?
Solved

Best practices for integrating recent acquistion into existing IP network

Posted on 2013-06-10
2
Medium Priority
?
190 Views
Last Modified: 2013-06-13
The company I work for purchased  another company that already had (5) sites around the country.
The new company currently uses ENLAN Ip backbone for Layer 2 between the (5) sites. My goal is to incorporate them onto out exisint AVPN network and make them an end node same as the other (8) sites already on my network.

We have several overlapping Ip subnets. The new company stated they would possibly re-ip some of those. So that is good. Some of their ip schemes would be difficult to re-IP especially their data center.

I know natting can be employed but not sure where that actually occurs. Is this done on their new AVPN router?

I am looking for a project template with proven steps to guide me through this design.
Current-ENLAN-network-diagram-of.docx
Design-project-PROPOSED-AVPN-net.pdf
0
Comment
Question by:s_coad5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 2000 total points
ID: 39237956
yes, whatever the gateway device is that you are going to use to connect them to AVPN.  And you only need to policy nat for the overlapping areas.  and you'll need to do the policy nat in reverse on the other side.

quick example

site a (10.1.1.0/24)  <----site to site vpn--->  site b(10.1.1.0/24)

obviously they can't communicate so you configure site a to treat site b like its IP subnet is 10.1.3.0/24 and site b configured to look at site a as 10.1.2.0/24).

This will work for most things.  Where the problem comes into being is the same as anything where NAT is involved.  If packets get authenticated by the applications (e.g. Active Directory it looks like), then you have problems.  

But there is no reason you can't get it working using policy nat.  You just need to virtually re-ip using policy nat.  Then when you're far enough along that you can do the re-ip (and you will have to do a rip and replace) then you can just rip out the policy nat part of the config and treat it as any other vpn config
0
 

Author Closing Comment

by:s_coad5
ID: 39244485
Thank you
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transparency shows that a company is the kind of business that it wants people to think it is.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question