We help IT Professionals succeed at work.

GW to GW VPN over Cisco 1841 and Cisco RV082 Routers

Ali1
Ali1 asked
on
Hi Experts,

Request your help on a situation described below.
I'm trying to setup a gateway to gateway VPN using Cisco Routers (1841 on remote and RV082 on local). All VPN parameters on both routers are matched and VPN is up/connected.

From both ends LANs, I can ping remote LAN gateway IPs but cannot access any other device on remote LAN.

I doubt on Remote Security GW settings for both routers, as you can see on 1 end there is an additional GW router responsible for NAT.

Attaching a briefed diagram for better understanding.

Looking forward for your opinions to sort it out.

Thanks.


 Setup.png
Comment
Watch Question

JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
In Advanced settings in the VPN setup, check the settings for

Main Mode (for site to site)
Keep Alive ON Default
Nat Traversal ON or OFF whichever works   <--  Try this both ways.

Make sure your subnet addresses at each end are different from the other end. Make sure the subnet mask allows traffic for the entire subnet at each end.    255.255.255.0  

Perhaps upgrade the firmware in both routers.

Author

Commented:
Sir, grateful for your response.

Mode is already site to site (gateway to gateway)
Keep alive was already ON
Nat Traversal was off, but now it's ON.

Subnets are different as shown in diagram in the diagram above.

But still no reach-ability to remote LANs.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Can you reach the remote router / gateway?  

Then make sure your subnet mask allows the whole range.

Otherwise it could be a firewall issue of some kind.

Author

Commented:
Yes, I can reach remote router from both side LANs.

Please elaborate firewall issue. I have made access rules to allow all types of traffic. I tried by disabling firewall as well, but no success.

I'm still thinking about NAT thing, shall I need to add any route on GW router or VPN Routers??
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
I am not sure at this point.  

Set up logging at both ends, make sure the logs are clear, then make a connection and try to browse.

Review the logs and see if the log entries shed light on the error.
Commented:
Hi John,

Issue resolved. Actually the access switch at remote site had 2 uplinks. Now we added routes on workstations and problem is resolved.

Many thanks for your guidance and time.

Regards

Explore More ContentExplore courses, solutions, and other research materials related to this topic.