Solved

Best practices for integrating recent acquistion into existing IP network

Posted on 2013-06-10
2
171 Views
Last Modified: 2013-06-13
The company I work for purchased  another company that already had (5) sites around the country.
The new company currently uses ENLAN Ip backbone for Layer 2 between the (5) sites. My goal is to incorporate them onto out exisint AVPN network and make them an end node same as the other (8) sites already on my network.

We have several overlapping Ip subnets. The new company stated they would possibly re-ip some of those. So that is good. Some of their ip schemes would be difficult to re-IP especially their data center.

I know natting can be employed but not sure where that actually occurs. Is this done on their new AVPN router?

I am looking for a project template with proven steps to guide me through this design.
Current-ENLAN-network-diagram-of.docx
Design-project-PROPOSED-AVPN-net.pdf
0
Comment
Question by:s_coad5
2 Comments
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 500 total points
ID: 39237956
yes, whatever the gateway device is that you are going to use to connect them to AVPN.  And you only need to policy nat for the overlapping areas.  and you'll need to do the policy nat in reverse on the other side.

quick example

site a (10.1.1.0/24)  <----site to site vpn--->  site b(10.1.1.0/24)

obviously they can't communicate so you configure site a to treat site b like its IP subnet is 10.1.3.0/24 and site b configured to look at site a as 10.1.2.0/24).

This will work for most things.  Where the problem comes into being is the same as anything where NAT is involved.  If packets get authenticated by the applications (e.g. Active Directory it looks like), then you have problems.  

But there is no reason you can't get it working using policy nat.  You just need to virtually re-ip using policy nat.  Then when you're far enough along that you can do the re-ip (and you will have to do a rip and replace) then you can just rip out the policy nat part of the config and treat it as any other vpn config
0
 

Author Closing Comment

by:s_coad5
ID: 39244485
Thank you
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

So, you're experiencing issues on your network and you've decided that you need to perform some tests to determine whether your cabling is good.  You're likely thinking that you may need to spend money which you probably don't have on hiring/purchas…
Is your computer hacked? learn how to detect and delete malware in your PC
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now