Discontiguous Subnets over VPN

joe.morrison · ‎10-05-2006

I have been looking for a way to make multiple sites use the same IP scheme on both remote locations. I have many clients that will need to connect wirelessly at both locations; they all need to use the same WPA key, and have static IP addresses on a single subnet.

On one router (we'll call it A) I am using 10.10.0.0/16 that I would like to have relpicated on another router(router B), but I haven't had any luck. I am able to establish a VPN when I use the 10.10.0.0/16 on A, and a 10.11.0.0 on B. When I try to implimet the same IP scheme on both ends my VPN cannot be established.

If this is not posible is there a way I can create a tunnel interface to pass my trafic from router B to router A through the VPN.

I would like to steer clear of a MPLS VPN since it would lead to upgrading equipment.

b.hsu · ‎10-11-2006

The feature Discontinuous IP Address Pools for the Same Realm allows the user to specify discontinuous IP address pools for the same realm so that mobiles with NAI can have home addresses assigned from a pool of discontiguous IP address ranges. This will allow the Home Agent to accept Mobiles belonging to multiple virtual networks for the same host group.

This is achieved by configuring a local pool on HA covering the IP address ranges for multiple virtual-networks, and specifying one of the virtual-networks as the home network for the given realm.

The following configuration can be used to allow the HA to accept MNs belonging to multiple virtual networks for the same host group.

ip local pool pool1 10.1.1.1 1.1.1.250

ip local pool pool1 10.1.2.1 1.1.2.250

ip mobile home-agent

ip mobile virtual-network 10.1.1.0 255.255.255.0

ip mobile virtual-network 10.1.2.0 255.255.255.0

ip mobile host nai @xyz.com address pool local pool1 virtual-network 10.1.1.0

255.255.255.0 aaa lifetime 65535