cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
586
Views
0
Helpful
2
Replies

Site2SIte VPN Overlapping Network

sahara101
Level 1
Level 1

Hello community,

 

I have a question for which I googled but still do not understand it quite well.

 

Would it be possible to create a site2site connection, with both sides having the same subnet? What I have found is the use of XLATED. 

 

https://www.petenetlive.com/KB/Article/0001446

 

But what I do not understand is how this works. If I have Site A 10.10.1.0 and Site B 10.10.1.0 I need to create a masquerade subnet for bothe, so Site A 10.10.2.0 and Site B 10.10.3.0

Then I need to ping 10.10.3.0 from Site A in order for SIte B to provide a response over 10.10.1.0.

But does this not mean that all communication needs to be made over the new addresses? If there are Services that depend on each other how will they communicate without changing any IPs? Let's say I migrate DC from Site A to Site B. How will the Clients on Site A communicate with it? 

 

What I am trying to achive, if possible, is to leave the network as is, create the same netowork at Site B and let them communicate via VPN. 

 

Thank you!

1 Accepted Solution

Accepted Solutions

balaji.bandi
Hall of Fame
Hall of Fame

Site to site VPN with overlaop you need to masq as you mentioned - when they going to other side of the network like example.

 

10.10.10.x network otehr side  site1 10.10.2.X you going to NAT with your Local NAT IP range 10.10.3.X

 

If the IP address local communicating with Location then you need to do orginal do not NAT

 

Other example : ( see in the middle different subnet you use for masq)

 

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/211275-Configuration-Example-of-ASA-VPN-with-Ov.html

https://www.practicalnetworking.net/stand-alone/vpn-overlapping-networks/

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

Site to site VPN with overlaop you need to masq as you mentioned - when they going to other side of the network like example.

 

10.10.10.x network otehr side  site1 10.10.2.X you going to NAT with your Local NAT IP range 10.10.3.X

 

If the IP address local communicating with Location then you need to do orginal do not NAT

 

Other example : ( see in the middle different subnet you use for masq)

 

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/211275-Configuration-Example-of-ASA-VPN-with-Ov.html

https://www.practicalnetworking.net/stand-alone/vpn-overlapping-networks/

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Thanks for info and links