Routing over a trunk

Similar Messages

• How to access Time Capsule drives behind DSL Router over WAN

  Hello everyone,
  I have an older Time capsule(with USB Drive) connected to my Hitron CGN3 DSL wireless router over ethernet. 
  I have turned off the wireless functionality of the TC since the router seems to be much faster on Speedtest.net. 
  I have my TC and attached USB drive setup to share over WAN but am getting a Double NAT error.
  It doesn't seem like I can turn off NAT on my Router.
  I can't run the TC in bridge mode because it will remove the Share over WAN option for the TC and Drive.
  Is it possible to setup the TC and attached USB drive to the router, without wireless on, so that I can access the TC and drive over the internet?
  Any help would be soooooo apreciated!!!
  Thanks!
  Ian

  Does anyone know why my Time Capsule drive sharing needs to be set to disk password?
  You can set the TC disks to user accounts.. at least you can on older TC with older airport utility.. but there are consequences which you discovered.
  If you set accounts.. you will have major issue with the existing files.. they will all disappear.
  The old v5 utility gives you this warning.. which somehow Apple forgot on new version.
  It actually makes all the present files disappear for all users. The warning just doesn't go far enough. You do this on a blank TC.. and of course the USB drive is just the same.. you cannot use different settings on that to the TC internal drive. So offload all your files.. create accounts on a bare TC.. load the files back into the correct user profiles.
  In the end you probably want more flexibility than a TC is designed for.. buy something designed for remote access.. WD MyCloud.. it is hugely superior.
  Also. . .  I am trying some File manager apps for my iPhone in hopes that i can connect to the same drive with it.  So far no luck with the free versions of FileBrowser Lite or File Explorer Free.
  Most are SMB based.. not AFP.. Apple offer only two protocols.. SMB and AFP. But no responsible ISP allows SMB over the internet. The flood of files from hacked windows machines would bring the internet to a grinding halt.
  People do get around it.. you can use filebrowser for instance by opening SMB to the outside world on a non-standard port.
  See http://www.stratospherix.com/support/gsw_timecapsule.php?page=6remote
  But this is incredibly risky.. there is very poor security and it is not a great idea. The AFP security is much better than SMB.
  If you want security use something other than TC.. any real NAS that offers VPN access for instance. The cost of a WD MyCloud is very reasonable when you look at the flexibility of the design. But any decent NAS will offer real remote access.. not Apple's limited pretend version.

• What is the preferred dynamic routing over l2l/ipsec?

  what is the preferred dynamic routing over l2l/ipsec?
  Sent from Cisco Technical Support iPhone App

  Disclaimer
  The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.
  Posting
  Pretty much what you might use if not IPSec.
  Do you have some reason why IPSec should have a preferred routing protocol or are you just wondering if there is a preferred routing protocol for IPSec?

• OSPF prefer learned route over local

  Hey
  I am deploying a new VPLS between 8 offices. The plan in to have all the offices get internet access through the main office. So basically all the satellite offices will only have access to the VPLS WAN link. The main office will advertize a default route to the rest of satellite offices over OSPF.
  Each office currently has its own internet connection. I would like to maintain each office's internet connection until we have completed deployment of the VPLS and have thoroughly tested it.
  So my question is this. How to i configure OSPF to prefer the learned default route, over the default route it has statically configured?
  thanks for your help
  Dan

  Dan
  Without knowing the full topology it's difficult to say for sure but as a general answer you can't really.
  Even if you tried to set the AD of OSPF to be the same as the static route, which I'm not sure would be a good idea, the locally configured static would have a better metric.
  I think you are basically going to have to test by advertising out the default route via OSPF, making sure it is in the OSPF database at each site and then remove the locally configured default to test internet connectivity via your main branch.
  Or you could try using PBR to bypass the routing table which would allow you to test central internet connectivity but it doesn't confirm your OSPF routing is working properly.
  Jon

• Discover Switch and router over VPN

  i am in contact with a company having many branches connecting over VPN tunnel and with different IP range in each branch
  how can i configure the LMs to discover my switch and my router over VPN

  LMS 3.0.1 and higher can use non-CDP discovery methods which should be able to find your remotely connected VPN devices.  You could use the Ping Sweep or Route Table modules to accomplish what you want.
  See https://supportforums.cisco.com/docs/DOC-9005 for more details.

