necessary)

It could be that the 192.168.2.x network doesn't know to go through  192.168.2.2 to access the LAN because it has a gateway address of  192.168.2.1, or possibly no gateway at all.  I am not sure what is  required here, but have you set up custom routing to handle this?

Maybe you could utilize the multiple LAN subnet or port-based VLAN features on the RV042 and forget the DMZ altogether. 

Hi, to add to this post, please reference "transparent bridge". It is only available on the RV042 models.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

working with another post on this forum may have revealed a solution for you...

It appears that VPN connections to the RV042 (Gateway-to-Gateway) only bypass the default firewall rules, but are filtered by custom rules.  Just add the custom rules you need with source interface WAN and destination of (single IP or range) in your LAN, and it should work without the extra router (not to mention the extra headaches!!).

The only gotcha is if you are using port forwarding (Forwarding or UPnP) for the same services you are blocking on the VPN, you would have to only block the VPN subnet ranges or the forwarding would also be blocked.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: