problems with VPN and NAT, help

From: nicolas (nfe@devillard.ch)
Date: 06/28/02

• Next message: Debbie Croft: "Problem accessing FTP from behind firewall"
• Previous message: John Smith: "kerio or psygate"
• Next in thread: Abdessamad Barakat: "Re: problems with VPN and NAT, help"
• Reply: Abdessamad Barakat: "Re: problems with VPN and NAT, help"
• Reply: Derek Nash: "Re: problems with VPN and NAT, help"
• Reply: noshoes: "Re: problems with VPN and NAT, help"
• Reply: Stephen J. Bevan: "Re: problems with VPN and NAT, help"
• Reply: Ed Horley: "Re: problems with VPN and NAT, help"
• Reply: Tracker: "Re: problems with VPN and NAT, help"
• Reply: Secure CN: "Re: problems with VPN and NAT, help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: nfe@devillard.ch (nicolas)
Date: 28 Jun 2002 01:32:40 -0700

hello,
I'm now in a company doing my thesis on VPN.
I have to implement VPN between them and some cutumers.

I have already implement a site-2-site VPN using GRE and Ipsec (for
authentification and security feature) for one of their custumer, but
when i want to do the second custumer i have a problem.

Because each of their custumer have the same IP plan with NAT
(172.20.0.0)

So with the first custumer (using tunnel0 for the VPN), the route from
our router is: ip route 172.20.0.0 255.255.0.0 tunnel 0

when i want to do the second cutsumer (using tunnel1), the route will
be
ip route 172.20.0.0 255.255.0.0 tunnel 1

This is not possible because i'll have two times 172.20.0.0 in the
routing table

To be able to do this i was thinking doing a double NAT (is it
possible? How to do it?)
Is there some others possibility better than a double NAT?

Thanks by Advance

Nicolas

---

• Next message: Debbie Croft: "Problem accessing FTP from behind firewall"
• Previous message: John Smith: "kerio or psygate"
• Next in thread: Abdessamad Barakat: "Re: problems with VPN and NAT, help"
• Reply: Abdessamad Barakat: "Re: problems with VPN and NAT, help"
• Reply: Derek Nash: "Re: problems with VPN and NAT, help"
• Reply: noshoes: "Re: problems with VPN and NAT, help"
• Reply: Stephen J. Bevan: "Re: problems with VPN and NAT, help"
• Reply: Ed Horley: "Re: problems with VPN and NAT, help"
• Reply: Tracker: "Re: problems with VPN and NAT, help"
• Reply: Secure CN: "Re: problems with VPN and NAT, help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Need begineers guide to open VPN ... I need to set up a tunnel ... how does the vpn know ... The way the network knows about the ... > tunnel is through the the route command. ... (comp.os.linux.security) Re: ASA IPSec question ... IPSec vpn tunnel with them to securely transfer files. ... suspicion is that it is due to NAT. ... remote end would just need a route back to the same address. ... (comp.dcom.sys.cisco) ifconfig add route " " to table -- ... Why does adding address and destination for point-to-point interface ... many providers have VPN concentrator address same as "remote ... GRE ones)goes into tunnel itself, ooops, host locked up... ... fixed by deleting route right after tunnel creation via if-up script. ... (freebsd-net) =?iso-8859-1?Q?Re:_Mehrere_Gateways_insbesondere_f=FCr_VPN?= ... Die DMZ soll allerdings via VPN ... Ich habe eine permanente Route für die RemoteGateway des Providers ... so dass ein VPN Tunnel zum Provider über die 2. ... Wenn ich eine weitere feste Route in das Providernetzwerk lege, ... (microsoft.public.de.german.isaserver) problems with VPN and NAT, help ... I have to implement VPN between them and some cutumers. ... when i want to do the second custumer i have a problem. ... So with the first custumer, the route from ... ip route 172.20.0.0 255.255.0.0 tunnel 0 ... (comp.security.firewalls)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.firewalls  > 2002-10