How does my VPN router work?

Posted on 2010-01-11
Medium Priority
Last Modified: 2012-05-08
I have purchased 2 Cisco Small Business RVS4000 VPN Routers.
I have two offices...both with a T1
I need to connect the two offices so that PC's in one can browse to the other.
Can I use these devices to accomplich this?
The manual says the LAN addresses of the routers need to be on differnet subnets... How are the PC's going to be able to browse to each other if they are on different subnets?
Question by:JohnnyFiveAlive
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 21

Expert Comment

ID: 26285506
Basically VPN routers allow you to connect multiple sites together securely across the Internet.
They use a tunneling technology over IP routing to give access to each site.
You would normally have a different privately addressed LAN at each site and the VPN will  route, create tunnels, etc. across the public side address that is given to you from the ISP for each site.

Sharing files can be done by using the name or IP address of the machine at the remote site.

You said "T-1" above and I am assuming T-1 to the Internet. If it is a private T-1 then you don't need the VPN because it is already a private link. If that is the case you could use simple routers or even bridges to accomplish what you want.

Author Comment

ID: 26285665
It is a private T1 to the internet... Their previous tech provider ordered a T1 from Grande for their VOIP's, internet, and point to point..
The service has TLS.. a direct connection from one office LAN to the other.. same subnet..no router.
It works.. I can sit at a new workstation on one end and ping through the TLS (transparent Lan Service) easy as pie... problem is it is HORRENDOUSLY slow.
It's practically useless... file transfer of 100MB took almost half an hour... The turn-around time for bonding another T1 is 25 days... they start business in the new office on the 18th :)
So.. in the meantime we are setting up a VPN site to site over the deicated internet... because it is considerably faster
I haven't messed with VPN in years and that was only Windows 2000 server VPN... not hardware and not site to site.
Setting QOS (the only configurable part of this particular service) to give priority to the data pipe over the internet reduces the internet speed to about 100k... it's a failry new service and clearly has some drawbacks..I'll go ahead and call them flaws..:)

My main question is how are the two DIFFERENT subnets going to communicate once I get the VPN established...
Do i insert a static route?

for example...
Say I need to ping a machine on a 192.168.0.x subnet on the other side of the VPN
The subnet I am pinging from is 192.168.1.x
the request ends up at the router right?
Should there be a static route that says all traffic destined for 192.168.0.x originating from 192.168.1.x be directed to the router on the other side of the VPN?
LVL 21

Accepted Solution

Rick_O_Shay earned 2000 total points
ID: 26286502
You got it. You need a route at each end point to the other LAN with the next hop going into the VPN tunnel.

Author Comment

ID: 26295156
Surprisingly, the Cisco RVS4000's I purchased from Ingram Micro for $109 each came with a VPN wizard on a CD-ROM..
and it worked..
The whole process took about 7 minutes to set-up.. and I only had to be plugged in to a LAN port on one router on one side.
You just configure the other side with WAN info and put it in place... click the "Enable Remote Management" button and save.
From the other side you run the wizard and voila. done.... definately more than I expected from a linksys/cisco product.
Thanks for your help!
LVL 21

Expert Comment

ID: 26295365
That sounds like a great tool. I wish they all did that.

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question