In article <Xns95DCCEC392331nospamthankscom@62.243.74.162>,
Brian P. <> wrote:
:I need to setup a VPN LAN-to-LAN tunnel, between two Cisco Routers.
:The problem is that in both ends they are useing the 192.168.5.x network.
:How do I configure the routers to work with same networks in both ends ?
Cisco has configuration examples of how to do this.
The quick summary is that you need to establish address translation,
either 'ip nat inside source' or 'ip nat inside destination'
on both of the machines, so that by the time the IP addresses
from one network reach the hosts on the other end, they show up
as being in a different network number (e.g., 192.168.150.x).
The hosts on one side would address the other network number when
they wanted to talk to the hosts on the other side, and address
translation just before or just after the packet crosses the VPN
would alter the destination IP to be in the corresponding 192.168.5.x
host number by the time the packet reached the remote host.
If you can't get the cooperation of both sides in doing the nat
then you can do it all on one end by using both
ip nat inside source -and- ip nat inside destination
on just one of the two ends.
Remember to ask for DNS address translation as part of the NAT.
I don't recall how to do that with IOS; with PIX it would be by
adding the 'dns' keyword to the nat statements; on older PIX
releases it was via the 'alias' command; I seem to recall briefly
seeing a configuration for IOS that used an 'alias' command.
--
When your posts are all alone / and a user's on the phone/
there's one place to check -- / Upstream!
When you're in a hurry / and propagation is a worry/
there's a place you can post -- / Upstream!
|
Similar Threads
