Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Overlapping client network

In the case of a LAN to LAN network with overlapping networks, I can do a NAT statement but what to do when the VPN client source network overlaps with the destination network AND you are running split tunnelling ?

I am trying to figure out what to do here but find very little on this.

For example. Suppose my source network is 10.1.x.x (public hotspot) and my destination network at the other end of the VPN tunnel is also 10.1.x.x and I am using a DHCP server on the destination network to assign my addresses to clients connecting in. How does my local machine know whether to route to the lcoal subnet or the VPN subnet ?

I suspect that this the problem I am running into.

What is the best way to handle this ?

Should I just not allow split tunnelling ?


Re: Overlapping client network

This document describes how to configure the Cisco Secure PIX Firewall in a site-to-site IPSec VPN with overlapping private network addresses behind VPN gateways. The enhanced Network Address Translation (NAT) feature introduced in PIX 6.2 is used in this example to translate the overlapping networks on each side of the IPSec VPN tunnel to non-overlapping address spaces.

New Member

Re: Overlapping client network


I think that I was not clear enough in my question.

What I am really trying to figure out is a VPN client trying to connect to a VPN concentrator with split tunneling enabled and overlapping networks.

I hope this clarifies the original question.

CreatePlease login to create content