Sassy Natan <[email protected]> wrote: > I'm trying to build a VPN site 2 site with my current shorewall + openswan > configuration with a overlapping IP on both ends. > > Here is my Topology. > > Site A: > eth0 - 172.16.0.0/24 - Internal LAN > eth1 - 10.0.0.0/24 - LAB LAN > eth2 - X.Y.Z.M - Public IP address > > > Site B > eth0 - 192.168.0.0/24 - Internal LAN > eth1 - 10.0.0.0/24 - LAB LAN > eth2 - N.O.L.P - Public IP address > > > I want to setup a VPN from the Internal LAN of Site B (192.168.0.0/24) to the > LAB LAN of Site A (10.0.0.0/24) > > The problem is that Site B already have in it's local routing table setup to > route traffic for the network ID 10.0.0.0/24 via the ETH1 interface. So > traffic can't be routed to the remote site A, without (1) disabling this > network or (2) do some NAT magic.
Your network is broken. Option 3 is to renumber part of the network so it isn't broken. I know it's painful to do (I've been through that process in the past as part of a corporate change) but it will save you just soooooo much hassle down the line. ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