• Implementing MPLS over VLAN trunk

  We are investigation the options of running MPLS between our two core switches (C6509 with dual Sup720s) with the aim of introducing MPLS VPNs. These two core switches are linked via a Layer 2 trunk in a collapsed backbone topology.
  Is it possible to create a point-to-point MPLS-enabled link between these switches on a VLAN interface between these switches, rather than an a dedicated physical port? It is anticipated that these two core switches will be PE routers (also acting as RRs, if required).

  Its possible to run MPLS on any media with IP configurable for it. So till you have IP reachbility on a media, you can run MPLS.
  As in your case you can very well run MPLS on an SVI reachable both sides over a trunk.
  But as a after thought, why do you want to do this, although its possible, why do you want to carry other vlans on the same trunk which also carrier the internconnect vlan for the PE's.
  HTH-Cheers,
  Swaroop

• Third Party Phone over SIP Trunk with CUCM 9.x

  Hi all,
  I have a problem where my Third Party SIP phones wont go over the SIP trunk configured in my CUCM 9.x cluster. My Cisco phones work fine and goes out the trunk. I have noticed a distinct difference in wireshark with the invite packets from Third Party SIP phones and the Cisco ones.
  I have configured the SIP trunk in CUCM with the following route pattern (60.!#)and configured it with associated group and list. Heres the differense between the invite packets from Cisco and Third Party phones.
  Cisco Phone: INVITE sip.60xxxx%23@ipadress
  Third Party SIP Phone:  INVITE sip:[email protected]
  It seems the Cisco phones gets some extra configured the Third Party ones dont...
  Thanks in advance for any help.
  //Per

  Thanks for the answer
  Yeah i have DNS configured and i have the trunk pointed to a domain destination SRV record and like i said it works fine when calling from a Cisco phone. I tried changing the domain to an ip address but same result. I also changed the Plycom phone from being registered towards the domain of CUCM to an IP adress of CUCM and then the SIP INVITE messages in wireshark began to look kinda the same expet for the "%23" section but it still dont work.
  When i look at the Real Time Data in RTMT the orig and final called from the cisco phone has stripped the 60 and forwared the rest of the number towards the correct domain for the SIP trunk.
  When looking at the data from the Polycom phone the orig and final called data still contains the 60 prefix part and the called device name field is empty.  The termination Cause Code is that the number requested is Unallocated/Unassigned..
  In other words something is missing to get CUCM to strip 60 from the Polycom phones dialed number and send it towards the SIP trunk like it does when the Cisco phones call it.
  Unfortunatley i dont have the meens to attach the trace...
  Thanks again for any help/advice
  With regards, Per.

• CM Register over SIP Trunk

  Hi guys,
  would it be possible to allow sip users to register over the sip trunk on the Call Manager? or is this method not allowed?
  Thanks.
  Best regards

