We have a VPN 3000 Concentrator and we are using the 10.0.0.0 private addressing scheme. We want to install the VPN client at a remote site across the internet that is also using the 10.0.0.0 private addressing scheme. The issue is once they connect (using NAT) to the public address of the VPN 3000, it gives them a private 10.x.x.x address but the IP route information local to the PC they have made a VPN connection with tries first to route on their existing private network because of this local route table. Traffic is never sent across the VPN connection. Is there a way to have this remote site connect to our network via the VPN 3000 eventhough we both use the same 10.0.0.0 private networking scheme?
Re: Remote site using same private addressing scheme
I should start off by letting you know this is not a limitation of the VPN3000. This is the way IP works. You need to have non-local addresses for a foreign network to access local resources. This means the clients use their gateway to route the IP properly. The 10. address space is enormous so you should be able to subnet it to meet your needs. If that isnt enough space use one of the other rfc1918 reserved address spaces for your hosts to translate to and routing should occur properly.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :