Solved

VPN ISSUE.

Posted on 2008-06-18
7
838 Views
Last Modified: 2008-06-18
My LAN IP range is , 10.200.0.0 / 16
I have Cisco 2811 Integrated Service Router which I configured for VPN connections.
When a User connects, he gets the IP from the range 10.201.0.0 / 16  ( This is what I gave in Pool )
I have a couple of Servers, One is running HP-UX , the other Windows.
IP Address for these Servers are 10.200.12.1  ,  10.200.12.3   respectively ( Mask is same 16 )

I have created Appropriate ACLs to allow VPN Users to connect these Servers.
Users are able to access the Servers with out any problem.
----------------------------------------------------------------------------------------

Now let me explain the Requirement ...  I have bought a Software from one company, which they need to access the above mentioned Servers from their Office to configure those remotely.
I have given them VPN access to connect our Network. But the problem is , Their LAN is also from the same Range 10.200.0.0 / 16  ( My bad luck ) ...  
So, they are not able to connect our Servers with VPN.

What should I do to allow them to access my Servers.  ?

Any help will be much appreciated.

Manu
0
Comment
Question by:manu4u
  • 4
  • 2
7 Comments
 
LVL 17

Expert Comment

by:Andres Perales
ID: 21814917
The only thing that I can think of is that someone may have to change their subnet...or you allow access to them via the internet...
0
 
LVL 7

Author Comment

by:manu4u
ID: 21814961
What I am thinking is ,

Can I make use of  natting , for example,

192.168.240.100  , is natted to  one of my Server 10.200.12.1

I mean, from the Remote Company, After connected to our Network with VPN Client,    they should be able to  use VNC to connect  IP 192.168.240.100  , and my Router identifies it and Nat it to our Internal Server IP.

Is it possible? ..
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 21815027
hmmm that might rock in essence you would be double natting...
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 7

Author Comment

by:manu4u
ID: 21819325
Unfortunately there is no way I can change the Subnet either side.
I am still looking for any useful comments / reply
0
 
LVL 7

Author Comment

by:manu4u
ID: 21819467
While searching for a solution to this issue, I found the following thread,

http://www.experts-exchange.com/Networking/Broadband/VPN/Q_22103656.html 

and it seems an impossible task which I am facing.

Can Irmoore / Robwill or  Rajesh  can confirm that it is impossible ? ...

Waiting for your confirmation experts
Manu
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
ID: 21819613
It should be possible.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html#anchor10

The link above shows some of the nat configurations. Take a look and see if you get what you want.

Cheers,
Rajesh
0
 
LVL 7

Author Comment

by:manu4u
ID: 21819718
Thanks Rajesh ,

I just figured out that NATTing can do the job, I did the following,

ip nat inside source static network 10.200.0.67 192.168.240.100 /32 route-map SDM_RMAP_2
ip nat inside source static network 10.200.12.27 192.168.240.101 /32 route-map SDM_RMAP_3
ip nat inside source static network 10.200.12.53 192.168.240.102 /32 route-map SDM_RMAP_5
ip nat inside source static network 10.200.12.54 192.168.240.103 /32 route-map SDM_RMAP_7
ip nat inside source static network 10.200.12.28 192.168.240.104 /32 route-map SDM_RMAP_9
ip nat inside source static network 10.200.12.29 192.168.240.105 /32 route-map SDM_RMAP_11

And it worked like a charm .....

Thanks to everyone,
Manu
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
domian network access 5 31
VoIP Polycom Phones not working 30 48
2960 port config for both PC & SIP phone using QoS 2 42
Bizarre IP Address / Port Blocking Windows 7 13 57
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question