07-13-2010 11:36 AM
We have an office in Bermuda and 2 offices in Chicago. The 2 offices in Chicago have the same IP scheme - 10.150.1.0/24. I'd like to set a site-to-site VPN up from Bermuda to each of the Chicago offices. I have one up and it works fine. When I set up the 2nd, I can transmit from Chicago, but not receive. I assume this has to do with the same IP networks. Is there some way to get around this?
Thanks,
Scott
Solved! Go to Solution.
07-13-2010 11:56 AM
Yes you would need to nat all traffic going to one of the Chicago sites. That way the other sites will see it as a completely different subnet. Her is a guide from cisco.com:
07-13-2010 11:57 AM
Scott,
This is quite a common problem - and solution will be to google for solution on CCO ... depending on what devices are available there you can do it differently.
But basically you will need to NAT remote subnets not to share same IP schema.
Here's an example for IOS,
http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080a0ece4.shtml
and for ASA:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b37d0b.shtml
HTH,
Marcin
07-13-2010 11:56 AM
Yes you would need to nat all traffic going to one of the Chicago sites. That way the other sites will see it as a completely different subnet. Her is a guide from cisco.com:
07-13-2010 01:27 PM
Thanks for your help. I'll try this.
07-13-2010 11:57 AM
Scott,
This is quite a common problem - and solution will be to google for solution on CCO ... depending on what devices are available there you can do it differently.
But basically you will need to NAT remote subnets not to share same IP schema.
Here's an example for IOS,
http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080a0ece4.shtml
and for ASA:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b37d0b.shtml
HTH,
Marcin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: