Solved

VPN settup using Nat

Posted on 2014-12-11
8
87 Views
Last Modified: 2015-01-02
Any advice how I setup two sites on a VPN but have them on the same subnet? In other words connect a vpn between head office and a branch for DR. But have both of the sites on 192.168.2.*. i guess it would be nat-ting
0
Comment
Question by:Gregopsg
  • 4
  • 2
  • 2
8 Comments
 
LVL 11

Expert Comment

by:Miftaul
ID: 40495359
Please tell which router are you using.
0
 

Author Comment

by:Gregopsg
ID: 40495367
Cyberoam on both sides CR25ing.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 40495373
But have both of the sites on 192.168.2.*.  <-- You really need two different subnets for VPN to work properly.  I do this for several small clients and do not have any issue. Why do you need the same subnet?
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 

Accepted Solution

by:
Gregopsg earned 0 total points
ID: 40495395
The idea (pipe dream) is to be able to bring the server on the remote site to the head office, plug in and go without changing anything. I advised against this but someone said it could be done via Nat (But doesn't know how) Ha ha. At present the subnets are 192.168.2. and 192.168.3. I cant get the vpn working but IHeadoffice2.jpgHeadoffice.jpgBranch.jpg have some wrong config somewhere. Would you mind checking it for me? Attached the two configs.
0
 

Author Comment

by:Gregopsg
ID: 40495396
Have removed the external IP's
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 40495401
I have done it on SonicWalll,

You need to create a dummy virtual subnet, say  dummy=192.168.10.0/24

Now on the vpn configurations page, select source as local subnet and destination as dummy subnet  on both end. And select NATed in the vpn advanced tab.

Here is the cyberom instruction Cyberom Link

This is not a good design, if possible change subnet in any of the sites.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 40495969
This is not a good design, if possible change subnet in any of the sites.

I agree. In addition VPN naturally needs to resolve each device with its own IP. Having two devices as 192.168.75.1 makes it very complicated.

The idea (pipe dream) is to be able to bring the server on the remote site to the head office, plug in and go without changing anything

Time has a way of wrecking dreams. It really is easier to change the internal DHCP range and restart everything.
0
 

Author Closing Comment

by:Gregopsg
ID: 40527427
Was on the money - sorry about delay
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
secure remote internet vsphere client esxi 5.5 14 112
Cisco router internet traffic split 19 137
cannot RDP off my Network 4 64
Claiming a Domain Name 7 52
Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question