Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Linksys VPN to VPN to VPN 1

Status
Not open for further replies.
lotus99v8

lotus99v8

MIS
Joined
Feb 3, 2004
Messages
6
Location
US
We have a Linksys VPN router at work with 5 home offices connected with Linksys VPN routers. The internal IP addresses are as follows:

Main Office: 10.1.0.0
Home Office1: 10.1.1.0
Home Office2: 10.1.2.0
Home Office3: 10.1.3.0
Home Office4: 10.1.4.0
Home Office5: 10.1.5.0

What we want is the ability for a user at Home Office 1 behind his/her VPN router to be able to access the network behind the VPN router on Home Office 2. I have tried my best to configure static routes but I am not able to get it to work. Does anyone have any suggestions on how to do this?

Thank you.

 
Sort by date Sort by votes
assuming office 1 and office 2 VPN clients are assigned the ip range 10.1.0.x after establishing VPN on the main office, they should be able to access each other. if not post the results of ipconfig /all and routing table here.

Robert Lin, MS-MVP, MCSE & CNE
Windows, Network, Internet, VPN, Routing and How to at
 
Upvote 0 Downvote
Actually, they aren't clients. It is two Linksys VPN routers connected to a common third Linksys VPN router. I want to route across three subnets.

10.1.1.0/0 <-> 10.1.0.0/0 <-> 10.1.2.0/0
Linksys Linksys Linksys

Thoughts?

 
Upvote 0 Downvote
Did you ever figure this out? I'm trying to get the same thing going but have had no success.
 
Upvote 0 Downvote
No, I have not been able to figure out how to do this. I think it may not be possible. It appears that the VPN addresses do not show up in the routing table and therefore will only route out an interface.

The only way I can think of doing this is to have a separate VPN router for each connection. This would work but seems like a waste.
 
Upvote 0 Downvote
I have pretty much come up with the same conclusion as yourself. In addition I think that setting up a separate connection at each office for each office would not only be wasteful but confusing as well.

Oh well, I suppose that if you're at a remote office, you can always connect to a Terminal Service at the main office (and from the terninal server connect to the other remote office(s)). For me, this remote office to remote office function would be nice only for the remote administration side fo things.

If I have any ideas on how to make this work I'll be sure to let you know. And if you make some progress, be sure to keep us posted as well.

Thanks!

deeno
 
Upvote 0 Downvote
OK. I have figured out how to do this.

It seems that the Linksys VPN routers do not route the VPN ip addresses internally. A clue was that they do not show up on the routing table of the VPN router. To get around this I did the following.

1. I set up all the VPN's with a local secure group subnet that includes all the VPN's I want to route across. (ie. 192.168.0.0/255.255.0.0). This makes sure that the VPN endpoint routers send the traffic over the VPN as opposed to the WAN.

2. I put a static route in the Linksys router for the subnet (192.168.0.0/255.255.0.0) pointing to our Cisco router (192.168.1.1)

3. I put static routes in the Cisco (192.168.1.1) for each VPN pointing back to the VPN router (192.168.1.2).

ip route 192.168.2.0 255.255.255.0 FastEthernet0/0 192.168.1.2 permanent
ip route 192.168.3.0 255.255.255.0 FastEthernet0/0 192.168.1.2 permanent
ip route 192.168.4.0 255.255.255.0 FastEthernet0/0 192.168.1.2 permanent

This seems to have worked.

Joe
 
Upvote 0 Downvote
What Linksys products were you using? I need to force all clients to use the tunnel for all internet use and send the traffic over the VPN as opposed to the WAN.


I am not sure what you mean by {I set up all the VPN's with a local secure group subnet that includes all the VPN's I want to route across} Would you please show me a little more details of what you did to do this and also show the static routing tables?



 
Upvote 0 Downvote
I'm not sure how to make all traffic go over the VPN. My guess would be to make the remote secure group 0.0.0.0 255.255.255.255 but this might mess up the router's internet interface.

We are using the linksys VPN routers BEFVP41.

FWIW, we had serious problems with the BEFSX41 not renewing the ISP's DHCP address resulting in us having to reboot the routers constantly. The BEFVP41 does not seem to have this problem.

 
Upvote 0 Downvote
Gonzo,

What Linksys product are you using? Does it support multiple tunnels? I have 4 offices linked together using an RV082 at each location (full mesh). For each location I have an IPSEC tunnel to each location. Example...

The St Louis office has a tunnel to KC, FL, and IL.

The KC office has a tunnel to STL, FL, and IL.

Etc.

Everything works fine. The RV082 supports up to 50 tunnels though.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
1K
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question Question
How to Create an site to site VPN
Replies
1
Views
898
sircles
sircles
sarahz2
  • Locked
  • Question Question
Best vpn safe and fast
Replies
4
Views
1K
GlobeTrekkerGal
GlobeTrekkerGal
ramblingrebel
  • Locked
  • Question Question
Built-in Windows 10 VPN
Replies
1
Views
936
Joon Smith
Joon Smith
F
  • Locked
  • Solved
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
1
Views
2K
FrankSider12
F

Part and Inventory Search

Sponsor

Back
Top