Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Linksys vpn router

Posted on 2008-06-11
10
423 Views
Last Modified: 2011-10-19
This may get a little complicated so bare with me :)

We have a vpn tunnell setup with 2 linksys routers.  Now What I would like to do is program a seperate tunnell using a second router on a dsl line.  This way if our cable line goes out, we can utilze the vpn tunnels through our dsl line.   Here is my question

Currently I tell the vpn router that our remote secure ip scheme is 10.1.10.0    , well I need to add a second remote secure group, however it uses that same scheme of 10.1.10.0  so if I connect both tunnels one through the dsl and one through the cable, how does the router know which one to send the traffic through ? ?

Thanks
0
Comment
Question by:level9tech
  • 5
  • 5
10 Comments
 
LVL 32

Expert Comment

by:LucF
ID: 21764451
Hello level9tech,

Which routers are you using and what is the current network setup or the network setup you're trying to archieve?
For example the Linksys RV082 has two WAN ports and supports VPN backup in case the first link goes down.

Regards,

LucF
0
 

Author Comment

by:level9tech
ID: 21765801
Well We are currently using the linksys vpn routers that support 50 tunnels.  The issue is that 4 of our remote offices connect to our main office.  The main office has 2 internet lines.  If I were to use the router you suggested , I can't understand how it will maintain the vpn tunnel?

I can see how it will fall back and provide internet, but how does it know to establish a tunnel through the other public IP?   I mean if I were to setup multiple tunnels I don't understand how it knows which one to use when the other is down ?



0
 

Author Comment

by:level9tech
ID: 21765889
Let me further elaborate.

So if I setup two seperate tunels below.

if I setup on our router (the one you suggest) that the remote secure group is 192.168.101. 1 on wan port 1
Thank I setup a separate tunnel, remote secure group of 192.168.101.1 on wan port 2

So when a user requests something on the 192.168.101.1 subnet how does the router know which one to send the traffic to, or does the backup vpn work an entirely different way?  

0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 32

Expert Comment

by:LucF
ID: 21767911
Hello level9tech,

The VPN backup works in a slightly different manner, you don't have to build two tunnels.
You build one tunnel between the two locations and assign it to WAN1, in the advanced settings you have the option for a tunnel backup which will use WAN2 only when the VPN connection over WAN1 goes down and can not be reconnected (for example when the internet on that port falls)

If needed I can make some screenshots of a sample setup.

Regards,

LucF
0
 

Author Comment

by:level9tech
ID: 21768905
Well what do I do on the other sites, setup a tunnel with WAN 2s public address that will stay disconnected until it goes onto it for backup ?  
0
 
LVL 32

Accepted Solution

by:
LucF earned 500 total points
ID: 21769727
Hello level9tech,

On the other sites you just keep the tunnel as-is, except that it can not be targetted by IP anymore so you'll have to use for example the "Any" functionality for remote gateway with additional authentication.

So, the VPN connection will be between WAN1 of the RV082 to the remote device and in the case of this connection going down, the backup will be between WAN2 of the RV082 and the same remote device.

One thing though, you mentioned "We are currently using the linksys vpn routers that support 50 tunnels." so I'm wondering which device you're using. The RV082 supports 100 tunnels and the RV042 supports 50 but doesn't have the option for VPN backup. Can you please verify?

Regards,

LucF
0
 

Author Comment

by:level9tech
ID: 21769948

How do you not target it by IP , It looks to me on (BEFVP41)  I have to setup remote security gateway by IP?  Below is more of the details you requested.




I purchased the one you suggested today for our main site (RV082)  

And at our remote sites we have (BEFVP41)



0
 
LVL 32

Expert Comment

by:LucF
ID: 21770977
Hi level9tech,

Attached you'll find two images. In the BEFVP41, you can for example use the "Any" function to have the router accept VPN connections from different IP's. You can see this in "remote gateway.jpg"

In the RV082 you can enable the tunnel backup to use the same IP adres as the original tunnel as shown in "backup.jpg". Of course this implies you have a static IP on the locations with the BEFVP41's.

Regards,

LucF
Remote-gateway.jpg
backup.jpg
0
 

Author Comment

by:level9tech
ID: 21771005
What is the remote backup IP Address ?   Is that the local IP of the router ?  

0
 
LVL 32

Expert Comment

by:LucF
ID: 21771036
Hi level9tech,

When setting up the initial VPN, as remote gateway you'll set the public IP of the BEFVP41. The same IP is to be used for the backup of the VPN as there's no additional connection at that place with another public IP.

Regards,

LucF
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question