VPN Mesh Topology | Cisco Systems RV042G, RV016 specification

Configuring a Gateway-to-Gateway VPN Tunnel Between RV0xx Series Routers

Topology Options

VPN Mesh Topology

D

In a VPN mesh topology, each VPN router can communicate securely with all other VPN routers. Multiple secured tunnels extend from each site to all other sites.

In the following example, four sites are connected in a VPN mesh topology. Three VPN tunnels extend from each site, providing secure communications with all other sites. Data can travel directly between any two sites.

Figure 2 Mesh

Site 1

Site 2

VPN Tunnel

	VPN	VPN
	VPN	Tunnel
	Tunnel	Tunnel
	Tunnel
VPN		VPN
Tunnel		Tunnel
		Internet

VPN Tunnel

Site 3

Site 4

284287

This topology requires much more configuration on each router. However, it works well in a complicated network with data traveling between multiple sites. Because all devices have direct peer relationships with one another, this design prevents the bottlenecks that can occur with a hub-and-spoke topology. This design also ensures that if one site is down, the other sites can continue to exchange data.

NOTE When the number of nodes in a full mesh topology increases, scalability may become an issue—the limiting factor being the number of tunnels that the devices can support at a reasonable CPU utilization.

Cisco Small Business RV0xx Series Routers Administration Guide

172

Image 172

Cisco Systems RV042G, RV016 manual VPN Mesh Topology

Contents

Administration Guide Cisco Systems, Inc. All rights reserved 78-19576-01 B0 Viewing System Summary Information Setup Other Hardware FeaturesPlacement Tips Introduction Dhcp System ManagementPort Management Firewall VPN 122 Logging System Statistics 153 Appendix G Specifications 189 Appendix H Where to Go From Here 199Appendix E IPSec NAT Traversal 183 Appendix F Bandwidth Management 186 RV0xx Series Router Features ModelPorts RV042 and RV042G RV082 RV016 Introduction RV042 and RV042G PortsRV042 and RV042G Status Lights RV082 Ports and Status Lights Ports Port Description Status Lights Light Description Other Hardware Features Feature Description Default Settings Placement TipsDesktop Placement Parameter Default Value Wall Mounting RV042 and RV042G 58 mm apart RV082 and RV016 94 mm apart Rack Mounting RV082 or RV016 Connecting the Equipment RV042 and RV042G Internet PortRV082 Internet Port RV016 Internet 1 Port Getting Started with the Configuration Troubleshooting Tips Features of the User Interface Navigation Setup Wizards Saving the SettingsPop-Up Windows Help Viewing System Summary Information Cisco ProtectLink Web System InformationViewing System Summary Information Port Statistics ConfigurationPort Information Window Viewing System Summary Information WAN Status WAN information Firewall Setting Status VPN Setting StatusLog Setting Status DMZ information Setup Setup Setting Up the NetworkHost Name and Domain Name LAN Setting device IP address and subnets IP ModeChanging the device IP address Enabling multiple subnets IPv4 only Setup WAN Setting Internet connection DMZ Setting Setup Editing a WAN Connection Page Page Page Editing a DMZ Connection IPv4 IPv6Page Changing the Administrator Username and Password Setup Setting the System Time To open this page Click Setup Time in the navigation tree Setting Up a DMZ Host Port Range Forwarding Setting Up Port Forwarding and Port TriggeringPort Range Forwarding, Port Triggering, Setup Adding a service Port Triggering Setting Up Universal Plug and Play UPnP To open this page Click Setup UPnP in the navigation tree Setup Adding a service Setting Up One-to-One NAT Setup Cloning a MAC Address for the Router Editing the MAC Address Clone Settings Assigning a Dynamic DNS Host Name to a WAN Interface Editing the Dynamic DNS Setup Setting Up Advanced Routing Configuring Dynamic Routing, Configuring Static Routing, Dynamic Routing for IPv4 Configuring Dynamic RoutingData None, RIPv1, RIPv2 Broadcast, or RIPv2 Multicast Dynamic Routing for IPv6 Configuring Static RoutingPrefix Length Pv6 only Enter the prefix length Setting Up Advanced Routing IPv6 Transition To Go From Here Setting Up the Dhcp Server or Dhcp Relay Dhcp Dhcp DNS used for Dhcp Server only Dynamic IP used for Dhcp Server onlyWins used for Dhcp Server, IPv4 Only About Static IP Addresses for IPv4 Only Assigning static IP addresses by adding devices from a list Assigning static IP addresses by entering devices manually Using the Static IP List to Block Devices DNS Local Database Dhcp Server Viewing the Dhcp Status InformationClient Table Router Advertisement IPv6 Dhcp Setting Up Dual WAN and Multi-WAN Connections System Management Mode Cisco RV042, RV042G, and RV082 System Management Mode Cisco RV016 Interface Setting Network Service Detection Editing the Dual WAN and Multi-WAN SettingsMax