  Hi Manish,
  between sip client and webrtc gw -> ws and between webrtc gw and CM -> sip.
  here are the sip messages.
  both phones are registered, 9000 is a 7912 and 8080 is sip.
  192.168.15.2 - CM
  192.168.15.202 - webrtc
  SEND: INVITE sip:[email protected] SIP/2.0
  Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
  From: <sip:[email protected]>;tag=400660433
  To: <sip:[email protected]>
  Contact: <sip:[email protected]:10060;ws-src-ip=192.168.251.105;ws-src-port=50731;ws-src-proto=ws;transport=udp>
  Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
  CSeq: 1875466830 INVITE
  Content-Type: application/sdp
  Content-Length: 978
  Max-Forwards: 70
  Authorization: Digest username="8080",realm="ccmsipline",nonce="gHqGqDWK4zTzv6Ijl6ixW58AK/Gm4yC6",uri="sip:[email protected]",response="352cb2e17e36b32ee4e0d52443d0a106",algorithm=MD5
  User-Agent: webrtc2sip Media Server 2.6.0
  v=0
  o=doubango 1983 678901 IN IP4 192.168.15.202
  s=-
  c=IN IP4 192.168.15.202
  t=0 0
  a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF
  m=audio 58690 RTP/AVP 8 0 101
  c=IN IP4 192.168.15.202
  a=ptime:20
  a=minptime:1
  a=maxptime:255
  a=silenceSupp:off - - - -
  a=rtpmap:8 PCMA/8000/1
  a=rtpmap:0 PCMU/8000/1
  a=rtpmap:101 telephone-event/8000/1
  a=fmtp:101 0-16
  a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80 inline:1YfBfgbhIdMB6YVtyZgJqc77QPHwm9o42aEPbkHD
  a=acap:2 crypto:2 AES_CM_128_HMAC_SHA1_32 inline:fujGVOi70hQnKkeUimcFUw2bH3ajZ2iW0xKy5Nrw
  a=pcfg:1 t=1 a=1,2
  a=pcfg:2 t=2 a=1,2
  a=pcfg:3 t=3
  a=sendrecv
  a=rtcp-mux
  a=ssrc:4034073057 cname:c08c56217e96dbc1e8234373eb5d2fcc
  a=ssrc:4034073057 mslabel:6994f7d1-6ce9-4fbd-acfd-84e5131ca2e2
  a=ssrc:4034073057 label:doubango@audio
  a=ice-ufrag:uaektHZ6KFVn1fw
  a=ice-pwd:HAj21nuOrDmIKl3ANXTc3K
  a=candidate:tWR5PLw1x 1 udp 2130706431 192.168.15.202 58690 typ host
  a=candidate:tWR5PLw1x 2 udp 2130706430 192.168.15.202 58691 typ host
  RECV:SIP/2.0 100 Trying
  Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
  From: <sip:[email protected]>;tag=400660433
  To: <sip:[email protected]>
  Date: Wed, 19 Mar 2014 13:26:05 GMT
  Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
  CSeq: 1875466830 INVITE
  Allow-Events: presence
  Content-Length: 0
  RECV:SIP/2.0 401 Unauthorized
  Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
  From: <sip:[email protected]>;tag=400660433
  To: <sip:[email protected]>;tag=856401750
  Date: Wed, 19 Mar 2014 13:26:05 GMT
  Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
  CSeq: 1875466830 INVITE
  Allow-Events: presence
  WWW-Authenticate: Digest realm="ccmsipline", nonce="gHqGqDWK4zTzv6Ijl6ixW58AK/Gm4yC6", algorithm=MD5
  Content-Length: 0
  SEND: ACK sip:[email protected] SIP/2.0
  Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
  From: <sip:[email protected]>;tag=400660433
  To: <sip:[email protected]>;tag=856401750
  Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
  CSeq: 1875466830 ACK
  Content-Length: 0
  Max-Forwards: 70
  Receiving SIP o/ WebSocket message: ACK sip:[email protected] SIP/2.0
  Via: SIP/2.0/WS df7jal23ls0d.invalid;branch=z9hG4bKZEk81zTwfVde8oImts6ZHiTzchfBWh1N;rport
  From: "8080"<sip:[email protected]>;tag=XFKqC4zu0S9QfzzMzQ4u
  To: <sip:[email protected]>;tag=1464334432
  Call-ID: ecc84fa2-3de3-d953-527f-5e7515cabca3
  CSeq: 29519 ACK
  Content-Length: 0
  Route: <sip:192.168.15.2:5060;lr;sipml5-outbound;transport=udp>
  Max-Forwards: 70
  Thanks.

• 2900 Series Router - Over 700 failed login attempts - How do I find the source IP?

  There is a 2900 series router  Version 15.0(1)M1, in our company, recently the logs show that there were over 700 failed login attempts to try and gain privelege level 15 access. Is there a way to see the source IP from the host that is attempting the logins?

  There is a 2900 series router  Version 15.0(1)M1, in our company, recently the logs show that there were over 700 failed login attempts to try and gain privelege level 15 access. Is there a way to see the source IP from the host that is attempting the logins?

