cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1917
Views
0
Helpful
11
Replies

VPN on the WRV210 working, but can't access workgroup computers?

orielonline
Level 1
Level 1

Hi,

I am using the Cisco WRV210 VPN router.  I have it set up at a local office and have the remote office setup with Quick VPN to connect to it.  The local office has a static IP address and the remote office can connect to it through Quick VPN.  The remote office computer can ping the WRV210's private IP address.

But it cannot ping any of the local workgroup computers or connect to them for that matter.  I tried turning the firewall off on the local server computer but it didn't work.

Any ideas?

11 Replies 11

Hi,

I'm not used to set up VPNs using the WRV210 but one problem could be the default gateaway (the local computers should have a default gateway to the private IP of the WRV210 if there's no other device in between).

Federico.

Frederico:

Thanks for that.  Let me better explain the topology of the local network: all computers connect to the WRV210 and are assigned IP addresses from its DHCP pool.  Basically the local office works like this:

Client Computers -> WRV210 (DHCP, AT&T DNS, DSL logon info, Public IP) -> 2wire Modem (bridged mode) -> Internet

You're saying that the local client computers should have a default gateway pointing to the router?  Wouldn't they already?

According to the setup you mentioned, the LAN should already point to the WRV210 as default gateway.

The IP addresses assigned to the VPN clients are in a separate subnet as the local LAN?

If you can PING the private IP of the WRV210 from the VPN client, then traffic is flowing through the VPN tunnel, that's why I was thinking that the local computers might not be returning the traffic.

Federico.

According to the setup you mentioned, the LAN should already point to the WRV210 as default gateway.

The IP addresses assigned to the VPN clients are in a separate subnet as the local LAN?

If  you can PING the private IP of the WRV210 from the VPN client, then  traffic is flowing through the VPN tunnel, that's why I was thinking  that the local computers might not be returning the traffic.

Federico.

The local lan uses 10.0.0.0/24; the Remote office uses 10.10.10.0/24.  So yes, they're in a seperate subnet.

The remote office, I believe, works as follows:

Client Computers --> Linksys Router (10.10.10.0/24) --> Verizon FiOS (Don't know the internal address) --> Internet

Even though I don't know the internal address between the two remote routers, it shouldn't matter right?

The local lan uses 10.0.0.0/24; the Remote office uses 10.10.10.0/24

You can PING each side's private IP from the other side?

10.0.0.0/24 --- WRV210 --- Internet --- VPN_device -- 10.10.10.0/24

So, from the 10.0.0.0.24 subnet you can PING 10.10.10.x? (Inside IP of the VPN_device)

From the 10.10.10.0/24 you can PING 10.0.0.x (inside IP of the WRV210)?

Federico.

Frederico:

I changed the network a bit for more convenience.  I now have QuickVPN running on a virtual machine at my home computer.  This is how it looks:

Virtual Machine (192.168.75.129/24) --> VM's Default Gateway (192.168.75.2) --> Linksys Home Router (192.168.1.1/24) --> Internet --> Branch Office (AT&T DSL) --> 2wire (Bridged) --> Cisco WRV210 (10.0.0.1/24) ---> Branch Office Computers

To answer your questions:

Once connected, my virtual machine can ping the branch office router's internal IP address (10.0.0.1) and I can login to the router's web page.

Inside the branch router's web page, I can ping the internal computers, but not my home's default gateways or PCs.

So it seems like it's a firewall issue that may be taking place.  Any suggestions?

I have a question.
You have a site-to-site VPN connection between the linksys and the WRV210?
Or a QuickVPN connection between a single computer on your side terminating on the WRV210?

If you have a site-to-site VPN there should be complete communication between the 192.168.75.x and 10.0.0.x subnets.
If you have a Client connection to the WRV210, then only that single PC should access the remote site.

Federico.

It's the way you described it as a Client connection.  I'm basically using QuickVPN client on my local machine to access the office's computers behind the WRV200 installed there.

Ok, it is clear now thank you.

Then, the VPN client connection from your VM connects succesfully to the WRV210 and you can access it from the private side.

The problem remaing still is that you cannot communicate from your VPN client to the branch computers?

Federico.

The problem remaing still is that you cannot communicate from your VPN client to the branch computers?

That's partially true.  I can ping the branch computers if their firewall is turned off.  Still can't connect but was somehow able to get a login dialog when trying to access a share.

I'm convinced that it's an incompatibility issue with Windows Vista.  I dont' want to waste anymore time on it so I'll be looking for something else.  Any suggestions?

Well...

I've never have a problem with the 800 series routers.

If the problem is with vista, why don't try windows 7 maybe?

Federico.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: