Question

Locked

VPN tunnels to the same destination Lan

By ussessexcv9 ·
I am using 3 Linksys Rv042 VPN routers.
I am attempting to load balance two isp (sat. & ADSL) connections to send data to the same destination lan 192.168.1.0

When I set up the tunnels the rv doesn't like this arrangement. It won't allow two tunnels to the same destination. What are my options?

> Site A has the dual isp connections to a single rv042 on 192.168.2.xxx mask 255.255.255.0

> Site B is to our private network at our central office which is 192.168.1.xxx mask 255.255.255.0

> Site C is also on our private network (via microwave) but at a satellite office. Again, on the same 192.168.1.xxx mask 255.255.255.0 THis location has a PLC that is set to communicate data to the 2.0 subnet which is why I am in a fix. I can't set an alternate route in the PLC, am stuck w. 2.0 to 1.0 subnets

Is it possible to get these two tunnels to co-exist?

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

your subject says isp setup problem however

by CG IT In reply to VPN tunnels to the same d ...

in reading the details, it sounds like your trying to setup VPNs because you use the term "tunnel" and tunneling is basically VPN.

Sooo the question is are you trying to setup individual VPNs from remote sites to the main site? If not what type of connection are you trying to make?

Collapse -

You are correct my problem is with VPN setup

by ussessexcv9 In reply to your subject says isp set ...

Sorry if the title was misleading. I have an issue in setting up 2 VPN tunnels to the same destination Lan. The goal is to have a backup communication link. Tunnels are for PLCs which don't have alternate gateway settings. One solution would be to figure a way to have previously mentioned routers B and C on the same destination subnet (1.0)a fix that the router won't accept.

So yes, I am trying to set up 2 connections to a main site (A) with the caveat that B and C are both on the same subnet

Collapse -

Re: VPN setup

by christianshiflet In reply to You are correct my proble ...

How many computers/devices are in both locations in the 192.168.1.0 subnet? If there are few enough devices you could divide the 255.255.255.0 subnet to create multiple, smaller networks so the VPN tunnels would not have a conflict, assuming you cannot just change one of the 192.168.1.0 networks to, say, 192.168.3.0. Let me know if I am not clear or you have further questions. Thanks.

Collapse -

reply

by ussessexcv9 In reply to Re: VPN setup

There are 50 devices on the 1.0 and the 2.0 has 10. Not sure how to change the subnet of the tunnels. Each tunnel has local and destination settings but haven't seen where the RV042 will allow separate subnets on the same router. The 2.0 site has one router and am trying to get two tunnels set up to 2 different physical locations on the 1.0 network that is connected by microwave radio. I wish the 2.0 were close enough to allow microwave to work but no dice.

If I use 3.0 at one of the 1.0 end points how then will I route traffic from it back to the 1.0? another router? a static route?

Collapse -

Re: Reply

by christianshiflet In reply to reply

So, you are trying to create a tunnel from A to B and a tunnel from A to C, if I understand you. I assume you are using DHCP from the routers at each location, so the machines at each site get their address from the local router. To keep the same base networks that you have you could break the 192.168.1.0/24 (subnet mask 255.255.255.0) network into multiple, smaller subnets since you aren't using all of the addresses available in either location. The tunnel destination network from A to C would then be, for example, 192.168.1.0 w/ a mask of 255.255.255.128, giving you access to the first 127 addresses (default gateway/router LAN ip of 192.168.1.1). The destination network from A to B would be 192.168.1.128 w/ a mask of 255.255.255.128, giving you access in that location to 192.168.1.129 to 192.168.1.254 w/ a default gateway/LAN address of 192.168.1.129. Check out http://krow.net/dict/subnet.html for an explanation of breaking down a subnet into smaller networks.

A differnet option would be to change the DHCP addressing at one of those sites, say C, by changing the LAN address of the router. You would change the destination settings at site A for the tunnel to site C to reflect the different IP range.

Either way, to handle traffic from C to B through site A you would either have to have your own DNS server with the proper forwarders set up or you would have to enter static routes in the routers at sites B and C to reflect the next hop to go to site A. Site A's router would have to be set up to forward requests between the tunnels appropriately. Some do this automatically but some do not.

Please let me know if this is helpful or you have further questions. Thanks.

Collapse -

Yes that was helpful but let me ask

by ussessexcv9 In reply to Re: Reply

I do have static addresses.

OK I think I have seen that this router has the ability to enter multiple subnets but I have a couple of questions.

You say the default lan ip would be 1.1 which is used already so I am assuming I assign it 1.2?

My addresses are spread out on the 1.0 network . If I were to use 240 as the mask I think I can not interfere with the addresses currently in use. How, if I assign the same subnet mask to each tunnel would I know which one was 0-239 and 241-254? Would I have to change all of the subnet masks on the devices in each group to 240? That's not a problem I'm just trying to wrap my head around how to implement.

What is the signifigance of the 0/24 in your example "192.168.1.0/24" I have seen this before and have set static routes using command prompt but never used that format.

By the way that is how I have used the single tunnel setup, by setting static routes in the computers on each end to give the destination and gateway settings.

Thanks for your help thus far I am eager to hear your responses.
Jim

Collapse -

Re: Subnets

by christianshiflet In reply to Yes that was helpful but ...

Okay, to start with it sounds like you are going to have to change the addressing in either one of, or both of, sites B and/or C. You also mention that the IP 192.168.1.1 is in use. Using a subnet of 255.255.255.240 does not give you 2 networks broken up into 240 & 16 addresses respectively. It gives you 16 separate networks of 16 addresses (14 actual available hosts). So, you can either change the static addresses at one of your sites to be 192.168.3.0/24 or change the addresses at, for example, site B to be between 192.168.1.1 to 192.168.1.127 and site C to be between 192.168.1.129 to 192.168.1.254.

If you go with the latter option to break the 192.168.1.0/24 subnet into 2 smaller networks you would setup the routers as such (given the above breakdown):
Site B default gateway on the router: 192.168.1.1 with a subnet mask of 255.255.255.128. This tells the router that the addresses in the above range (.1 to .127) are on its LAN. At site A, the tunnel would be setup with a destination network of 192.168.1.0 and a subnet of 255.255.255.128 (or /25 if it is setup that way). Site C's router would be setup with a default gateway of 192.168.1.129 with a subnet of 255.255.255.128. This tells the router that the addresses in the range .129-.254 are in its LAN. Everything else is on a different network. The destination for this tunnel at site A would be 192.168.1.128/25 or subnet mask of 255.255.255.128.

The /24 (or /25, /26...) signifies how many bits of a subnet are included in a network. /24 equates to a typical subnet mask of 255.255.255.0. This gives you 254 adderesses on you network (#.#.#.1-#.#.#.254). The higher the number (/25, for example), the fewer available addresses.

In depth subnetting is a bit beyond this reply, though. There was recently a really good post on TechRepublic regarding it, though. If you are interested in learning about it, search and I believe you shall receive.

Hopefully that helps. Let me know if you have further questions. Thanks.

Back to Software Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums