I know this has been discussed before.... If you have two LANs with
duplicate subnets, you cannot do an IPSec VPN between them. The
documentation says this is a limitation of basic IP networking, and not
a problem with m0n0wall, and I agree.
Yet I keep thinking there is a way out of my problem with some type of
Simple drawing of the scenario I am in:
----- m0n0wall --- 192.168.1.0/24
10.1.1.0/24 --- SonicWALL ---/
LAN Firewall \
----- LinkSys ---- 192.168.1.0/24
The m0n0wall and LinkSys networks do NOT need to talk to each other.
The problem is that in the SonicWALL firewall, I cannot build tunnels to
networks that overlap like this. So, I need one of the networks to look
like something else. I have played with NAT on the SonicWALL side with
no success. SonicWALL engineers say that it is the far end (m0n0wall or
LinkSys) that needs to do the NAT. So, the SonicWALL would build a
tunnel to some other "fake" IPs, then the far end would translate.
Any ideas appreciated!