cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
788
Views
0
Helpful
3
Replies

Site 2 Site VPN same Ip`s

How can i make a VPN between 2 Router with the same lan ip`s. 

Thanks

1 Accepted Solution

Accepted Solutions

Hi Raimund,

what do you mean with the same Lan IPs?
Usually if you can, it would be better to agreed the encryption domains between the two Sites so that they don't overlap, that's the easier solution to me...

By the way, If you need to mantain your subnets on both sites overlapping between each other, the only thing you can do is to NAT on only one or on both side (it depends if you need a one or two-way communication):

Lan subnets:
Site 1: 10.10.10.0/24
Site 2: 10.10.10.0/24

Tunnel/VPN public end-points (through internet or whatever..):
Site 1: 1.1.1.1/32
Site 2: 2.2.2.2/32

Network/Ip address choosen to perform the NAT on Site 1 for example (one way communication with connection started by Site 2):
20.20.20.0/24

So the story is: The Traffic will be encapsulate throughout the VPN for all the requests from the Site 2 Lan pointing to the NAT subnet 20.20.20.0/24... once on the Site 1 equipment, you'll decapsulate the traffic, performing a DESTINATION-NAT towards the real Lan subnet on Site 1.


I hope this helps,

Regards
L.

View solution in original post

3 Replies 3

Hi Raimund,

what do you mean with the same Lan IPs?
Usually if you can, it would be better to agreed the encryption domains between the two Sites so that they don't overlap, that's the easier solution to me...

By the way, If you need to mantain your subnets on both sites overlapping between each other, the only thing you can do is to NAT on only one or on both side (it depends if you need a one or two-way communication):

Lan subnets:
Site 1: 10.10.10.0/24
Site 2: 10.10.10.0/24

Tunnel/VPN public end-points (through internet or whatever..):
Site 1: 1.1.1.1/32
Site 2: 2.2.2.2/32

Network/Ip address choosen to perform the NAT on Site 1 for example (one way communication with connection started by Site 2):
20.20.20.0/24

So the story is: The Traffic will be encapsulate throughout the VPN for all the requests from the Site 2 Lan pointing to the NAT subnet 20.20.20.0/24... once on the Site 1 equipment, you'll decapsulate the traffic, performing a DESTINATION-NAT towards the real Lan subnet on Site 1.


I hope this helps,

Regards
L.

Thanks

I will test it in my lab

Ok, let me know then.

Thank you!

Review Cisco Networking for a $25 gift card