Cisco Support Community
Community Member

RV042 Site-to-Stie VPN with NAT on one side

I set up a site-to-site VPN using two RV042s some time ago.  One was behind a NATting router.  The other was the internet interface itself.

Somewhere I had found a paper describing how to do this.  It said that only ONE of them could be behind another NATting router.  So, that's how this was set up.  I sure wish I could find that paper again!!!  Any suggestions?


Now I have to do the same thing again but can't get it working.  It looks like this:

RV042 VPN public address <> cable modem <> internet <> RV042 "firewall" with IPSEC passthrough enabled <> interim subnet LAN <> RV042 VPN <> LAN

I'm getting log messages and on the remote site log (the left side of the above) like:

initial Aggressive Mode packet claiming to be from [] on [same] but no connection has been authorized 


No suitable connection for peer '', Please check Phase 1 ID value 

(where is the IP address of the RV042 WAN port on the interim subnet)


I have them both in Aggressive mode as eventually I'll be using a dyndns url.  But, for now, I'm using the actual IP addresses so that should not be an issue one way or the other..

Everyone's tags (3)
CreatePlease to create content