Solved

Cannot establish VPN between two same Gateways!

Posted on 2011-09-26
15
374 Views
Last Modified: 2012-05-12
Hello,

I'm trying to establish VPN between two office locations and encountering issues with Ping Failure message in Edge-Water router. After further digging, I found that these two locations contains same Gateway address.

Is there any way to establish VPN between these two locations which contain identical Gateway address? Is there any alternatives? What about VLAN?

Any further help would be appreciated. Thank you.
0
Comment
Question by:SrinathS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +3
15 Comments
 
LVL 95

Expert Comment

by:John Hurst
ID: 36598917
When you say "same gateways", you mean "same subnet"?   If so, the very best way around this is to change the subnet on one end. Long term, that is best. ... Thinkpads_User
0
 
LVL 3

Expert Comment

by:mwiener1
ID: 36598996
You cant have a vpn site to site with the same subnet on both sides. Change one and you'll be good to go.
0
 

Author Comment

by:SrinathS
ID: 36599132
NOT SUBNET

Verizon gave us same Gateway address for both of these locations. The SUBNET is different for both of these two locations (192.168.1.1, 10.10.3.1) I try to create and activate the new VPN in Edge Water to CISCO router, but it's shows "Ping Failure" message after few seconds.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 95

Expert Comment

by:John Hurst
ID: 36599163
I think it would still be worth your while to ask Verizon to change one of the gateway addresses. This will help avoid later confusion.

However, here, if the two site IP addresses are different (but with the same external gateway), it should not cause a VPN failure, so look to other setup causes. ... Thinkpads_User
0
 

Author Comment

by:SrinathS
ID: 36599249
Okay. Theoretically, is it necessary to have different Gateways to setup VPN? The reason why I'm asking is ... my senior tech support told me that I need to have different Gateways to achieve this! I'm not sure, so I'm looking for right answer from here!
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 36599359
Check if you really need an external gateway. I looked at a couple of site to site IPSec VPN boxes and my own Windows 7 client application, and for external IP addresses, gateways are not even used. ... Thinkpads_User
0
 

Author Comment

by:SrinathS
ID: 36599608
I got different answer from my senior tech now! It's SAME SUBNET! NOT GATEWAY! Again the same question: What is the possible way to setup VPN with same SUB-NETS! Sorry for the confusion!
0
 
LVL 95

Accepted Solution

by:
John Hurst earned 167 total points
ID: 36599635
You need to change subnet on ONE end. VPN needs a different subnet on each end.

... Thinkpads_User
0
 
LVL 3

Assisted Solution

by:mwiener1
mwiener1 earned 167 total points
ID: 36599839
The only way to do it with the same subnet is to allow DHCP passthrough from one side.

Its easier to just change one subnet.
0
 
LVL 70

Assisted Solution

by:Qlemo
Qlemo earned 166 total points
ID: 36927937
As said, you need disjunctive addresses. That is most commonly achieved by using different subnets. The reason for that is that a router needs to have clear rules when and what to route. If packets for the same subnet arrive at the router, he cannot decide whether they are intended for the other side via VPN, or should remain local and hence ignored by the router.
If you have the lower sub-subnet on one site, and the higher sub-subnet on the other, routing is feasible. That would require you set one site to e.g. 192.168.1.0/25 (which is 192.168.1.1 to 126 as usuable addresses), and the other one to 192.168.1.128/25 (192.168.1.129 to 254). That way networks are still unique, you do not need to change much in regard of the network, and it still looks like it is one bigger network.
Of course you can also switch addresses to a complete different subnet on one site.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 37048016
I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 37048017
The author has the same subnet on each end (author confirmed). My answer (ID:36598917) is correct in this case.
.... Thinkpads_User
0
 

Expert Comment

by:South Mod
ID: 37074922
All,
 
Following an 'Objection' by thinkpads_user (at http://www.experts-exchange.com/Q_27421341.html) to the intended closure of this question, it has been reviewed by at least one Moderator and is being closed as recommended by the Expert.
 
At this point I am going to re-start the auto-close procedure.
 
Thank you,
 
SouthMod
Community Support Moderator
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question