print this page print email this solution email

Article ID: 3094

Configuration on Gateway-to-Gateway VPN tunnel using DynDNS on one side of the tunnel on RV016, RV042, RV042G and RV082 VPN Routers


Objectives

A Dynamic Domain Name System (DDNS) allows Internet access to the server using a domain name rather than an IP address. DDNS also maintains IP address information even when the client receives a dynamic IP assignment subject to constant change by the ISP. With this configuration, the server is always available regardless of the IP address. This service is only usable after you establish an account with a DDNS service provider.

This document explains how to configure a Gateway to Gateway VPN using DynDNS on local group side and Static IP with registered domain name on the Remote group side for RV016, RV042, RV042G and RV082 VPN Routers.

Applicable Devices

• RV016
• RV042
• RV042G
• RV082

Software Version

• 4.2.2.08

VPN Tunnel Configuration

Configure DDNS

Step 1. Visit www.dyndns.org and register a domain name.

Step 2. Log in to the Router Configuration Utility and choose Setup > Dynamic DNS. The Dynamic DNS page opens:

Step 3. Click the Edit icon for WAN1. The Edit Dynamic DNS Setup page opens:

Step 4. Choose DynDNS.org from the Service drop-down list.

Step 5. In the Username field, enter your DynDNS.org account Username information.

Step 6. In the password field, enter the password corresponding to the Username registered at DynDNS.org

Step 7. Enter your host name in the Host Name field.

The following fields display information and are non-configurable:

• In the Internet IP Address field, the router's IP address will be displayed. This address will change because it is dynamic.

• The status of the DDNS will be displayed in the Status field. If there is an error, make sure you have entered DDNS information correctly.

Step 8. Click Save.

Configure VPN Tunnel From Site 1 to Site 2

Step 9. Log in to the Router Configuration Utility and choose VPN > Gateway to Gateway. The Gateway to Gateway page opens:

Note: Before navigating away from this page, click Save to save the settings, or click Cancel to undo them.

Step 10. Enter a name in the Tunnel Name area for VPN tunnel between site 1 to site 2. This is just for reference and it does not have to match the name used at the other end of the VPN tunnel.

Step 11. Choose the WAN port to use for this tunnel from the Interface drop-down list.

Step 12. Check Enable to enable the VPN tunnel. The check box will be disabled once the VPN tunnel is created.

Step 13. Choose Dynamic IP + Domain Name (FQDN) Authentication from the Local Security Gateway Type drop-down list. 

Step 14. In the Domain Name field, enter the Registered DynDNS domain name.

Step 15. Choose Subnet from the Local Security Group Type drop-down list. The Local Security Group Type defines which LAN resources can use the VPN tunnel.

Step 16. Enter the IP address in the IP Address field.

Step 17. Enter the subnet mask in the Subnet Mask field.

Step 18. Choose IP Only from the Remote Security Type drop-down list.

Step 19. Choose IP Address by DNS Resolved from the next drop-down list to specify one device. Then enter the registered domain name of the router.

Step 20. Choose Subnet from the Remote Security Group Type drop-down list. The Remote Security Group Type specifies which resources on the remote LAN can access the VPN tunnel.

Step 21. Enter the subnetwork IP address in the IP Address field.

Step 22. Enter the subnet mask in the Subnet Mask field.

Step 23. In the Preshared Key field, enter a preshared key to use to authenticate the remote IKE peer. Up to 30 keyboard characters and hexadecimal values can be entered. Both ends of VPN tunnel must use the same preshared key. The rest of the fields in the IPSec Setup area may use default values.

Step 24. Click Save to save the changes.

Note: Configure the other router by following Steps 9 through 24 with the configuration for local and remote switched. The configuration done in the Local Group Setup area for the first router will be the configuration in the Remote Group Setup area on the second router.

 

© 2014 Cisco Systems, Inc. All rights reserved.