Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Checkpoint site to site vpn overlapping subnet

Avatar of anamops
anamops asked on
VPNSoftware Firewalls
2 Comments1 Solution3195 ViewsLast Modified:
I am trying to create a site to site vpn with a 3rd party firewall.  The main problem is that my encryption domain is configured as 172.16.0.0/16 and the 3rd parties is 172.16.56.0/25 (so there is an overlap).  However, in actuality our encryption domain is actually only using 172.16.0.0/24 ip addresses.  I can't adjust my encryption domain subnet as there areover 15 site to site vpns confgured and this would impact those vpns

How can I configure a site to site vpn given that our subnets overlap?  I found some documentation regarding making changes to my Checkpoint R62 user.def.NGCMP file (subnet per peer and subnet per range etc) but it seems a bit vague.  Does anyone have suggestions on configuring this outside of changing my encryption domain which is not an option?


Thanks
ASKER CERTIFIED SOLUTION
Avatar of deimark
deimarkFlag of United Kingdom of Great Britain and Northern Ireland image

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Commented:
This problem has been solved!
Unlock 1 Answer and 2 Comments.
See Answers