08-31-2010 10:10 AM
Hi,
I am using the Cisco WRV210 VPN router. I have it set up at a local office and have the remote office setup with Quick VPN to connect to it. The local office has a static IP address and the remote office can connect to it through Quick VPN. The remote office computer can ping the WRV210's private IP address.
But it cannot ping any of the local workgroup computers or connect to them for that matter. I tried turning the firewall off on the local server computer but it didn't work.
Any ideas?
08-31-2010 10:26 AM
Hi,
I'm not used to set up VPNs using the WRV210 but one problem could be the default gateaway (the local computers should have a default gateway to the private IP of the WRV210 if there's no other device in between).
Federico.
08-31-2010 10:43 AM
Frederico:
Thanks for that. Let me better explain the topology of the local network: all computers connect to the WRV210 and are assigned IP addresses from its DHCP pool. Basically the local office works like this:
Client Computers -> WRV210 (DHCP, AT&T DNS, DSL logon info, Public IP) -> 2wire Modem (bridged mode) -> Internet
You're saying that the local client computers should have a default gateway pointing to the router? Wouldn't they already?
08-31-2010 12:26 PM
According to the setup you mentioned, the LAN should already point to the WRV210 as default gateway.
The IP addresses assigned to the VPN clients are in a separate subnet as the local LAN?
If you can PING the private IP of the WRV210 from the VPN client, then traffic is flowing through the VPN tunnel, that's why I was thinking that the local computers might not be returning the traffic.
Federico.
08-31-2010 01:02 PM
According to the setup you mentioned, the LAN should already point to the WRV210 as default gateway.
The IP addresses assigned to the VPN clients are in a separate subnet as the local LAN?
If you can PING the private IP of the WRV210 from the VPN client, then traffic is flowing through the VPN tunnel, that's why I was thinking that the local computers might not be returning the traffic.
Federico.
The local lan uses 10.0.0.0/24; the Remote office uses 10.10.10.0/24. So yes, they're in a seperate subnet.
The remote office, I believe, works as follows:
Client Computers --> Linksys Router (10.10.10.0/24) --> Verizon FiOS (Don't know the internal address) --> Internet
Even though I don't know the internal address between the two remote routers, it shouldn't matter right?
08-31-2010 01:12 PM
The local lan uses 10.0.0.0/24; the Remote office uses 10.10.10.0/24
You can PING each side's private IP from the other side?
10.0.0.0/24 --- WRV210 --- Internet --- VPN_device -- 10.10.10.0/24
So, from the 10.0.0.0.24 subnet you can PING 10.10.10.x? (Inside IP of the VPN_device)
From the 10.10.10.0/24 you can PING 10.0.0.x (inside IP of the WRV210)?
Federico.
09-01-2010 01:09 PM
Frederico:
I changed the network a bit for more convenience. I now have QuickVPN running on a virtual machine at my home computer. This is how it looks:
Virtual Machine (192.168.75.129/24) --> VM's Default Gateway (192.168.75.2) --> Linksys Home Router (192.168.1.1/24) --> Internet --> Branch Office (AT&T DSL) --> 2wire (Bridged) --> Cisco WRV210 (10.0.0.1/24) ---> Branch Office Computers
To answer your questions:
Once connected, my virtual machine can ping the branch office router's internal IP address (10.0.0.1) and I can login to the router's web page.
Inside the branch router's web page, I can ping the internal computers, but not my home's default gateways or PCs.
So it seems like it's a firewall issue that may be taking place. Any suggestions?
09-01-2010 04:25 PM
I have a question.
You have a site-to-site VPN connection between the linksys and the WRV210?
Or a QuickVPN connection between a single computer on your side terminating on the WRV210?
If you have a site-to-site VPN there should be complete communication between the 192.168.75.x and 10.0.0.x subnets.
If you have a Client connection to the WRV210, then only that single PC should access the remote site.
Federico.
09-01-2010 06:28 PM
It's the way you described it as a Client connection. I'm basically using QuickVPN client on my local machine to access the office's computers behind the WRV200 installed there.
09-02-2010 07:28 AM
Ok, it is clear now thank you.
Then, the VPN client connection from your VM connects succesfully to the WRV210 and you can access it from the private side.
The problem remaing still is that you cannot communicate from your VPN client to the branch computers?
Federico.
09-02-2010 08:02 AM
The problem remaing still is that you cannot communicate from your VPN client to the branch computers?
That's partially true. I can ping the branch computers if their firewall is turned off. Still can't connect but was somehow able to get a login dialog when trying to access a share.
I'm convinced that it's an incompatibility issue with Windows Vista. I dont' want to waste anymore time on it so I'll be looking for something else. Any suggestions?
09-02-2010 08:05 AM
Well...
I've never have a problem with the 800 series routers.
If the problem is with vista, why don't try windows 7 maybe?
Federico.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: