[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

VPN network address overlap

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: VPN network address overlap
From: Craig Findlay <craig_(_at_)_estech_(_dot_)_com_(_dot_)_au>
Date: Tue, 14 Dec 2004 22:35:16 +1100

I am using OpenVPN for a network to network VPN between 2 offices. Both offices use the same private network address. This creates a problem when using a VPN as there is an overlap with some host addresses, and also a routing issue.

Both offices use OpenBSD firewalls.

Both offices already use a nat rule in pf to provide internet access to all the hosts on their respective networks.

Is it possible to configure pf so that one office "sees" the other through the VPN tunnel as being on a different network address?

For example, assume both offices use a network address of 192.168.1.0/24

If officeA has a PC with host address 192.168.1.20 then it would be ideal if officeB would be able to see that host as say 192.168.2.20.

Then there would be no host address overlap and we could easily setup the routing in the firewalls.

I have looked at the pf faq but I can't see an easy answer.

Thanks for any help you can give.
Craig

Prev by Date: kerberos is getting me crazy: is that bugs or features.
Next by Date: login_krb5: feature or bug
Previous by thread: kerberos is getting me crazy: is that bugs or features.
Next by thread: Re: VPN network address overlap
Index(es):
- Date
- Thread

Visit your host, monkey.org