At 04:37 AM 9/29/2004, Peer Dicken wrote:
>Am 28.09.2004 um 16:14 schrieb Peer Dicken:
>>My client's lan is 172.16.48.0 / 24. We need to establish a tunnel to
>>another network with 172.16.0.0/16.
>>I know this is - ahh - difficult. I want to get around it and created
>>a VLAN interface 192.168.233.254 / 24 which is used as the local
>>subnet in the ipsec definition.
>>I can ping hosts on the other side, from the firewall. What do I need
>>to do to ping 172.16.1.83 from the LAN? I think I need NAT or
>>something. Please help me a little.
>I thought I could do this with outbound NAT, but it does not work. Does
>really nobody have a hint for this problem? I want to NAT our LAN,
>using the 192.168.233 network. The other LAN has a route to
>192.168.233.254, which is the VLAN interface.
You appear to be trying to connect a VPN tunnel between 2 networks with
overlapping addresses. I'm not aware of any way to do this. The LAN
addresses have to be different in order for it to work since they get
tunnelled through and show up on both sides. That appears to mean one of
them is going to have to be re-addressed. Either that or I've totally
mis-read your post, in which case I have no clue. :)
Whom computers would destroy, they must first drive mad.
Sleepy Dragon Enterprises