How to configure LAN-to-LAN VPN tunnel with overlapping network

Discussion in 'Cisco' started by Brian P., Jan 12, 2005.

  1. Brian P.

    Brian P. Guest

    Hi

    I need to setup a VPN LAN-to-LAN tunnel, between two Cisco Routers.
    The problem is that in both ends they are useing the 192.168.5.x network.
    How do I configure the routers to work with same networks in both ends ?

    Thanks
    Brian P
     
    Brian P., Jan 12, 2005
    #1
    1. Advertising

  2. In article <Xns95DCCEC392331nospamthankscom@62.243.74.162>,
    Brian P. <> wrote:
    :I need to setup a VPN LAN-to-LAN tunnel, between two Cisco Routers.
    :The problem is that in both ends they are useing the 192.168.5.x network.
    :How do I configure the routers to work with same networks in both ends ?

    Cisco has configuration examples of how to do this.

    The quick summary is that you need to establish address translation,
    either 'ip nat inside source' or 'ip nat inside destination'
    on both of the machines, so that by the time the IP addresses
    from one network reach the hosts on the other end, they show up
    as being in a different network number (e.g., 192.168.150.x).
    The hosts on one side would address the other network number when
    they wanted to talk to the hosts on the other side, and address
    translation just before or just after the packet crosses the VPN
    would alter the destination IP to be in the corresponding 192.168.5.x
    host number by the time the packet reached the remote host.

    If you can't get the cooperation of both sides in doing the nat
    then you can do it all on one end by using both
    ip nat inside source -and- ip nat inside destination
    on just one of the two ends.

    Remember to ask for DNS address translation as part of the NAT.
    I don't recall how to do that with IOS; with PIX it would be by
    adding the 'dns' keyword to the nat statements; on older PIX
    releases it was via the 'alias' command; I seem to recall briefly
    seeing a configuration for IOS that used an 'alias' command.
    --
    When your posts are all alone / and a user's on the phone/
    there's one place to check -- / Upstream!
    When you're in a hurry / and propagation is a worry/
    there's a place you can post -- / Upstream!
     
    Walter Roberson, Jan 12, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. a.nonny mouse
    Replies:
    2
    Views:
    1,183
  2. Siddhartha Jain
    Replies:
    0
    Views:
    578
    Siddhartha Jain
    Mar 31, 2005
  3. Mike Rahl
    Replies:
    1
    Views:
    1,692
    response3
    Jan 11, 2007
  4. coco31
    Replies:
    2
    Views:
    615
    coco31
    May 1, 2007
  5. Replies:
    2
    Views:
    1,106
    Walter Roberson
    Aug 22, 2007
Loading...

Share This Page