 | ||
 How to configure site-to-site VPN between networks with same IP addressing scheme | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2008-04-22 | |||
| |||
 How to configure site-to-site VPN between networks with same IP addressing scheme As the subject title, i tried to search in checkpoint and got below SK#. Solution ID: sk12870 But, unfortunately, i can't download it and even our vendor has same result. Is there any one has idea on how to set it? I need to setup in ASAP. My CheckPoint is R55P.  |
| 2008-04-22 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme There has been a problem with authentication on the UC. PM me with your e-mail address and I'll send you a copy. |
| 2008-04-22 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme I did PM to you. Please check. Thanks. |
| 2008-04-24 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme got the file but can't open it. |
| 2008-04-24 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme Cannot open :-< |
| 2008-04-27 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme Same problem with the copy I downloaded. For anyone that asked me to send it to them, I'm in the same boat as you. Sorry. |
| 2008-04-28 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme Nevermind. But do you have a experience to configure it before? For my case, I just need to do the Source NAT rather both Source and Destination NAT. Under the VPN tunnel, how to do that? I will use Manual NAT. Proxy is required to configure? Any steps on it? |
| 2008-04-28 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme If you have an overlapping IP scheme then how can you only need to do a Src NAT as surely the destination packet would be a local IP address. If the other end is a 3rd party and is already NATting the destination for you to there internal that overlaps with you, then you are communicating with a non-overlap as you talk to there NAT address. If however you only need to do a src nat then you do the same as any other NAT. Define a new network address the same size but different subnet as your internal network. Src = internal_net Dst = Remote_VPN_Net xlatesrc = S(new_net) Dst = Original This will nat 1 to 1 from the internal net to the new network range. |
| 2008-04-28 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme I think i need to clarify clearly. We form a VPN with a 3rd party gateway. But our internal source IP is conflict with other. So for the VPN site-to-site, i need to do a SNAT. |
| 2008-04-29 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme as mcnallym said set up the NAT on you side so all traffic from your internal network to the other party vpn network is NAT-ed. Other party should set your NAT-ed network as "encryption domain" for you gateway and not your internal network. So, on your side NAT: int_net->remote_vpn_net->source(new non-conflicting net)->dst original On remote party side they should define: Your gateway as VPN peer Encryption domain/ID - your new non-conflicint net you are hiding your real net behind. |
| 2008-04-29 | |||
| |||
| Re: How to configure site-to-site VPN between networks with same IP addressing scheme Thanks a lot. But i will use manual SNAT. Should i add the Proxy arp in my nokia box? |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
