RE: [FW1] VPN via NAT

To: "'RBHATIA'" <[email protected]>, "'Firewall 1 Mailing list \(E-mail\)'" <[email protected]>

Subject: RE: [FW1] VPN via NAT

From: "Hansraj Patil" <[email protected]>

Date: Wed, 5 Sep 2001 09:52:34 -0700

Importance: Normal

In-reply-to: <0E19D654E2F0D311BA3E00A0C92BF427D2ED01@ACME1>

Sender: [email protected]

This is the common problem in VPN. You have to have two networks different.

If they have to be same then you can use NAT wherein you hide one of the network behind different network,

so that remote network sees it as say 192. ip instead of 10. ip.

hope this helps.

hansraj

-----Original Message-----
From: [email protected] [mailto:[email protected]]On Behalf Of RBHATIA
Sent: Friday, August 31, 2001 11:36 AM
To: Firewall 1 Mailing list (E-mail)
Subject: [FW1] VPN via NAT

I had a question. We are trying to get a user to access our internal network via VPN. That user is on a DSL connection and has the VPN software installed. Her DSL router is configured with NAT which uses a dhcp pool to assign an IP to the machines on the internal LAN - her internal interface address is a non routable private 10.0.0.0 network , her personal computer's IP address is 10.0.0.2 and NAT is being used to mask the private IP and make it routable via a public IP. However, our company LAN is also using the same private non routable 10.0.0.0 range. How will her VPN connection get activated when she tried to access a resource that is on our network. That is our problem...the VPN connection never kicks off since it assumes that all network objects that have the same destination network address are on her local LAN and does not get across the router.