Gateway to Gateway - Linksys RV016 to BEFSX41 (that's behind a router)

[ttrsux]

I currently have a RV016 as my main router. I have a BEFSX41 at a remote location VPN'd to my RV016. Works pretty nice.

We opened another location, and I purchased a 2nd BEFSX41 to act as a VPN endpoint at this new location. However, at this new location, there is already a router in place, and the "owners" do not want to change anything on their end to accommodate their tenant.

I was hoping I could preconfigure the new BEFSX41 with the same settings (different tunnel name obviously), send it to him, and it would just work. Funny concept. I am a bit confused as how this would work, since the new BEFSX41 will be behind a router and have a private IP given to it by the existing router. Would all I have to do is forward port 1723 (UDP & TCP) on the existing router at the new location to the private IP of the new BEFSX41?

If that's all I have to do, hopefully I can convince them to make this "simple" little change.

Any suggestions would be greatly appreciated. I thought I new more than I just found out I did(n't)...

 

[ttrsux]

--------- MORE INFO ----------

Conveniently, I have a 2nd DSL line where I'm at now. I put the new BEFSX41 behind this DSL router (one of those Quest 2wire all in one's), manually assigned it 192.168.0.123 and created a port forward on the 2wire to fwd 1723 UDP/TCP to 192.168.0.123.

On my main router (RV016), I have the remote ID to the 2wire's public IP.

Here is part of the log from the RV016:

Sep 15 08:49:24 2009 VPN Log [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet
Sep 15 08:49:24 2009 VPN Log [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet
Sep 15 08:49:24 2009 VPN Log [Tunnel Negotiation Info] <<< Responder Received Main Mode 3rd packet
Sep 15 08:49:24 2009 VPN Log [Tunnel Negotiation Info] >>> Responder send Main Mode 4th packet
Sep 15 08:49:25 2009 VPN Log [Tunnel Negotiation Info] <<< Responder Received Main Mode 5th packet
Sep 15 08:49:25 2009 VPN Log Main mode peer ID is ID_IPV4_ADDR: '192.168.0.123'
Sep 15 08:49:25 2009 VPN Log No suitable connection for peer '192.168.0.123', Please check Phase 1 ID value
Sep 15 08:49:32 2009 VPN Log Initiating Main Mode
Sep 15 08:49:32 2009 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Sep 15 08:49:32 2009 VPN Log Received informational payload, type NO_PROPOSAL_CHOSEN
Sep 15 08:49:54 2009 VPN Log [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet
Sep 15 08:49:54 2009 VPN Log [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet
Sep 15 08:49:54 2009 VPN Log [Tunnel Negotiation Info] <<< Responder Received Main Mode 3rd packet
Sep 15 08:49:54 2009 VPN Log [Tunnel Negotiation Info] >>> Responder send Main Mode 4th packet
Sep 15 08:49:55 2009 VPN Log [Tunnel Negotiation Info] <<< Responder Received Main Mode 5th packet
Sep 15 08:49:55 2009 VPN Log Main mode peer ID is ID_IPV4_ADDR: '192.168.0.123'
Sep 15 08:49:55 2009 VPN Log No suitable connection for peer '192.168.0.123', Please check Phase 1 ID value
Sep 15 08:50:02 2009 VPN Log Received informational payload, type NO_PROPOSAL_CHOSEN

-----------------------------------
*FYI* After this, just to make sure the VPN functionality actually works, I set up a normal Gateway-to-Gateway VPN by giving my new BEFSX41 a regular public IP. Within seconds, my VPN status is "Connected".
-----------------------------------

 

[cpages2]

I have a question for you. I am in the same boat (sorta), I have 2 RV042 and one side is behind another NAT Router.

You post your logs and they are almost identical to mine, however my tunnel wont connect.

Can you tell me what you did to get teh connecton working with one side behind another router.