Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
634
Views
0
Helpful
3
Replies

2 destinations with the same IP address

Go to solution
Ricky S
Level 3
Level 3

‎12-05-2013 08:41 AM - edited ‎03-04-2019 09:46 PM

Hey everyone, I am setting up a VPN site-to-site connection between one of my routers and a 3rd party company. Subnet on their side is 172.16.1.x. I already have 172.16.1.x at another one of my offices that this router connects to over a separate DMVPN tunnel. Basically there is going to be a server in this office that needs to connect to 172.16.1.110 and .111 at the 3rd party company. Is there a way for me to make this communication work at the same time without breaking the connection between my own offices?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎12-05-2013 08:44 AM

They're going to have to nat their traffic over the vpn as something else. Then you won't have a conflict. For example, let them know that you have that subnet and they need to nat to something that you don't have. They could nat to 172.50.50.0/24. You will need to nat your traffic as well to something else. When you go to 172.16.1.110 and .111, you would go to their natted address instead as 172.50.50.110 and 172.50.50.111. They don't change the real addresses on their end.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

View solution in original post

0 Helpful
3 Replies 3

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎12-05-2013 08:44 AM

They're going to have to nat their traffic over the vpn as something else. Then you won't have a conflict. For example, let them know that you have that subnet and they need to nat to something that you don't have. They could nat to 172.50.50.0/24. You will need to nat your traffic as well to something else. When you go to 172.16.1.110 and .111, you would go to their natted address instead as 172.50.50.110 and 172.50.50.111. They don't change the real addresses on their end.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Ricky S
Level 3
Level 3
In response to John Blakley

‎12-05-2013 08:47 AM

John, thank you! You are a genious! Much appreciated.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Ricky S

‎12-05-2013 09:01 AM

Ricky

Just to add to John's post.

If the 172.16.1.x subnet is another of your offices ie. the office you are connecting from to the 3rd party does not use 172.16.1.x then you don't need to NAT your own addresses. You would only need to NAT your IPs if they were also 172.16.1.x but it sounds like they aren't.

When you setup the VPN you need to use the NAT address in the crypto maps.

Jon

0 Helpful
Customers Also Viewed These Support Documents