Multiple remote site with same subnet
-
Hy guys,
i have to site2site connect our main office with some customers offices.
The problem is that some of this customers networks uses the same subnet (192.168.1.0)Changing the remote subnet is not a possible solution.
My goal should be let any machine in the remote site1 being reachable with another ip.
for example :
10.0.1.11 "translated" in 192.168.1.11 in the remote site 1
10.0.2.11 "translated" in 192.168.1.11 in the remote site 2I am actually trying with only one OpenVPN tunnel
I am trying to use 1:1NAT to do this but no way to make it workingThis is my OpenVPN Server configuration (pf sense of our main office):
Server Mode Peer to Peer (Shared Key)
Protocol TCP
Device Mode tun
Interface WAN
Local port 1194Tunnel Network 172.16.201.0/24
Local Network 192.168.5.0/24
Remote Network 10.0.1.0/24 (i also tried 192.168.1.0/24)
Compression v Compress tunnel packets using the LZO algorithm.I also added this 1:1 NAT
Interface OpenVPN
External subnet IP 10.0.1.0
Internal IP 192.168.1.0/24
Destination 172.16.201.0/24Sorry for my poor english, any help would be appreciated.
Luca -
Hi,
1:1 NAT is only the incoming side…
you also need outbound NAT.=> Manual Outbound NAT generation
==> normally you can delete safely the autogenerated rules if you don't use IPSec but perhaps you want some of them modified.=> add a new rule which is bound to your outgoing OpenVPN Interface the reverse NAT mapping rule... finished ;)
(you don't have forgotten to open incoming firewall rules to needed services ?)