JoeMcGivern
asked on
Cannot Route Internet traffic over Linksys RV042 Site 2 Site VPN .
Hi All,
I have a site to site VPN created between 2 x Linksys RV042 Routers.Site A and B. I am trying to route all site A internet traffic over the VPN so all internet comes from the public IP address of site B. I can ping all IP addresses on B from A and get on to the site B router browser over the VPN so the link is OK but I cannet route internet traffice from site A over the VPN to site B and out.
I have got this going on other routers before but don't seem to have the options on the RV042. Has anybody come acroos this before..
I have a site to site VPN created between 2 x Linksys RV042 Routers.Site A and B. I am trying to route all site A internet traffic over the VPN so all internet comes from the public IP address of site B. I can ping all IP addresses on B from A and get on to the site B router browser over the VPN so the link is OK but I cannet route internet traffice from site A over the VPN to site B and out.
I have got this going on other routers before but don't seem to have the options on the RV042. Has anybody come acroos this before..
ASKER
I think I do have that option. I can't access it now but will take a look later..
Will keep you posted..
Joe
Will keep you posted..
Joe
ASKER
No Joy that does not work. What IP settings should have on the computers on Site ? Should the GW be 192.168.2.199
The gateways should be the linksys routers. Since you didn't give any subnets I don't know the ips
ASKER
Hi Mike,
Thanks for you help on this I am infront of it now so here is more detail
Site A - 192.168.1.0 / 255.255.255.0 / GW - 192.168.1.100
Site B - 192.168.2.0 / 255.255.255.0 GW - 192.168.2.100
Site A the linksys is in router mode and Site B the linksys us in Gateway Mode.
I have switched the VPN setting back to origional state with local and remote 192.168.1.0 and 2,0 . Visa Versa. From the PC ( Site A)I can ping everything and browse the router on Site B but internet access. Also from the site A router diagnostics I can ping external IP address and resolved external DNS so the routing is working over the VPN but not with the PC.
Should I add a route on the PC?
Thanks for you help on this I am infront of it now so here is more detail
Site A - 192.168.1.0 / 255.255.255.0 / GW - 192.168.1.100
Site B - 192.168.2.0 / 255.255.255.0 GW - 192.168.2.100
Site A the linksys is in router mode and Site B the linksys us in Gateway Mode.
I have switched the VPN setting back to origional state with local and remote 192.168.1.0 and 2,0 . Visa Versa. From the PC ( Site A)I can ping everything and browse the router on Site B but internet access. Also from the site A router diagnostics I can ping external IP address and resolved external DNS so the routing is working over the VPN but not with the PC.
Should I add a route on the PC?
From the PC, try pinging 4.2.2.2 . Do you get a reply? If you do, then try pinging www.yahoo.com so see if you are having a dns issue perhaps.
ASKER
Request times out..
If your default gateway for the SiteA PC is the SiteA router then no other route is needed. Site A, should be sending everything across to siteB.
ASKER
I am iou of ideas .
Tried linksys support but keep getting bounced over to Cisco where the RV042 is not recognised
Logging is very poor so difficult to tell what is going on
VPN UP = Connection OK
Ping other side = VPN OK
Can resolve external DNS and ping from linksys Router = Firewall and routing OK.
PC just will not work ?? What else can we try?
Tried linksys support but keep getting bounced over to Cisco where the RV042 is not recognised
Logging is very poor so difficult to tell what is going on
VPN UP = Connection OK
Ping other side = VPN OK
Can resolve external DNS and ping from linksys Router = Firewall and routing OK.
PC just will not work ?? What else can we try?
traceroute the packets from the PC, see where they are going. What does your route table on the PC currently look like?
ASKER
Tracert goes as far as the 192.168.1.00 then times out .
Table below..
==========================
Interface List
0x1 ..........................
0x2 ...00 13 e8 16 52 69 ...... Intel(R) Wireless WiFi Link 4965AGN - Packet Sch
eduler Miniport
0x3 ...00 15 b7 c3 e5 67 ...... Intel(R) 82566MC Gigabit Network Connection - Pa
cket Scheduler Miniport
==========================
==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.100 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.101 192.168.1.101 20
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
255.255.255.255 255.255.255.255 192.168.1.101 2 1
Default Gateway: 192.168.1.100
==========================
Persistent Routes:
None
Table below..
