Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] LAN to LAN VPN with same IP scheme

To: "'Rodney Lacroix'" <[email protected]>, [email protected]
Subject: RE: [FW1] LAN to LAN VPN with same IP scheme
From: "Murphy, Paul" <[email protected]>
Date: Wed, 18 Oct 2000 10:46:48 +0100
Sender: [email protected]


You should have a look in the archives as there was a thread about this
recently.

>From an IP perspective you can't do this.  If your machine is on 10.0.0.1/8
and the machine you want to talk to is on the other network with the address
10.0.0.2/8, then your IP stack is going to arp for the address, not route to
it.  The stack will rightly assume that it is on the same network as you.

So what you need to do is represent each of the networks to each other with
different address ranges.  

So that if you want to talk as above, you would connect to 11.0.0.2 and have
that translate to 10.0.0.2 when it arrived at the destination firewall, and
your source translate to 13.0.0.1.

Double NAT all the way.

-----Original Message-----
From: Rodney Lacroix [mailto:[email protected]]
Sent: 17 October 2000 18:18
To: [email protected]
Subject: [FW1] LAN to LAN VPN with same IP scheme



Can anyone tell me how you would configure two LAN's to communicate via VPN
when each lan has the same network numbers?

For example, network 1 is a 10.x.x.x network, and so is network 2 -
therefore theoretically having duplicate IP addresses.  How does the client
know when to initiate a SecuRemote connection if it's destination address is
the same as an address on the local LAN?

Rodney Lacroix



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====
---------------------------------------------------------------------------------
This e-mail is intended only for the above addressee. It may contain
privileged information. If you are not the addressee you must not copy,
distribute, disclose or use any of the information in it. If you have
received it in error please delete it and immediately notify the
sender.

evolvebank.com is a division of Lloyds TSB Bank plc.
Lloyds TSB Bank plc, 71 Lombard Street, London EC3P 3BS.  Registered in
England, number 2065.  Telephone No: 020 7626 1500
Lloyds TSB Scotland plc, Henry Duncan House, 120 George Street,
Edinburgh EH2 4LH. Registered in Scotland, number 95237.  Telephone
No:Lloyds TSB Bank plc and Lloyds TSB Scotland plc are regulated by the
Personal Investment Authority and represent only the Scottish Widows
and Lloyds TSB Marketing Group for life assurance, pensions and
investment business.

Members of the UK Banking Ombudsman Scheme and signatories to the UK
Banking Code.
----------------------------------------------------------------------------------


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] TEST
Next by Date: Re: [FW1] FW-1 plus load-balancing
Previous by thread: RE: [FW1] LAN to LAN VPN with same IP scheme
Next by thread: RE: [FW1] LAN to LAN VPN with same IP scheme
Index(es):
- Date
- Thread