cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
917
Views
0
Helpful
3
Replies

IPsec - 2 remote connections same subnet

jbenoza21
Level 1
Level 1

I have an RV220W and have VPN connections to my clients office using IPsec (and they are using RV220Ws as well).

I am able to get the connection established and working for most of my clients, but I have one client that has the same subnet as another.

eg.

Client A - 192.168.1.0

Client B - 192.168.1.0

I have already established an IPsec connection with Client A and it is working fine, but of course Client B does not work because of this issue.

Is there any way to trick/configure IPsec to work on a different subnet for Client B?

eg.

I want 192.168.15.1 to "translate" itself to 192.168.1.1 of Client B's network, and so on and so fourth so that when I use .15 on my local network it points to Client B's network for that address.

Is this possible or any other solution that would help me here? I don't want to go and re-IP their entire network just for this to work.

 

Thanks for any help

3 Replies 3

ghostinthenet
Level 7
Level 7

With an IOS router, there is granular control over the NAT policies that will allow such a translation to occur. With Small Business routers, this option isn't available. The easiest thing to do actually would be to go and re-address their network, but depending on your application, you may have other options.

With respect to the traffic crossing the VPN, is it primarily client traffic coming to your network from their site or are you initiating traffic to them?

The traffic is coming to my network from their site. Essentially so that I can RDP to their servers from my office and have a host monitor ping machines/devices.

 

What other options are you referring to?

I was just thinking that you could just run the IPSec VPN from between the two sites' public address rather than between their internal addresses and NAT forward the service ports. You would still gain the encryption of IPSec, but not have to worry about the internal address overlap.

Review Cisco Networking for a $25 gift card