Multiple remote site with same subnet

  • Hy guys,
    i have to site2site connect our main office with some customers offices.
    The problem is that some of this customers networks uses the same subnet (

    Changing the remote subnet is not a possible solution.

    My goal should be let any machine in the remote site1 being reachable with another ip.
    for example : "translated" in in the remote site 1 "translated" in in the remote site 2

    I am actually trying with only one OpenVPN tunnel
    I am trying to use 1:1NAT to do this but no way to make it working

    This is my OpenVPN Server configuration (pf sense of our main office):
    Server Mode Peer to Peer  (Shared Key)
    Protocol TCP
    Device Mode tun
    Interface WAN
    Local port 1194

    Tunnel Network
    Local Network
    Remote Network (i also tried
    Compression v Compress tunnel packets using the LZO algorithm.

    I also added this 1:1 NAT
    Interface OpenVPN
    External subnet IP
    Internal IP

    Sorry for my poor english, any help would be appreciated.

  • Hi,

    1:1 NAT is only the incoming side…
    you also need outbound NAT.

    => Manual Outbound NAT generation
    ==> normally you can delete safely the autogenerated rules if you don't use IPSec but perhaps you want some of them modified.

    => add a new rule which is bound to your outgoing OpenVPN Interface the reverse NAT mapping rule... finished ;)
    (you don't have forgotten to open incoming firewall rules to needed services ?)

Log in to reply