cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
634
Views
0
Helpful
3
Replies

2 VPNs to separate networks with same IP scheme

Scott Pazelt
Level 1
Level 1

We have an office in Bermuda and 2 offices in Chicago. The 2 offices in Chicago have the same IP scheme - 10.150.1.0/24. I'd like to set a site-to-site VPN up from Bermuda to each of the Chicago offices. I have one up and it works fine. When I set up the 2nd, I can transmit from Chicago, but not receive. I assume this has to do with the same IP networks. Is there some way to get around this?

Thanks,

Scott

2 Accepted Solutions

Accepted Solutions

kenrandrews
Level 1
Level 1

Yes you would need to nat all traffic going to one of the Chicago sites. That way the other sites will see it as a completely different subnet. Her is a guide from cisco.com:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9950.shtml

View solution in original post

Marcin Latosiewicz
Cisco Employee
Cisco Employee

Scott,

This is quite a common problem - and solution will be to google for solution on CCO ... depending on what devices are available there you can do it differently.

But basically you will need to NAT remote subnets not to share same IP schema.

Here's an example for IOS,

http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080a0ece4.shtml

and for ASA:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b37d0b.shtml

HTH,

Marcin

View solution in original post

3 Replies 3

kenrandrews
Level 1
Level 1

Yes you would need to nat all traffic going to one of the Chicago sites. That way the other sites will see it as a completely different subnet. Her is a guide from cisco.com:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9950.shtml

Thanks for your help. I'll try this.

Marcin Latosiewicz
Cisco Employee
Cisco Employee

Scott,

This is quite a common problem - and solution will be to google for solution on CCO ... depending on what devices are available there you can do it differently.

But basically you will need to NAT remote subnets not to share same IP schema.

Here's an example for IOS,

http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080a0ece4.shtml

and for ASA:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b37d0b.shtml

HTH,

Marcin

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: