Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
943
Views
8
Helpful
2
Replies

Overlapping subnet mask in VPN configuration

sid916207
Level 1
Level 1

‎11-01-2006 03:30 AM - edited ‎02-21-2020 01:16 AM

Hi ,

I have one VPN configured over Pix 506-e 6.3(4) for a site with remolte local network is 192.168.128.0 255.255.255.0.

Now I have told to configure new VPN for another site for that the remote LAN is 192.168.128.0 255.255.252.0

When I configured this VPN no traffic was generated and no VPN tunnel created for New Site(192.168.128.0/22) .

I found that a tunnel created for Old site(192.168.128.0/24) and all packets are going on this route.

Is this due to overlapping of remote LAN or I have missed some ACL configuration.?

Please help me on this.

Many thanks in Advance.

Siddhartha

0 Helpful
2 Replies 2

ajagadee
Cisco Employee
Cisco Employee

‎11-02-2006 11:22 AM

Siddhartha,

You have not missed anything. This is expected behavior with overlapping subnet and this configuration is not supported in VPN for the very same reason that you are experiencing.

The best workaround would be, to have one of the remote site NAT their source IP when tunneling traffic to your network. So, you can build the L2L Tunnel based upon the NATed IP Address.

Similar Configuration:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml

I hope it helps.

Regards,

Arul

** Please rate all helpful posts **

sid916207
Level 1
Level 1
In response to ajagadee

‎11-07-2006 02:07 AM

Hi Arul,

Thanks a lot for help.

Siddhartha

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card