Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
261
Views
0
Helpful
1
Replies

IPSEC tunnel with both LANs using the same IP scheme

stevem
Level 1
Level 1

‎07-04-2005 06:36 AM - edited ‎02-21-2020 01:51 PM

Hello, I've set up a point to point VPN between a remote office (currenlty 4 users) and our main office (all servers are there) where the remote office will have all thin clients set up so when they log in, they do a RDP through the IPSEC tunnel to log on to the network. So my ACLs look like this:

access-list inside_outbound_nat0_acl permit ip 192.168.1.0 255.255.255.0 192.168.1.0 255.255.255.0

access-list outside_cryptomap_20 permit ip 192.168.1.0 255.255.255.0 192.168.1.0 255.255.255.0

When doing a sh crypto sa I see the peer address on the vpn tunnel but not sure if I should have done a EZ vpn server remote and head end instead of the point to point vpn? Will I have a conflict or problem since I"m using the same LAN IP scheme, 192.168.1.0 for both sites? Any insight is greatly appreciated.

Labels:
0 Helpful
1 Reply 1

stevensavage
Level 1
Level 1

‎07-04-2005 08:31 AM

Yes - you will have a conflict. The access-lists you created are invalid as you cannot allow/deny access from the same range as you did. Simply change one of the ranges to 192.168.2.0 and you're set.

0 Helpful
Customers Also Viewed These Support Documents