==========================
Interface List
0x1 ..........................
0x2 ...00 13 e8 16 52 69 ...... Intel(R) Wireless WiFi Link 4965AGN - Packet Sch
eduler Miniport
0x3 ...00 15 b7 c3 e5 67 ...... Intel(R) 82566MC Gigabit Network Connection - Pa
cket Scheduler Miniport
==========================
==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.100 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.101 192.168.1.101 20
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
255.255.255.255 255.255.255.255 192.168.1.101 2 1
Default Gateway: 192.168.1.100
==========================
Persistent Routes:
None
I know this is a typo, Tracert goes as far as the 192.168.1.00 then times ou
I assume its .100
Can you traceroute to a PC at the far site? What does the trace look like?
I assume its .100
Can you traceroute to a PC at the far site? What does the trace look like?
ASKER
Yes it is a typo..
I can't get on to the other site right now but I know it will go 192.168.2.100 and out via the various ROUTES
I can't get on to the other site right now but I know it will go 192.168.2.100 and out via the various ROUTES
If this is the routing table for 192.168.1.0's router as shown above..... Where is the route for the ISP?
If 169.254.0.0 with a class B mask that is most likely not going to work. Also, that destination address shows next hop of 192.168.1.0. It should 192.168.2.0 if that is where your WAN link is connected . IF you can, try adding a static route in 192.168.1.101 (appears to be the 1st routers address) to point to the ISP address via next hop of 192.168.1.102. Be sure to check the other routers routing table for a return path also and put a static route in that one also for the return.
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.100 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.101 192.168.1.101 20
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
255.255.255.255 255.255.255.255 192.168.1.101 2 1
Default Gateway: 192.168.1.100
If 169.254.0.0 with a class B mask that is most likely not going to work. Also, that destination address shows next hop of 192.168.1.0. It should 192.168.2.0 if that is where your WAN link is connected . IF you can, try adding a static route in 192.168.1.101 (appears to be the 1st routers address) to point to the ISP address via next hop of 192.168.1.102. Be sure to check the other routers routing table for a return path also and put a static route in that one also for the return.
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.100 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.101 192.168.1.101 20
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
255.255.255.255 255.255.255.255 192.168.1.101 2 1
Default Gateway: 192.168.1.100
Its hard to know what the Linksys is doing.... logging is very poor, but do you have any logs available....
Have you tested with another PC at site A? Same result?
Have you tested with another PC at site A? Same result?
ASKER
Hi Mike,
Yes I have tried it on another PC with no success..The logs give VPN sysnch erros unothorised login access but no traffic blocked due to plocy violation errors..They are useless..
Finaly managed to route out a customer support number, will give them a call in the morning see what happens.
Yes I have tried it on another PC with no success..The logs give VPN sysnch erros unothorised login access but no traffic blocked due to plocy violation errors..They are useless..
Finaly managed to route out a customer support number, will give them a call in the morning see what happens.
Good luck.
ASKER
After many many calls to Linksys , Cisco , Ciscobylinksys, Ciscosmall business ( I don't think they actualy know them selves who they are) I finaly got talking to a guy you reckoned that it should be working. He took a backup of the configs and was going to test it in Linksys.
I am awaiting a response..
I am awaiting a response..
Post back here if you can. I'm very curious as to the fix.
I have tried working with tech support for Linksys before. The tech actually told me that they did not support routing. "A wireless router" . Keyword "router". Duh. Unbelievable.
I do remember setting up two Linksys routers to talk to each other once and I had to specify the MAC address in the setup for each router. A step I overlooked. You may want to double check this.
I do remember setting up two Linksys routers to talk to each other once and I had to specify the MAC address in the setup for each router. A step I overlooked. You may want to double check this.
ASKER
Will do
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
From site A specify a source of Site A Subnet with a destination of 0.0.0.0 0.0.0.0 meaning anything.
On Site B, use the source 0.0.0.0 with destination of Site A subnet.
Then try to bring the tunnel back up.