Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
561
Views
0
Helpful
2
Replies

LAN-to-LAN subnets

ntriplett
Level 1
Level 1

‎02-20-2002 06:56 AM - edited ‎03-08-2019 09:52 PM

We are looking to impement a VPN between two offices and had a question as to the subnets used for the offices. Can the addresses for both offices be within the same subnet or must they be different subnets? What is the mechanism that governs this? Does it use arp tables for the individual addresses or is it a routing function that looks at the netmask? Or is this dependant upon the VPN used?

Your assistance is greatly appreciated.

Labels:
0 Helpful
2 Replies 2

cjacinto
Cisco Employee
Cisco Employee

‎02-20-2002 04:43 PM

The subnets should be of different for the two internal networks that you would want to communicate

with via the vpn tunnel. See sample config of a simple lan to lan on:

http://www.cisco.com/warp/customer/707/30.html

If however your private subnets are the same, you could basically nat one side first before it goes thru the vpn tunnel. In most cases you do the nat on

another device/router before it goes thru the vpn tunnel. Basically what governs the use of different subnet is routing, as you normally don't route to the same subnet. The router basically check the crypto acl configured in conjunction with the IPSec config, to see if the traffic going through it needs to go through the IPSec tunnel.

0 Helpful

mjames
Level 1
Level 1

‎02-22-2002 10:54 AM

Different.

0 Helpful
Customers Also Viewed These Support Documents