Gregopsg
asked on
VPN settup using Nat
Any advice how I setup two sites on a VPN but have them on the same subnet? In other words connect a vpn between head office and a branch for DR. But have both of the sites on 192.168.2.*. i guess it would be nat-ting
Please tell which router are you using.
ASKER
Cyberoam on both sides CR25ing.
But have both of the sites on 192.168.2.*. <-- You really need two different subnets for VPN to work properly. I do this for several small clients and do not have any issue. Why do you need the same subnet?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Have removed the external IP's
I have done it on SonicWalll,
You need to create a dummy virtual subnet, say dummy=192.168.10.0/24
Now on the vpn configurations page, select source as local subnet and destination as dummy subnet on both end. And select NATed in the vpn advanced tab.
Here is the cyberom instruction Cyberom Link
This is not a good design, if possible change subnet in any of the sites.
You need to create a dummy virtual subnet, say dummy=192.168.10.0/24
Now on the vpn configurations page, select source as local subnet and destination as dummy subnet on both end. And select NATed in the vpn advanced tab.
Here is the cyberom instruction Cyberom Link
This is not a good design, if possible change subnet in any of the sites.
This is not a good design, if possible change subnet in any of the sites.
I agree. In addition VPN naturally needs to resolve each device with its own IP. Having two devices as 192.168.75.1 makes it very complicated.
The idea (pipe dream) is to be able to bring the server on the remote site to the head office, plug in and go without changing anything
Time has a way of wrecking dreams. It really is easier to change the internal DHCP range and restart everything.
I agree. In addition VPN naturally needs to resolve each device with its own IP. Having two devices as 192.168.75.1 makes it very complicated.
The idea (pipe dream) is to be able to bring the server on the remote site to the head office, plug in and go without changing anything
Time has a way of wrecking dreams. It really is easier to change the internal DHCP range and restart everything.
ASKER
Was on the money - sorry about delay