Using Cisco/Linksys RV042, RV0XX Routers in "Router" Mode

hypercubeConsultant
CERTIFIED EXPERT
Published:
We've been using the Cisco/Linksys RV042 for years as:
- an internet Gateway
- a site-to-site VPN device
- a leased line site-to-site subnet-to-subnet interface
(And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's a caveat.)

In the first case, the WAN interface connects to or toward the internet connection or the "outside world".

In the VPN case, the WAN interface connects to or toward the internet connection or the "outside world".

In the site-to-site case we started in the same fashion with the WAN interface connecting to the "outside world" connection and the LAN ports, as usual, on the LAN in each instance.  
It turns out this was a mistake as soon as we needed to do more than connect subnets.  Like this:

Router A ... LAN 192.168.1.0/24 IP 192.168.1.101 ... WAN 192.168.200.201/24 ... Gateway 192.168.200.201

Router B ... LAN 192.168.2.0/24 IP 192.168.2.102 ... WAN 192.168.200.202/24 ... Gateway 192.168.200.202

Router C ... LAN 192.168.3.0/24 IP 192.168.3.103 ... WAN 192.168.200.203/24 ... Gateway 192.168.200.203


As you probably know, there is little written about the internal architecture of the RV0xx routers.  So much is left to guesswork and/or doing some lab characterization.  This article is a combination of doing both while not being an exhaustive treatment of lab characterization tests ... which I'd still like to do.

Question:
"What if I want to connect subnet to subnet AND have the internet access provided on only one of them?"

Answer:
"In that case you need to point the WAN side of each RV0xx *toward the internet connection*.  
That's really all there is to it.  

There are two key setting places that need attention.  But first, let's make sure that we're talking about an RV042 that's set in "Router" mode on the Setup / Advanced Routing page.  It seems that this setting is equivalent to NAT / No NAT but it doesn't change the device into one that doesn't care which end is which!!

Now on to the critical settings assuming that Router A is on the subnet with the needed internet connection.

1.  The first is the Setup / Network page:

Here we see the WAN settings.  Here's an opportunity to enter a Gateway address.
If all the device is doing is connecting two subnets through an interim subnet with the WAN sides on the "outside" then you can enter the WAN IP address here.
But, if the device is also providing internet access then you will want to enter the next hop gateway address.

Maybe it was dumb of me but I found out the hard way that you can't enter an address on the LAN subnet for the Gateway.  After all, this section does say "WAN"!!  If you do that you don't get a default route - which is a hint that it's not really the right idea.

Let's suppose that you have the connection as above:

3 sites connected with private lines through a switch.  Maybe it's a set of leased lines connected in a VLAN.  So each of the lines looks into the equivalent of a private switch that connects them all together.
At each site you have a terminating RV042 device.

Let's just assume that, as above, all the WAN ports of the RV042's are connected to the private lines with the LAN side on each subnet - as above.

Now let's assume that we want to get internet access for all the subnets from just one site because it has a "big pipe" compared to the other 2 sites.

In order to apply the rule, we need to change around the RV042 that's at the site that will provide the high speed internet access.  We need to connect the LAN side of Router A to the private line and the WAN side of Router A to the LAN.  That makes it just like cascaded NAT routers are connected!  So that shouldn't be too unfamiliar or strange ... even though it's not acting as a NAT device.

Like this:

Router A ... LAN 192.168.200.201/24 IP 192.168.200.201 ... WAN 192.168.1.0/24 ...     Gateway 192.168.1.xxx

Router B ... LAN 192.168.2.0/24     IP 192.168.2.102 ...   WAN 192.168.200.202/24 ... Gateway 192.168.200.202

Router C ... LAN 192.168.3.0/24     IP 192.168.3.103 ...   WAN 192.168.200.203/24 ... Gateway 192.168.200.203

Then, in the LAN setting of Router A, we enter:
- the IP address for the interim connecting subnet
- the subnet mask for the interim connecting subnet

And, in the WAN setting of Router A, we enter:
- the device's own LAN IP address
- the LAN subnet mask
- the LAN internet Gateway address
- the LAN DNS address (often the same as the Gateway address)

Once it's connected, the default route to the Gateway will show up in the routing table in Setup / Advanced Routing / Show Routing Table.

2.  The second set of settings is in Setup / Advanced Routing.

Here there should be a route to each of the "other" subnets using the interim subnet.

Router B would have had;

- Destination 192.168.1.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.201
- Interface: WAN1

and

- Destination 192.168.3.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.203
- Interface: WAN1

Router C would have had:

- Destination 192.168.1.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.201
- Interface: WAN1

and

- Destination 192.168.2.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.202
- Interface: WAN1

Router A would have had:

- Destination 192.168.2.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.202
- Interface: WAN1

and

- Destination 192.168.3.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.203
- Interface: WAN1

***But, in order to "turn around" Router A we would do this:

Router A will now have;

- Destination 192.168.2.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.202
- Interface: LAN <<<< Note the change here.

and

- Destination 192.168.3.0
- Subnet: 255.255.255.0
- Default Gateway 192.168.200.203
- Interface: LAN <<<< Note the change here.

and in the routing table we should see the equivalent of:

- Destination default
- Subnet 0.0.0.0
- Default Gateway 192.168.1.ZZZ  ,,, the LAN Gateway IP Address
- Interface: ixp1
1
10,749 Views
hypercubeConsultant
CERTIFIED EXPERT

Comments (2)

Thought I might get some expert up to date advice so spent 15 agonizing minutes signing up for trial.  By the time I had done that (had to go thru the form part twice just because I wanted to read the policies before clicking start trial.  By then, the article I was reading was long gone. And oddly, the same search that brought it up when not member returned no results after signing up. As for addressing VPN settings on at&t junk router/modem (manual - NO ONE CAN FIND ONE). I could continue on tips - but there was nothing slightly applicable beyond stuff any fairly knowledgable user would know - and many security settings are controversial depending on what article you read. It's now working - but we will see when I update my iPhone tonight. Oh boy!
hypercubeConsultant
CERTIFIED EXPERT

Author

Commented:
?? Perhaps you meant to post this somewhere else??

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.