Ipsec to main site with two the same remote subnets



  • per subject is this possible ?
    main site 10.1.1.0/24
    remote subnet currently connected 192.168.1.0/24
    new subnet that we want to join 192.168.1.0/24 which can't be modified

    would this cause any issues ?

    thanks


  • Rebel Alliance Developer Netgate

    NAT must be done on the site with the conflict. If you cannot change the new router you are connecting with, then you'll have to renumber or NAT your other conflicting site.



  • Hello,

    I have the exact same situation here at the moment.

    I have a PfSense router at our main office. And we have Draytek routers at our remote offices. Wee need to monitor the servers/ switches and other network devices in the remote office.

    Some of our remote offices have the same subnet e.g. 192.168.0.0/24.

    Is there a way to make this work? (like NAT over IPsec?)

    Hope someone can help me out.

    Kind regards,

    Rik


  • Rebel Alliance Developer Netgate

    @rikkert:

    Some of our remote offices have the same subnet e.g. 192.168.0.0/24.

    You can work around this with NAT on IPsec Phase 2 entries. Your situation is different than the one the OP of this thread has, please start a new thread.



  • Thanks for your reply jimp.

    I will start a new thread.


Log in to reply