Onward (static) routing using Linksys VPN routers

Posted on 2004-11-07
Last Modified: 2010-05-18
I have a Linksys AG041 ADSL router (available in Europe and Australia only I think) attached via a VPN to a Linksys RV082 in our central office. The private NAT addresses are and respectively. I have set up the VPN and devices on both networks can see each other through the tunnel.
The 192.168.121 central office network is a hub with a number of other networks connected via leased lines and isdn. Another router (a Cisco) at handles these connections - for example to 192.168.106.N.
My question is how do I set up my Linksys routers so that traffic from my 192.168.101 network can route via VPN to then to to get to 192.168.106.N?  I already have a static route set up in the router and I can ping it from 192.168.101.N. I have tried but I can't work out the static routes etc to make it go any further. Has anyone out there done something similar and would like to share how it's done? I have attempted a simple diagram below.
Thanks and regards
John Ellison

                     Internet/VPN                         Central network
AG041 router ---------------> RV082 router -------------------> Cisco router ----> Other networks
192.168.101.N                           192.168.N.N
Question by:jellison
    LVL 7

    Expert Comment

    can you ping cisco router
    LVL 1

    Author Comment

    Sorry - should have said. Yes I can - and any other device on the 192.168.121 net.
    One strange thing (with the Linksys AG041) is that when the VPN is up it doesn't show anything in the routing table. It obviously knows the remote net is there and how to route to it though. That makes it difficult to know what to add to the static route table to make it work.
    LVL 79

    Accepted Solution

    All you should need to do on the Linksys is add all the other subnets as remote secure groups. This is how it handles the routing through a VPN.
    I don't think that the Linksys will handle supernets, like, but it should handle multple tunnels. On my Linksys WRV54G, I have to make two named tunnels to the same endpoint to get to two separate class C networks, i.e. and My Linksys will not allow a single tunnel to / ..

    On the flip side, the Cisco router also needs to have a static route statement in it that points all traffc to the 192.168.101.x subnet to the RV082:
       ip route

    LVL 1

    Author Comment

    Ok, I see what you are getting at. I will try it tomorrow when there is someone in the office to recover from any problems. If it does mean a tunnel for each class C net that's a pain - there are only 5 VPN's on the ADSL and we have more networks than that. But I will try the theory.
    Have you had any experience of Linksys support?  They are quite fast at responding but the answer they gave me to this issue was "Static Routing is not supported by a Linksys Techsupport, we can only provide documentation." Hmph. Wy make routers with static route capability if you can't support em. Perhaps I was banging on the wrong door!
    LVL 1

    Author Comment


    Well - the "parallel VPN tunnels" didn't work. The RV082 wouldn't allow two VPNs to go to the same endpoint address. But your comment about supernets got me thinking. The AG041 doesn't put the address of the other end of the VPN it's routing table - it just "knows" that the address is there. So if I change the other end of the tunnel to be with a mask of will it just "know" that all 192.168 addresses should go via the tunnel and the RV082 can sort out the routing from there. Guess what - that's exactly how it works!  All I needed to do was set some static routes in the RV082 to tell it how to get to the rest of the networks and everything is now working. One tunnel, multiple networks.
    So although you didn't hit the nail on the head it got my thought processes going enough to get it working. So I think it's only fair you get the points. Many thanks for your input - especially on a Sunday!

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
    Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now