• Multiple Customer Default Routes over MPLS Cloud

  I have a customer with a Core network connected together over VPLS, and runnng EIGRP as the IGP. For the branch offices the are using MPLS, and SP requires us to use BGP when sending routes to them.
  We have the core site, A, B, C. Site A&B have an internet connection. I want to have 1/2 the branches going to Site A and 1/2 going to Site B, and the SiteA orB and Site C as a backup. there is a single VRF. The SP will not make any changes for us...so I have been told. So I need to find out if there is a way to do this without SP involvement. I have tried Communities (CE side) with no Luck unless I make changes in the P/PE Net.
  Attached is a drawing of the high level network.
  Any Ideas....

  Some addtional informtion
  Handling Multiple Default Routes with BGP as PE-CE Protocol
  http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/L3VPNCon.html#wp321066
  Layer 3 MPLS VPN Enterprise Consumer Guide Version 2
  This section tells almost what I want to do. But I want the left side of the diagram to go left...and the right side to go right.

• Odd high data consumptio​n on 10.3.1 (and 10.2.1) - on wifi, but routing over mobile network?

  Couldn't find a similar recent thread. Just an inconclusive one from 2013 that looked more about the difference between BBOS 7 & BB10.
  tl;dr: It looks like my Z10 is routing some traffic to the mobile network when to applications it looks like the wifi connection is active.
  I have not previously had high data-use issues with my Z10. On Friday February 20th, I updated to 10.3.1.1581. On Friday March 6th, I got a notice saying I'd used 75% of my data (billing cycle is on the 18th, 800MB limit). At that point, the device monitor said I'd used ~300MB*.
  Woke up the next morning and say an alert that came in overnight saying I'd gone past my limit, and the device monitor said I'd used ~540MB.
  240MB of mobile network data use while I was at home, connected to wifi, and asleep. The device monitor attributed it to "System". Normally, my mobile data use is mostly PIM and Browser.
  I looked back in the data usage report from Koodo and saw that there was a previous, similar spike on Feb 20, earlier in the day before the 10.3.1 upgrade. Right around the time I turned on wifi at work and put the phone on its dock, hoping to start the upgrade. That failed due to AP issues.
  I use "Pocket Casts" (Android podcast app). It's set to download only when on wifi and connected to power.
  Could it be that it thought I was connected to wifi, but due to weak signal strength, the OS actually routed the connection over the mobile network? I sometimes only have one bar of signal strength in my bedroom.
  If that's the case, why is an Android app's data use recorded as "System" and not at least "Android Player"? It looks like it must be lumped in under "System", though, as the wifi usage numbers don't show anything else with enough bandwidth consumption to account for podcast downloads.

  hi,
  what is Koodo and what do "AP issues" mean?
  besides, on Friday 20th, which OS version did you update from?
  The search box on top-right of this page is your true friend, and the public Knowledge Base too:

• How do you promote a static route over a directly connected?

  Hi all,
  I have a need for a static route to be used instead of a directly connected route. (Long story - involving firewalls and anti-spoofing.. but can go further if required)
  I am using a Cisco 3750 switch. I notice directly connected routes have a metric of 0, and the highest metric I can give a static route is 1.
  Therefore, how is it possible for me to make the switch use the static route and not the directly connected?
  Any help would be appreciated!
  Cheers,
  Ben

