?
Solved

Linksys RV042 at home office / split tunnel

Posted on 2010-11-18
4
Medium Priority
?
1,266 Views
Last Modified: 2012-05-10
I'm looking at installing a Linksys RV042 router at my house and then setup a VPN tunnel to my office which has a Watchguard XTM 23 firewall/vpn.  I'm doing this mainly because I need to install an IP phone at the house which connects to the office pbx - i know there are softphones that can do this but I want to use an IP phone.

I also need the home office network setup in such a way so that only the IP phone and a dedicated workstation has access to the VPN tunnel and other family computers at the house should not have access to the VPN tunnel.

What is the best way to accomplish this?  Can I restrict access to the VPN tunnel based on MAC addresses with the RV042?

I have managed to setup the RV042 so that the tunnel comes up but i'm not sure how to restrict access to the tunnel.
0
Comment
Question by:Medrx
  • 3
4 Comments
 
LVL 99

Accepted Solution

by:
John Hurst earned 500 total points
ID: 34170252
In the RV042, in the VPN setup, under Local Group Setup for the specific tunnel, you can set the local IP to be just the single IP of the machine you want. People can spoof IP's and MAC address, so the security is about the same. Since it is in your home, it should work.  See the example below. ... Thinkpads_User

RV042-Example.png
0
 

Author Comment

by:Medrx
ID: 34170311
So do I then have to setup another Subnet on the RV042 that will be used for local 'family' pcs which will not be allowed access to the vpn tunnel?  
How do i setup DHCP on the router to assign the correct ips for the appropriate pcs - for example I would like to have my work PC get an IP in the range of 192.168.190.x  and family PCs get 192.168.2.x
Do I have to add rules to the RV042 firewall so that the 192.168.2.x network can't access the vpn tunnel OR that is already implied since its a different network?
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 34170355
You can look at rules in the RV042. You can also bridge a wireless router to the RV042 because wireless routers often have MAC address control.

The IP for the device is set in the Local Security Group Type above. Use IP instead of Subnet and pick the IP you will allow. If the IP were a wireless router, then you have that flexibility as well.

So to your question above, if you allow only IP 192.1568.1.13, then only that device and none others will have acces to the tunnel. Set the RV042 to hand out addresses from 100-200 and set the one device to be static. .... Thinkpads_User
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 34269673
Thank you. I was pleased to assist you. ... Thinkpads_User
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question