Solved

Cannot establish VPN between two same Gateways!

Posted on 2011-09-26
15
342 Views
Last Modified: 2012-05-12
Hello,

I'm trying to establish VPN between two office locations and encountering issues with Ping Failure message in Edge-Water router. After further digging, I found that these two locations contains same Gateway address.

Is there any way to establish VPN between these two locations which contain identical Gateway address? Is there any alternatives? What about VLAN?

Any further help would be appreciated. Thank you.
0
Comment
Question by:SrinathS
  • 5
  • 3
  • 2
  • +3
15 Comments
 
LVL 92

Expert Comment

by:John Hurst
ID: 36598917
When you say "same gateways", you mean "same subnet"?   If so, the very best way around this is to change the subnet on one end. Long term, that is best. ... Thinkpads_User
0
 
LVL 3

Expert Comment

by:mwiener1
ID: 36598996
You cant have a vpn site to site with the same subnet on both sides. Change one and you'll be good to go.
0
 

Author Comment

by:SrinathS
ID: 36599132
NOT SUBNET

Verizon gave us same Gateway address for both of these locations. The SUBNET is different for both of these two locations (192.168.1.1, 10.10.3.1) I try to create and activate the new VPN in Edge Water to CISCO router, but it's shows "Ping Failure" message after few seconds.
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 36599163
I think it would still be worth your while to ask Verizon to change one of the gateway addresses. This will help avoid later confusion.

However, here, if the two site IP addresses are different (but with the same external gateway), it should not cause a VPN failure, so look to other setup causes. ... Thinkpads_User
0
 

Author Comment

by:SrinathS
ID: 36599249
Okay. Theoretically, is it necessary to have different Gateways to setup VPN? The reason why I'm asking is ... my senior tech support told me that I need to have different Gateways to achieve this! I'm not sure, so I'm looking for right answer from here!
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 36599359
Check if you really need an external gateway. I looked at a couple of site to site IPSec VPN boxes and my own Windows 7 client application, and for external IP addresses, gateways are not even used. ... Thinkpads_User
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:SrinathS
ID: 36599608
I got different answer from my senior tech now! It's SAME SUBNET! NOT GATEWAY! Again the same question: What is the possible way to setup VPN with same SUB-NETS! Sorry for the confusion!
0
 
LVL 92

Accepted Solution

by:
John Hurst earned 167 total points
ID: 36599635
You need to change subnet on ONE end. VPN needs a different subnet on each end.

... Thinkpads_User
0
 
LVL 3

Assisted Solution

by:mwiener1
mwiener1 earned 167 total points
ID: 36599839
The only way to do it with the same subnet is to allow DHCP passthrough from one side.

Its easier to just change one subnet.
0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 166 total points
ID: 36927937
As said, you need disjunctive addresses. That is most commonly achieved by using different subnets. The reason for that is that a router needs to have clear rules when and what to route. If packets for the same subnet arrive at the router, he cannot decide whether they are intended for the other side via VPN, or should remain local and hence ignored by the router.
If you have the lower sub-subnet on one site, and the higher sub-subnet on the other, routing is feasible. That would require you set one site to e.g. 192.168.1.0/25 (which is 192.168.1.1 to 126 as usuable addresses), and the other one to 192.168.1.128/25 (192.168.1.129 to 254). That way networks are still unique, you do not need to change much in regard of the network, and it still looks like it is one bigger network.
Of course you can also switch addresses to a complete different subnet on one site.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 37048016
I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 37048017
The author has the same subnet on each end (author confirmed). My answer (ID:36598917) is correct in this case.
.... Thinkpads_User
0
 

Expert Comment

by:South Mod
ID: 37074922
All,
 
Following an 'Objection' by thinkpads_user (at http://www.experts-exchange.com/Q_27421341.html) to the intended closure of this question, it has been reviewed by at least one Moderator and is being closed as recommended by the Expert.
 
At this point I am going to re-start the auto-close procedure.
 
Thank you,
 
SouthMod
Community Support Moderator
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now