[c-nsp] Partial VPN Overlapping IPSec, GRE or what????

Brian Turnbow b.turnbow at twt.it
Wed Mar 14 11:29:55 EST 2007


Hi Omar
If there are only 5 pcs that need access you can install ipsec client software onthe pcs and assign 
Them a local ip address from the firewall/concentrator at the main site.
Brian

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of omar parihuana
Sent: mercoledì 14 marzo 2007 16.55
To: nsp
Subject: [c-nsp] Partial VPN Overlapping IPSec, GRE or what????

Hi List,

I have a special requeriment, after of check the possibilites unfortunately
I cannot find out a solution.

The customer have two sites, the main site uses subnet: 192.168.2.0/24 with
Default Gateway 192.168.2.1 that connect to corporate applications. they
need that remote site use some IPs of main site -only for five hosts-, for
example: 192.68.2.50 - 192.168.2.54, the connectivity between main site and
remote site is with IPSec/GRE Tunnel (over the Internet), How can I use in
remote site a part of main site's global IP address ? Currently the remote
site handle IP subnet: 192.168.1.0/24 but that subnet, for corporate
decission, cannot be routed but 192.168.2.1 to coporarte applications, only
subnet 192.168.2.0/24 is allowed.

I tried to use NAT on Default gateway but is no allowed too. maybe Can I
built a L2 tunnel over two Internet end-points??  or any solution,
suggestions??

Your help will be appreciated!

Thanks!

-- 
Omar E.P.T
-----------------
Certified Networking Professionals make better Connections!
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list