Best practices for integrating recent acquistion into existing IP network

Posted on 2013-06-10
Medium Priority
Last Modified: 2013-06-13
The company I work for purchased  another company that already had (5) sites around the country.
The new company currently uses ENLAN Ip backbone for Layer 2 between the (5) sites. My goal is to incorporate them onto out exisint AVPN network and make them an end node same as the other (8) sites already on my network.

We have several overlapping Ip subnets. The new company stated they would possibly re-ip some of those. So that is good. Some of their ip schemes would be difficult to re-IP especially their data center.

I know natting can be employed but not sure where that actually occurs. Is this done on their new AVPN router?

I am looking for a project template with proven steps to guide me through this design.
Question by:s_coad5
LVL 25

Accepted Solution

Cyclops3590 earned 2000 total points
ID: 39237956
yes, whatever the gateway device is that you are going to use to connect them to AVPN.  And you only need to policy nat for the overlapping areas.  and you'll need to do the policy nat in reverse on the other side.

quick example

site a (  <----site to site vpn--->  site b(

obviously they can't communicate so you configure site a to treat site b like its IP subnet is and site b configured to look at site a as

This will work for most things.  Where the problem comes into being is the same as anything where NAT is involved.  If packets get authenticated by the applications (e.g. Active Directory it looks like), then you have problems.  

But there is no reason you can't get it working using policy nat.  You just need to virtually re-ip using policy nat.  Then when you're far enough along that you can do the re-ip (and you will have to do a rip and replace) then you can just rip out the policy nat part of the config and treat it as any other vpn config

Author Closing Comment

ID: 39244485
Thank you

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question