Solved

VPN ISSUE.

Posted on 2008-06-18
7
837 Views
Last Modified: 2008-06-18
My LAN IP range is , 10.200.0.0 / 16
I have Cisco 2811 Integrated Service Router which I configured for VPN connections.
When a User connects, he gets the IP from the range 10.201.0.0 / 16  ( This is what I gave in Pool )
I have a couple of Servers, One is running HP-UX , the other Windows.
IP Address for these Servers are 10.200.12.1  ,  10.200.12.3   respectively ( Mask is same 16 )

I have created Appropriate ACLs to allow VPN Users to connect these Servers.
Users are able to access the Servers with out any problem.
----------------------------------------------------------------------------------------

Now let me explain the Requirement ...  I have bought a Software from one company, which they need to access the above mentioned Servers from their Office to configure those remotely.
I have given them VPN access to connect our Network. But the problem is , Their LAN is also from the same Range 10.200.0.0 / 16  ( My bad luck ) ...  
So, they are not able to connect our Servers with VPN.

What should I do to allow them to access my Servers.  ?

Any help will be much appreciated.

Manu
0
Comment
Question by:manu4u
  • 4
  • 2
7 Comments
 
LVL 17

Expert Comment

by:Andres Perales
ID: 21814917
The only thing that I can think of is that someone may have to change their subnet...or you allow access to them via the internet...
0
 
LVL 7

Author Comment

by:manu4u
ID: 21814961
What I am thinking is ,

Can I make use of  natting , for example,

192.168.240.100  , is natted to  one of my Server 10.200.12.1

I mean, from the Remote Company, After connected to our Network with VPN Client,    they should be able to  use VNC to connect  IP 192.168.240.100  , and my Router identifies it and Nat it to our Internal Server IP.

Is it possible? ..
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 21815027
hmmm that might rock in essence you would be double natting...
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 7

Author Comment

by:manu4u
ID: 21819325
Unfortunately there is no way I can change the Subnet either side.
I am still looking for any useful comments / reply
0
 
LVL 7

Author Comment

by:manu4u
ID: 21819467
While searching for a solution to this issue, I found the following thread,

http://www.experts-exchange.com/Networking/Broadband/VPN/Q_22103656.html 

and it seems an impossible task which I am facing.

Can Irmoore / Robwill or  Rajesh  can confirm that it is impossible ? ...

Waiting for your confirmation experts
Manu
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
ID: 21819613
It should be possible.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html#anchor10

The link above shows some of the nat configurations. Take a look and see if you get what you want.

Cheers,
Rajesh
0
 
LVL 7

Author Comment

by:manu4u
ID: 21819718
Thanks Rajesh ,

I just figured out that NATTing can do the job, I did the following,

ip nat inside source static network 10.200.0.67 192.168.240.100 /32 route-map SDM_RMAP_2
ip nat inside source static network 10.200.12.27 192.168.240.101 /32 route-map SDM_RMAP_3
ip nat inside source static network 10.200.12.53 192.168.240.102 /32 route-map SDM_RMAP_5
ip nat inside source static network 10.200.12.54 192.168.240.103 /32 route-map SDM_RMAP_7
ip nat inside source static network 10.200.12.28 192.168.240.104 /32 route-map SDM_RMAP_9
ip nat inside source static network 10.200.12.29 192.168.240.105 /32 route-map SDM_RMAP_11

And it worked like a charm .....

Thanks to everyone,
Manu
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
vpn to Azure 2 18
VLAN Configuration on Cisco Switch 8 20
Cisco IOS upgrade c3560_backup and deletion of drwx 7 9
WLC and radius 4 10
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question