  Hi Rick,
  Thanks for your patience.
  Maybe I should start again.
  Initially we had 16 VLANs within the 10.0/16 address space. We have some Cisco 3750's connected by dark fibre accross a couple of kms and then lower access switches all hanging of these by some means. The network is flat.
  We have a checkpoint firewall hanging off one of the 3750s connected using a TRUNK port. The firewall has an IP address on all VLANs and is used to route traffic between VLANs based on its ruleset.
  So if I have a user in VLAN 10 who wants to talk to VLAN 20, they travel to the firewall, if a rule permits the access, the firewall routes the packet on to VLAN 2 and the switches deliver at Layer 2.
  The switches all have their default VLAN 1 disabled, and have an IP address on our management VLAN to allow us to manage the switches.
  Its quite important that this IP is on a secured management VLAN as we don't want just anyone being able to snoop switch logins etc..
  If we need to login to a switch, the firewall routes our traffic from whatever VLAN we are on to the Management VLAN.
  One of our VLANs (the Desktop VLAN) is quite large (approx 1300 hosts) and suffers a great deal from too much arp broadcast traffic.
  As we have a flat switched network across several kms, the cost of putting in routers to subnet this large VLAN is excessive.
  However, the 3750's we have are perfectly capable of routing between VLANs, so we decide to create a load of new VLANs instead of subnetting our large VLAN. We don't want to use the firewall to route between these new VLANs as thats just giving the firewall more to do, and previously all these hosts were on a single subnet, so we have no need for any strict security - at most we can use ACLs on the switches if we even need that!
  So far so good.
  With 1300 hosts, we obviously can't make sudden topology changes. Therefore we need to be able to route between the Desktop VLAN and the new VLANs.
  We therefore introduce the static routes between the firewall and the switches.
  So the firewall says:
  route 10.1.0.0/16 via Multilayer switch IP on 10.1.0.0/16
  The multilayer switch says:
  route 10.0.0.0/16 via Firewall IP on 10.1.0.0/16
  This allows routing perfectly between the Desktop VLAN and the new VLANs.
  However the moment we enable ip routing on the switches we break access between the desktop VLAN and the Management VLAN.
  A packet leaves the desktop VLAN through the default gateway on the firewall. This is then routed to the Management VLAN. The return packet doesn't use the Management VLAN default gateway (firewall), it follows the static route on the switch and ends up at the firewall on 10.1.0.0/16. This is subsequently dropped as the firewall knows the packet hasn't come from the 10.1.0.0/16 network, it originally came from the desktop VLAN on 10.0.0.0/16.
  It might seem we can define a route on the switch to say:
  route 10.0.50.0/24 (management VLAN) via 10.0.50.254 (firewall). However, this would result in all packets from 10.1.0.0/16 being dropped by the firewall.
  The other problem is that if we are on a new VLAN and want to talk to the management VLAN. The packet goes to its default gateway on the switch. The switch says - "I have an IP on the management VLAN, its directly connected" - therefore it ignores the static route, and passes the packet on its way. We have now bypassed the firewall, which is bad.
  Incidentally the return packets get routed through the firewall and dropped, as the original packet didn't come through the firewall, there is no entry in the state table for its return.
  I think if we turned off the management interface on the switch and managed it through the interface on 10.1.0.0/16, I assume everything would work. However, we don't want to do this for a whole load of other reasons I wont go into.
  Im sure there must be a fairly simple solution - I just don't have enough experience!
  Cheers,
  Ben

• Dynamic WDS Discovery over VLAN-Trunk

  Hi i have two wds ap each connected to a trunk-port. each has its bvi 1 interface connected to int f0.201 which is mapped to vlan 201. i can access the accesspoint by telnet, but the either do not exchange wlccp information, so everyone ends up as Standalone WDS. If i send updates on f0.201 they exchange wlccp information, but they stock in INIT-Phase. Here my config and the sh wlccp wds:
  dot11 vlan-name SVL-WDSC24 vlan 201
  interface FastEthernet0
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  interface FastEthernet0.201
  encapsulation dot1Q 201
  no ip route-cache
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface BVI1
  ip address 10.0.201.2 255.255.255.0
  no ip route-cache
  wlccp wds priority 2 interface f0.201
  WDSP57-1U-11-03#sh wlccp wd
  MAC: 0013.7f24.36e2, IP-ADDR: - , Priority: 2
  Interface FastEthernet0, State: INITIALIZATION
  Does anyone have a guess?
  thanks, regards dave

  Unfortunately the Aironet's Cisco IOS supports BVI interface only on native VLANs.
  You have to configure "encapsulation dot1Q 201 native" on the FastEthernet0.201 subinterface and then you should modify coherently the configuration on the switching infrastructure.
  Regards,
  Fabrizio

• Force Routing Over second link?

  We have a MPLS WAN connecting our offices from our Service Provider. Our Head Office has a larger 50Mbps pipe and a remote office has 2 separate 2Mbps links (lets call them link1 and link2). Right now all traffic only goes over Link1 at the remote office as per all the BGP routing. I can make a static route at the remote office for specific traffic to go over link2 and it will successfully send over that link. My question is, is there a way to get traffic from Head Office to go to Link2 instead of Link1?

