|
Home > Archive > VPN > May 2007 > RV042 VPN on RV042 DMZ
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
RV042 VPN on RV042 DMZ
|
|
| Fred Marshall 2007-04-25, 1:13 pm |
| Situation:
2 sites, each with 2 public IP addresses available.
Need to set up site-to-site VPN.
Using RV042 throughout.
Existing RV042 is internet interface.
Want to add a VPN and cannot use the internet interface device for this
purpose and can't do a VPN passthrough because there aleady is one at one of
the sites.
It seems there are two ways:
1) simply connect an additional RV042 directly to the internet, using one of
the available public addresses, for the VPN.
2) connect an additional RV042 to the DMZ port of the existing internet
interface RV042. This method has been suggested by those more experienced
than I.
I have #1 working - so the VPN setup isn't an issue.
I'm having trouble with #2 (DMZ) and am considering:
- get better information regarding how to set up the 2 RV042s on a site to
use the DMZ.
- give up and do #1.
I do wonder why #2 would be preferred if there's a bare RV042 connected to
the internet then why not 2 of them? But I defer to the advice for now.
I have not figured out how to configure #2 so that the VPN will continue to
work after getting #1 up and running. (Switching from one to the other
should be pretty easy: just unplug the VPN units from the direct internet
connection and plug them into the DMZ ports of the internet interfacing
units - assuming the "internet" units are configured ahead of time). Their
IP addresses, being public addresses, don't change in doing this if I
understand how to set up the DMZ at all! (oh, maybe not!)
Any comments appreciated!
Fred
| |
| Fred Marshall 2007-05-07, 7:11 am |
|
"Fred Marshall" <fmarshallx@remove_the_x.acm.org> wrote in message
news:Yd2dnTgpH-kPG7LbnZ2dnUVZ_segnZ2d@centurytel.net...
> Situation:
> 2 sites, each with 2 public IP addresses available.
> Need to set up site-to-site VPN.
> Using RV042 throughout.
>
> Existing RV042 is internet interface.
> Want to add a VPN and cannot use the internet interface device for this
> purpose and can't do a VPN passthrough because there aleady is one at one
> of the sites.
>
> It seems there are two ways:
>
> 1) simply connect an additional RV042 directly to the internet, using one
> of the available public addresses, for the VPN.
>
> 2) connect an additional RV042 to the DMZ port of the existing internet
> interface RV042. This method has been suggested by those more experienced
> than I.
>
> I have #1 working - so the VPN setup isn't an issue.
>
> I'm having trouble with #2 (DMZ) and am considering:
>
> - get better information regarding how to set up the 2 RV042s on a site to
> use the DMZ.
>
> - give up and do #1.
>
> I do wonder why #2 would be preferred if there's a bare RV042 connected to
> the internet then why not 2 of them? But I defer to the advice for now.
>
> I have not figured out how to configure #2 so that the VPN will continue
> to work after getting #1 up and running. (Switching from one to the other
> should be pretty easy: just unplug the VPN units from the direct internet
> connection and plug them into the DMZ ports of the internet interfacing
> units - assuming the "internet" units are configured ahead of time).
> Their IP addresses, being public addresses, don't change in doing this if
> I understand how to set up the DMZ at all! (oh, maybe not!)
>
> Any comments appreciated!
At least one reading from Linksys support says that a VPN on the DMZ port
will not work.
The advisor who suggested it might be the way to go has not responded one
way or another when asked.
So, I conclude that it isn't worth further investigation and have gone with
putting the VPN device directly on the internet.
Bottom line seems to be: An RV042 VPN will not work on an RV042 DMZ port.
Fred
|
|
|
|
|