Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!

Routing multiple networks through a vpn

Pretty new here and i may be making this harder than it really is..

on my LAN up until now my network was just with a DMVPN to my remote site on a network and it worked fine, i could ping back and forth.


Now on my lan i had to add another server with the same IP as my remote site so i now have 2 networks and that need to connect through the vpn and my new network is not able to so far....


Just wondering how to go about/configure my LAN so that my new .125 networked server can ping through the vpn


I got stuck after looking into inter-vlan config and sub interfaces on the router, i could ping the individual networks on my LAN but my .125.x server could not ping through the DMVPN 

I only have 1 physical interface on my router for my LAN


If someone could walk me through with some samples on how to do this would be great!

Reza Sharifi
Hall of Fame Expert

Does the local new subnet (192.168.125.x) has the same mask as the remote location?  If yes that is not a very practice to have the same IP segment on both sites.


Raja Periyasamy

The DMvpn tunnel exchanges routes and that is how the communication takes place across the tunnel.

First of all if the host finds that the IP that it is trying to reach is in its own subnet it is never going to send the packet to its default gateway. It will always do an arp request to find the MAC address of the IP.

So there is no way the packet will even reach the DMvpn router. 

I am afraid that this is not going to work.

Is there anything that i can change to make this work?

You will have to change one of the subnets. I dont think anything else can be done.


So if i was to change this then, how would we go about it.

Our lan Needs two networks to function for example for our main servers, and then we need this new server ( to be connected through the vpn on the same network to our remote location.  (

Raja Periyasamy

You will have to either change the 192.186.125.x subnet to some other subnet like 192.168.126 


There is one more thing you can do. If it is only a few servers on the 192.168.125.x network that need to be communicated across the tunnel then you can try to nat those 192.168.125.x servers to different IPs and enable natting on the tunnel interface and PAT the 125.x subnet at the R2 side in the similar way so that both sides see each other as different subnets. 

Use static routes across the tunnel interfaces to route the new subnet traffic.