Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 846
  • Last Modified:

VPN ISSUE.

My LAN IP range is , 10.200.0.0 / 16
I have Cisco 2811 Integrated Service Router which I configured for VPN connections.
When a User connects, he gets the IP from the range 10.201.0.0 / 16  ( This is what I gave in Pool )
I have a couple of Servers, One is running HP-UX , the other Windows.
IP Address for these Servers are 10.200.12.1  ,  10.200.12.3   respectively ( Mask is same 16 )

I have created Appropriate ACLs to allow VPN Users to connect these Servers.
Users are able to access the Servers with out any problem.
----------------------------------------------------------------------------------------

Now let me explain the Requirement ...  I have bought a Software from one company, which they need to access the above mentioned Servers from their Office to configure those remotely.
I have given them VPN access to connect our Network. But the problem is , Their LAN is also from the same Range 10.200.0.0 / 16  ( My bad luck ) ...  
So, they are not able to connect our Servers with VPN.

What should I do to allow them to access my Servers.  ?

Any help will be much appreciated.

Manu
0
manu4u
Asked:
manu4u
  • 4
  • 2
1 Solution
 
Andres PeralesCommented:
The only thing that I can think of is that someone may have to change their subnet...or you allow access to them via the internet...
0
 
manu4uAuthor Commented:
What I am thinking is ,

Can I make use of  natting , for example,

192.168.240.100  , is natted to  one of my Server 10.200.12.1

I mean, from the Remote Company, After connected to our Network with VPN Client,    they should be able to  use VNC to connect  IP 192.168.240.100  , and my Router identifies it and Nat it to our Internal Server IP.

Is it possible? ..
0
 
Andres PeralesCommented:
hmmm that might rock in essence you would be double natting...
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
manu4uAuthor Commented:
Unfortunately there is no way I can change the Subnet either side.
I am still looking for any useful comments / reply
0
 
manu4uAuthor Commented:
While searching for a solution to this issue, I found the following thread,

http://www.experts-exchange.com/Networking/Broadband/VPN/Q_22103656.html 

and it seems an impossible task which I am facing.

Can Irmoore / Robwill or  Rajesh  can confirm that it is impossible ? ...

Waiting for your confirmation experts
Manu
0
 
rsivanandanCommented:
It should be possible.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html#anchor10

The link above shows some of the nat configurations. Take a look and see if you get what you want.

Cheers,
Rajesh
0
 
manu4uAuthor Commented:
Thanks Rajesh ,

I just figured out that NATTing can do the job, I did the following,

ip nat inside source static network 10.200.0.67 192.168.240.100 /32 route-map SDM_RMAP_2
ip nat inside source static network 10.200.12.27 192.168.240.101 /32 route-map SDM_RMAP_3
ip nat inside source static network 10.200.12.53 192.168.240.102 /32 route-map SDM_RMAP_5
ip nat inside source static network 10.200.12.54 192.168.240.103 /32 route-map SDM_RMAP_7
ip nat inside source static network 10.200.12.28 192.168.240.104 /32 route-map SDM_RMAP_9
ip nat inside source static network 10.200.12.29 192.168.240.105 /32 route-map SDM_RMAP_11

And it worked like a charm .....

Thanks to everyone,
Manu
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now