[ previous ] [ next ] [ threads ]
 
 From:  "Mark Gilbert" <mgilbert at marinhd dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] multiple VPN tunnels with identicle subnets at other end.
 Date:  Fri, 30 Jun 2006 14:18:39 -0700
I feel like a real idiot..! I guess this is what happens when you try to
work to fast and then make typos.

Notice the change from both being 40.0 to now being different.


Tunnel 1:   10.0.0.0-----|--------192.168.30.0 ------ 192.168.1.0
 
Tunnel 2:   10.0.0.0-----|--------192.168.40.0 ------ 192.168.1.0
 
The device on the remote end translates the 1.0 into a different subnet
so that the 10.0.0.0
network is able to communicate with 2 separate 1.0 networks.
 
Sorry for the goof up
 
Mark
-----Original Message-----
From: Don Munyak [mailto:don dot munyak at gmail dot com] 
Sent: Friday, June 30, 2006 1:46 PM
To: Mark Gilbert
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] multiple VPN tunnels with identicle subnets at
other end.

from the documentation...

i.e. if both sites are using 192.168.1.0/24 on the LAN, no site to
site VPN will work. This is not a limitation in m0n0wall, it's basic
IP routing. When any host on either of your networks tries to
communicate with 192.168.1.0/24, it will consider that host to be on
its local LAN and the packets will never reach m0n0wall to be passed
over the VPN connection. Similarly, if one site is using, for example,
192.168.0.0/16 and one using 192.168.1.0/24, these subnets are also
overlapping and a site to site VPN will not work.

http://doc.m0n0.ch/handbook/ipsec-prerequisites.html

Don