Bandwidth Provided by ISP Page Adding a service Page Managing the Bandwidth Settings Max Bandwidth Provided by ISPBandwidth Management Type Appendix F, Bandwidth Management Managing the Bandwidth Settings Adding a service Setting Up Snmp Enabling Device Discovery with Bonjour Enabling Device Discovery with Bonjour To open this page Click System Management Diagnostic Using Built-In Diagnostic ToolsDNS Name Lookup Ping Restoring the Factory Default Settings Upgrading the Firmware Restarting the Router Backing Up and Restoring the Settings Restoring the Settings from a Configuration File Backing Up Configuration Files and Mirror Files Copying a Startup File or Mirror File Backing Up and Restoring the Settings Configuring the Port Settings Port Management Port Management Viewing the Status Information for a Port Summary Statistics Configuring the General Firewall Settings Firewall Firewall Restrict Web Features Firewall Configuring Firewall Access Rules About Access Rules Managing Access Rules To delete all custom rules Click Restore to Default Rules Configuring Access Rules Services IPv4 and IPv6 Schedule IPv4 Only Adding a service Page Using Content Filters to Control Internet Access Forbidden Domains, Website Blocking by Keywords, Schedule, Forbidden Domains Website Blocking by Keywords Schedule Cisco ProtectLink Web Getting Started with Cisco ProtectLink Web Cisco ProtectLink Web Specifying the Global Settings for Approved URLs and Clients Approved URL Configuration Approved Clients ConfigurationApproved URLs and Approved Clients To delete an entry Click the Delete icon Enabling Web Protection for URL Filtering Web Protection URL Filtering Business Hour Setting Web Reputation Updating the ProtectLink License URL Overflow Control License License Information VPN Introduction to VPNs Remote Access Client To Gateway Configuration tasksSite to Site VPN Gateway To Gateway Gateway-to-Gateway VPN Tunnel Between RV0xx Series Routers QuickVPN, page125 and Remote Access with PPTP, page125 Router Remote Access with Cisco QuickVPN Remote Access with Pptp Viewing the Summary Information for VPN To open this page Click VPN Summary in the navigation tree Tunnel Status Up a Remote Access Tunnel for VPN Clients Client To Gateway, GroupVPN Status VPN Clients Status Setting Up a Gateway to Gateway Site to Site VPN Local Group Setup and Remote Group Setup Add a New Tunnel VPN IPSec Setup Preshared Key, page 135 and Advanced settings for IKE with Required fields for Manual mode Required fields for IKE with Preshared Key Advanced settings for IKE with Preshared Key VPN VPN RV0xx Local Group Setup Remote Client Setup for Single User Tunnel Type VPN IPSec Setup Required fields for IKE with Preshared Key Advanced settings for IKE with Preshared Key VPN Managing VPN Users and Certificates Users, Certificate Management, page148 Users Certificate Management Setting Up VPN Passthrough Setting Up Pptp Server IP Address Range Pptp Server Connection List Setting Up the System Log and Alerts Syslog section, Mail section, Log Setting, Buttons, Syslog sectionMail section Logging System Statistics Log Setting Buttons Viewing the System Log Logging System Statistics Basic Setup, Access Rule Setup, page160 Wizard Access Rule Setup Basic SetupWizard Term Definition Beacon intervalDtim Delivery Traffic Indication Message Glossary Term Definition Radvd Router Advertisement DaemonRequest to Send RTS Threshold Static routing RIPng RIP next generationVlan Virtual LAN Firmware upgrade has failed Your computer cannot connect to the Internet Troubleshooting Router does not have a coaxial port for the cable connection Cisco QuickVPN for Windows Introduction Using the Cisco QuickVPN Software Cisco QuickVPN Client Installation and ConfigurationCisco QuickVPN for Windows Using the Cisco QuickVPN Software Topology Options VPN Hub and Spoke Topology Hub and Spoke VPN Mesh Topology Mesh WAN Setup Other Design Considerations LAN Setup Gateway To Gateway Tunnel with a Dynamic IP Address Configuring a VPN Tunnel on a Cisco RV0xx Series Router Example Sites with Static WAN IP Addresses Settings on the Site a RouterField Value Encryption Phase MD5 Field Values Encryption Example Site with a Dynamic WAN IP Address Authentication Field Value IPSec Setup Keying Mode IKE with Preshared Key Phase IPSec NAT Traversal Overview Configuration of Router a IPSec NAT Traversal Configuration of Router B Click the System Management tab Creation of New ServicesClick Add to List Creation of New Bandwidth Management Rules Bandwidth Management Click Save Specifications RV042Performance Security Network SpecificationsQoS Management RV042GEnvironmental Operating System Linux VPN Cisco RV082 IKE Cisco RV016 Dhcp DNS NAT DMZ Built-in Pptp server supporting 10 Pptp clients Product Documentation SupportCisco Small Business