05-09-2021 03:45 AM
Hello Guys,
I have question how can I solve below problem:
My customer have 2 office which are connected via public IP, but this two office has the same subnet 192.168.5.0/24.
I can't do L2 between this sites, so I created my own LAB and I trying to emulate it and check how can I solve it in production. Below is my LAB topology
I
Between R2 and R3 I have VTI (172.16.5.0/24 where 5.1 is R2, 5.2 is R3) which is protected by IPSEC. I have running eigrp on all routers in the same AS (also eigrp is running on tunnel) but when I trying ping from R1 (192.168.5.1) to R4(192.168.5.4) I not receive echo reply...
My question is how can I extend subnet 192.168.5.0 via VTI ?
05-09-2021 04:43 AM
I tested in LAB one think: NAT using NVI (ip nat enable) and it's working, but maybe exist another solution ?
05-09-2021 05:16 AM
As per i am aware you need to NAT for the Duplicate subnets.
05-09-2021 06:15 AM
Hello,
which router connects to the Internet ? What is the purpose of the VTI between R2 and R3 ? Post the full configurations of all routers involved, including the router that connects to the Internet.
05-09-2021 07:38 AM
R2 and R3 are on the Internet and subnet 10.0.0.0/24 simulate this situation. Between R2 and R3 I have configured VTI tunnel protected by IPSEC. On all routers are running eigrp in same AS, also network statement for 172.16.5.0/24 is configured, behind R4 is another subnet - in my LAB R4 has interface loopback configured on 8.8.8.8 address which simulate this situation. Behind R1 is also another subnet - In my LAB R1 has interface loopback with 1.1.1.1 address. Both of it are advertised by EIGRP so R4 know abot 1.1.1.1 and R1 know about 8.8.8.8 and when I ping from 1.1.1.1 to 8.8.8.8 everythink working, but when I trying ping from 192.168.5.1(ping sourced from R1) to 192.168.5.4(address on interface R4) - it's not working because eigrp not advertise address 192.168.5.4/32 so R1 doesn't know how to reach this router.
To do reacheable probably I need to use NAT on both site so subnet 192.168.5.0/24 belongs to R1/2 I need to NAT for random subnet, and subnet 192.168.5.0/24 belongs to R3/4 I need to NAT for another random subnet.
I only ask about solution which I should use. NAT ? L2TP? Or maybe exist very simple solution which I not know.
05-09-2021 12:42 PM
What is different between L2VPN and L3VPN ?
L2VPN the subnet behind the End is same
L3VPN the subnet behind the End is different
You can Use L2 over GRE tunnel if you want.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: