ER6020: Building VPN IPsec behind NAT with Cisco RV042
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER6020: Building VPN IPsec behind NAT with Cisco RV042
Model :
Hardware Version : Not Clear
Firmware Version :
ISP :
Hi,
I want to build a VPN between 2 sites.
They are connected to Internet with ADSL connexion from Orange (LiveBox Pro)
192.168.10.0/24 <-> tplink ER6020 <-> 192.168.1.0/24 <-> Livebox <-> Internet <-> livebox <-> 192.168.0.0/24 <-> RV042 <-> 192.168.2.0/24
Off course, on the two livebox, I configure the routers (respectively the ER6020 and RV042) as the DMZ.
In the IKE Policy, I put FQDN to avoid problems with NAT.
This doesn't work.
I have the following message on log:
IKE began to negociate as initiator.
Mod=main, peers=192.168.1.32<->217.128.xxx.yyy
I think there should be a NAT-T problem, because in my understanding, the peers should be public address of the livebox, and not private address of the network between the livebox and the router.
Does anyone has an idea?
Hardware Version : Not Clear
Firmware Version :
ISP :
Hi,
I want to build a VPN between 2 sites.
They are connected to Internet with ADSL connexion from Orange (LiveBox Pro)
192.168.10.0/24 <-> tplink ER6020 <-> 192.168.1.0/24 <-> Livebox <-> Internet <-> livebox <-> 192.168.0.0/24 <-> RV042 <-> 192.168.2.0/24
Off course, on the two livebox, I configure the routers (respectively the ER6020 and RV042) as the DMZ.
In the IKE Policy, I put FQDN to avoid problems with NAT.
This doesn't work.
I have the following message on log:
IKE began to negociate as initiator.
Mod=main, peers=192.168.1.32<->217.128.xxx.yyy
I think there should be a NAT-T problem, because in my understanding, the peers should be public address of the livebox, and not private address of the network between the livebox and the router.
Does anyone has an idea?