  It primary depends on BGP routing. You can try to change the way ISP send traffic to you branch using different BGP path attribute  in advertisement on the two links but you have to negotiated with ISP because they can also "force" their netwrok to use on path instead of the other for example using BGP local preference. I suggest you to read here to understand BGP algorithm:
  http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html
  Bye,
  enrico

• RV042 not annoucing vpn routes over rip v2

  Problem: RV042 is not announcing a class C VPN route via RIP to other routers. It announces the gateway public address via rip, but not the VPN route.
  I am attempting to use a pair of RV042 as a redundant links between our home office and a branch. The home office and branch is already connected via a T1. Each location also has an additional cable internet connection with public IP address and a cisco 1921 router controlling the traffic.
  The 1921 routers are using OSPF to route traffic over the T1 and have RIPv2 enabled to talk to their local respective RV042s. Here is a description of how the network is set up.
  MainRouter - cisco 1921
     Eth0 - Network is 192.168.41.0/24
               IP address is 192.168.41.20
     Eth0/1 - Network 10.1.1.1 255.255.255.254
              T1 connection to branch router
  MainRV - RV042 v3 with fw 4.2.1.02
     Wan1 - Public IP A X.X.X.X
      LAN- Network 192.168.41.0/24
                IP 192.168.41.11 255.255.255.0
  BranchRouter - cisco 1921
    Eth0/0 - Network is 192.168.46.0/24
                 IP address is 192.168.46.10
    Eth0/1 - Network 10.1.1.2 255.255.255.254
              T1 connection to main router
  BranchRV - RV042 v3 with fw 4.2.1.02
    Wan1 - Public IP B Y.Y.Y.Y
      LAN - Network 192.168.46.0/24
                IP 192.168.46.11 255.255.255.0
  I have established a VPN from BranchRV to MainRV and it passes traffic correctly. My "MainRouter "
  rip database looks like this....
  192.168.41.0/24    auto-summary
  192.168.41.0/24    directly connected, GigabitEthernet0/0
  X.X.X.X/24    auto-summary
  X.X.X.Z/30
      [1] via 192.168.46.11, 00:00:01, GigabitEthernet0/0
  Notice that there is no route to 192.168.46.0/24 in there....
  Now here is the kicker, just messing around, I changed the VPN settings to use subnets 10.0.10.0/24 on MainRV and 10.0.11.0/24 on BranchRV instead of 192.168.41.0/24 and 192.168.46.0/24 respectivly. After I tried that the routes for the 10.0.3.0 were announced via RIP
  Here is what the MainRouter's rip database looked like after I tried that
  10.0.0.0/8    auto-summary
  10.0.11.0/24
      [2] via 192.168.41.11, 00:00:18, GigabitEthernet0/0
  192.168.41.0/24    auto-summary
  192.168.41.0/24    directly connected, GigabitEthernet0/0
  X.X.X.X/24    auto-summary
  X.X.X.Y/30
      [1] via 192.168.41.11, 00:00:18, GigabitEthernet0/0
  What gives? This really looks like a bug to me...
  Anyhow I'm thinking a workaround might be to set up a GRE tunnel across those 10.0.X.X subnets to the other side so I can at least dynamically route traffic accross.... Without the RIP routes being announced I don't have automatic failover!
  Thanks for your help,
     Curtis

  Yes as was explained to me previously.... by Jason Nickle multicast does not cross a site-to-site tunnel.
  That is not what I want to have happen. What I want is for my RV042 to announce it's VPN routes to other routers on the same physical network. Which it currently is not doing.
  Site 1
      Cisco IOS Router X - main router, local network traffic runs across this
       RVO42 X - has VPN link to RVO42 Y at Site 2
  Site 2
    Cisco IOS Router Y - main router, local newtok traffic runs acress this
     RVO42 Y - has VPN link to RVO42 X at Site 1
  The problem is that RV042 Y doesn't tell Router Y that it has a route to Site 1. And RV042 X doesn't tell Router X that it has a route to Site 2. So they are not locally announcing via RIP, the routes they have TO the respective remote sites.
  What I was trying to say in my original post, is that the router will announce VPN routes if the vpn subnets are a class A 10.X.X.X subnet, but it doesn't announce them if they are a class C 192.168.X.X subnet. So what I am doing should be working, however it is not.