Menu
▾
▴
Re: [Shorewall-users] Shorewall with Overlapping IPs
|
From: Sassy N. <sa...@gm...> - 2015-02-17 13:46:39
|
Thanks Simon, I think there is no way to escape the creation of a new TAP device. But I will be wattling for other community feedbacks. Wondering what Tom will save about it (hopefully he will take a look on this email :-) Thanks Again, Sassy On Tue, Feb 17, 2015 at 11:22 AM, Simon Hobson <li...@th...> wrote: > Sassy Natan <sa...@gm...> wrote: > > > I'm trying to build a VPN site 2 site with my current shorewall + > openswan configuration with a overlapping IP on both ends. > > > > Here is my Topology. > > > > Site A: > > eth0 - 172.16.0.0/24 - Internal LAN > > eth1 - 10.0.0.0/24 - LAB LAN > > eth2 - X.Y.Z.M - Public IP address > > > > > > Site B > > eth0 - 192.168.0.0/24 - Internal LAN > > eth1 - 10.0.0.0/24 - LAB LAN > > eth2 - N.O.L.P - Public IP address > > > > > > I want to setup a VPN from the Internal LAN of Site B (192.168.0.0/24) > to the LAB LAN of Site A (10.0.0.0/24) > > > > The problem is that Site B already have in it's local routing table > setup to route traffic for the network ID 10.0.0.0/24 via the ETH1 > interface. So traffic can't be routed to the remote site A, without (1) > disabling this network or (2) do some NAT magic. > > Your network is broken. Option 3 is to renumber part of the network so it > isn't broken. > I know it's painful to do (I've been through that process in the past as > part of a corporate change) but it will save you just soooooo much hassle > down the line. > > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > > http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk > _______________________________________________ > Shorewall-users mailing list > Sho...@li... > https://lists.sourceforge.net/lists/listinfo/shorewall-users > -- Regards, Sassy Natan 972-(05)54-2203702 |
