Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
212
Views
0
Helpful
1
Replies

IPSEC Lan to Lan Question

vanguard1
Level 1
Level 1

‎08-07-2006 03:07 PM - edited ‎02-21-2020 02:34 PM

I have 2 sites with 3015 concentrators in each site. I want to create a simple ipsec lan to lan to pass traffic between certain devices. I have setup static routes on those devices to forward traffic through the inside address of the vpn concentrator. I cannot get the lan to lan to show up as active. All settings are the same on both concentrators with the exception of the local/remote settings, as they are reversed on each. The private addresses of both concentrators, are 192.168 addresses with b masks. Do the private addresses need to be in different networks to get the tunnel to come up. Any help would be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

sachinraja
Level 9
Level 9

‎08-07-2006 11:53 PM

hello,

looks like the private networks are in the same subnet on both the ends. in this case, u must do some kind of natting at either end, to bring up the tunnel. If not, the tunnel will not come up, since the traffic will never go out of the outside interface of the VPN concentrator, since both ends are in the same network. Either u can change the network address at one end, or do some kinda natting.

hope this helps.. all the best.. rate replies if found useful..

Raj

0 Helpful
Customers Also Viewed These Support Documents