[vpn] Site-to-site VPNs to same networks

Ryan Russell ryan at securityfocus.com
Wed Jul 10 17:43:14 EDT 2002


Yes, you just have to do double-NAT, and have a matching hacked-up naming
system to do the mapping.  Way ugly, but theoretically possible.  Don't
expect the MS protocols to play along...

					Ryan

On Wed, 10 Jul 2002, Tina Bird wrote:

> The way I read Siddhartha's message, he is concerned that the >internal<
> networks are addressed out of the same range.  If that's the case, the use
> of the external address isn't going to fix things -- because there's no
> way to do the routing.  Remember that the local system has to know to send
> traffic destined for the remote private network to the VPN gateway.  If
> the both the local and remote LANs are addressed from, say,
> 192.168.16.0/24, there's no way to route.
>
> The answer there being, co-operation between network admins on both sides.
> Oh joy.  I've been looking for a better answer for years, but no luck.


VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list