Configuring VPN with same subnet on both the end

Unanswered Question
Jul 7th, 2008

This has been asked a few times, but I can't get a clear answer.

I have 2 sites which I wish to join using 870 series routers using VPN. I need the subnets to be the same at both ends with no change to mask (/24)

I understand performance won't be great since broadcast traffic will go over the link, but the customer has demanded this solution.

Can the ciscos do a "bridge" type solution ?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Daniel Voicu Tue, 07/08/2008 - 00:45

From my information you cannot do this kind of setup.

Please also remember that on a router, the connected subnets are having a better administrative distance than static routes. So the router will not take in consideration a routing for the /24 over the VPN if the /24 is directly connected.

What you can do is enable parts of that /24 over the VPN (as /25, /26 ..../32).

Please rate if this helped.



petermitchell Sun, 07/13/2008 - 23:01

I finally got this working. LAN to LAN BRIDGE - same subnet both ends.

Although not bridging over internet isn't recommended, it can work if really required.

I investigated 2 options - L2TPv3 and GRE with bridging. L2TPv3 may not work on the 850,870 routers I used.

I found a GRE tunnel, bridged to the ethernet/vlan worked ok.

The bridge command isn't supported on a tunnel (gives warning message and typing brid "tab" doesn't autofill the rest of the command. However if you type the full "bridge-group 1" it will take ok and say its unreleased and unsupported.

Please rate/reply if you find this useful.


This Discussion