Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
107
Views
0
Helpful
2
Replies

IPsec VPN with a peer IP address and remote LAN in the same subnet

Ab26
Level 1
Level 1

‎08-02-2024 01:51 PM - edited ‎08-02-2024 02:14 PM

Hi,
I recently set up a site-to-site IPsec VPN tunnel with a customer, and soon after informed me that they use the same subnet for their VPN Peer IP address and the LAN behind it. They can't do NATing at the moment. They've even planned for some of our LAN traffic to communicate directly with their peer IP. I have never seen a VPN with the same IP addressing scenario, so I'm not sure whether this set up will work or not. I have tried to search online but with no succuss.  
The VPN tunnel is currently active, and we have set it up as a route-based tunnel using tunnel mode for the IPsec transform-set. Can anyone provide insights or confirmation on whether this configuration will work?

Site A: 
Peer IP: 10.10.10.1 , LAN 10.10.0.0/24 

Site B:
Peer IP 20.20.20.55, LAN 20.20.20.0/24

Labels:
0 Helpful
2 Replies 2

MHM Cisco World
VIP
VIP

‎08-02-2024 02:10 PM

Do you use ASA FW?

MHM

0 Helpful

Ab26
Level 1
Level 1
In response to MHM Cisco World

‎08-02-2024 02:12 PM

Thanks for your reply! from our end we use a Cisco router

0 Helpful
Customers Also Viewed These Support Documents