VPN and Routing in one box
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||||||||
|
Posted by Fred Marshall on September 8, 2007, 8:44 pm
Please log in for more thread options out of the VPN. Any suggestions for a simple router that will do this? Thanks, Fred | ||||||||||||||||||||||
|
Posted by Rick Merrill on September 9, 2007, 8:31 am
Please log in for more thread options Check SonicWall - maybe. | ||||||||||||||||||||||
|
Posted by Rome On Crestes on September 9, 2007, 9:02 am
Please log in for more thread options Fred Marshall wrote:
> I need a router that can be a VPN end point AND will route packets coming
> out of the VPN. > > Any suggestions for a simple router that will do this? > > Thanks, > > Fred Linksys RV042 will do that. | ||||||||||||||||||||||
|
Posted by Fred Marshall on September 10, 2007, 2:49 pm
Please log in for more thread options
> Fred Marshall wrote:
>> I need a router that can be a VPN end point AND will route packets coming
>> out of the VPN. >> >> Any suggestions for a simple router that will do this? >> >> Thanks, >> >> Fred >
> Linksys RV042 will do that. Oh! How I wish that were true as I have a number of them on hand! I have done a number things to make them do it and have become convinced that they can't. I'd be very happy to be found deficient in my thinking / testing or configuration. Here is the scenario: Subnet 1 < VPN > Subnet 2 > [router] > Subnet 3
192.168.1.0 192.168.2.0 192.168.3.0
Packets originate in Subnet 1, destined for Subnet 3. The VPN (Subnet 1 end) is the first hop. When packets arrive via the VPN at Subnet 2, they have to be routed to a particular router / IP address on Subnet 2, which is the next hop in order to be further routed to Subnet 3. Thus, a route has to be effective at the Subnet 2 end of the VPN that sends packets destined for Subnet 3 to the router on Subnet 2. (The return path is already taken care of separately). That route might look like this: 192.168.3.0 255.255.255.0 192.168.2.199 where .199 is the address of the router on Subnet 2. Here is the setup I used: Subnet 1 < RV042 VPN > Subnet 2 > [router] > Subnet 3
192.168.1.0 192.168.2.0
192.168.3.0 The RV042 Tunnel goes from 192.168.1.0 to 192.168.3.0 The Subnet 2 RV042 VPN end LAN is on subnet 2. The static route in the Subnet 2 RV042 points packets destined for Subnet 3 to the [router] on Subnet 2. Packets destined for Subnet 3 are routed to the VPN on Subnet 1. When they come out of the VPN, there needs to be something to tell them to go to the [router] as the next hop. Thus the static route. I have rather conclusively shown that the static route does nothing. So, I wonder what I'm missing? --- What one can't do is to have the "forward" VPN Tunnel defined between Subnet 1 and Subnet 2. Then packets destined for Subnet 3 won't *enter* the tunnel at the source end. Thus, it appears a static route at the receiving end is necessary. Then a separate tunnel between Subnets 1 and 2 can be used as the return path without this kind of problem. Thanks, Fred | ||||||||||||||||||||||
| Similar Threads | Posted |
| VPN routing.... | December 12, 2006, 12:26 pm |
| VPN and Routing in one box | September 8, 2007, 8:44 pm |
| VPN routing | October 15, 2007, 5:18 pm |
| Need help routing IPX over IPsec | February 11, 2005, 2:35 am |
| VPN and routing between branches | July 21, 2005, 2:00 pm |
| openvpn and routing | February 6, 2006, 12:50 pm |
| E-mail routing over VPN | January 17, 2006, 11:50 am |
| Cisco VPN Routing | November 26, 2006, 9:06 am |
| VPN Internet routing problem | January 10, 2006, 4:23 am |
| VPN Routing Tables for Dummies? | February 6, 2007, 5:25 pm |
| openvpn Routing Problem | October 31, 2006, 7:58 am |
| Routing problem causing problems with VPN? | May 5, 2005, 1:22 am |
| Routing between VPN's on a Cisco Pix506E? | April 5, 2006, 1:28 pm |
| Routing problem over VPN from Vigor 2600+ to Netscreen 5GT | June 1, 2005, 10:31 pm |
| Routing issue and VPN issue | January 23, 2006, 12:00 pm |
> out of the VPN.
>
> Any suggestions for a simple router that will do this?
>
> Thanks,
>
> Fred
>
>