VPN settup using Nat

Any advice how I setup two sites on a VPN but have them on the same subnet? In other words connect a vpn between head office and a branch for DR. But have both of the sites on 192.168.2.*. i guess it would be nat-ting
GregopsgAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
GregopsgConnect With a Mentor Author Commented:
The idea (pipe dream) is to be able to bring the server on the remote site to the head office, plug in and go without changing anything. I advised against this but someone said it could be done via Nat (But doesn't know how) Ha ha. At present the subnets are 192.168.2. and 192.168.3. I cant get the vpn working but IHeadoffice2.jpgHeadoffice.jpgBranch.jpg have some wrong config somewhere. Would you mind checking it for me? Attached the two configs.
0
 
MiftaulCommented:
Please tell which router are you using.
0
 
GregopsgAuthor Commented:
Cyberoam on both sides CR25ing.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
JohnBusiness Consultant (Owner)Commented:
But have both of the sites on 192.168.2.*.  <-- You really need two different subnets for VPN to work properly.  I do this for several small clients and do not have any issue. Why do you need the same subnet?
0
 
GregopsgAuthor Commented:
Have removed the external IP's
0
 
MiftaulCommented:
I have done it on SonicWalll,

You need to create a dummy virtual subnet, say  dummy=192.168.10.0/24

Now on the vpn configurations page, select source as local subnet and destination as dummy subnet  on both end. And select NATed in the vpn advanced tab.

Here is the cyberom instruction Cyberom Link

This is not a good design, if possible change subnet in any of the sites.
0
 
JohnBusiness Consultant (Owner)Commented:
This is not a good design, if possible change subnet in any of the sites.

I agree. In addition VPN naturally needs to resolve each device with its own IP. Having two devices as 192.168.75.1 makes it very complicated.

The idea (pipe dream) is to be able to bring the server on the remote site to the head office, plug in and go without changing anything

Time has a way of wrecking dreams. It really is easier to change the internal DHCP range and restart everything.
0
 
GregopsgAuthor Commented:
Was on the money - sorry about delay
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.