Hello
I'd like to create a L3 Lan to Lan VPN, however they share the IP range and I can't change this.
It would be possible to use the SoftEther VirtualNAT/DHCP functionality to translate the addresses when exchanging traffic between both LANs?
I think I should enable VirtualNAT on both VPN servers so each LAN would always sees the traffic coming from the same IP range (the IP assigned by DHCP)
That makes sense? Is there any other way?
Regards
Jacobo
Lan to Lan with same IP range
-
- Posts: 2
- Joined: Thu Oct 10, 2019 10:29 am
Re: Lan to Lan with same IP range
Hello Jacobo,
I've similar problem. Did you solve it?
Could you please share your solution?
Thanks.
Best
Stefan
I've similar problem. Did you solve it?
Could you please share your solution?
Thanks.
Best
Stefan
-
- Posts: 65
- Joined: Thu Sep 19, 2019 7:18 pm
Re: Lan to Lan with same IP range
Don't think this kind of detail is in SE. Securenat is quite basic.
I would say (on linux):
-In SE: Create virtualhubs for both segments, create bridges and new tap devices on each virtualhub, and bridge them.
-In the host-os, add (one or more) fixed ip-addresses to the tap's, and use iptables with dst-nat to translate (and route) the traffic between the taps-ip's in one segment and dst-ip's in the other (and therefore between the vpn- and lan-segments).
This way, you can translate (and map) basically ANY address in one segment to ANY address in another. Per port is also possible.
Seems simple in the two lines above... But explaining it in detail will probably take at least 2 whole pages. It would be good to check out how natting and iptables works first (if not already done so).
I would say (on linux):
-In SE: Create virtualhubs for both segments, create bridges and new tap devices on each virtualhub, and bridge them.
-In the host-os, add (one or more) fixed ip-addresses to the tap's, and use iptables with dst-nat to translate (and route) the traffic between the taps-ip's in one segment and dst-ip's in the other (and therefore between the vpn- and lan-segments).
This way, you can translate (and map) basically ANY address in one segment to ANY address in another. Per port is also possible.
Seems simple in the two lines above... But explaining it in detail will probably take at least 2 whole pages. It would be good to check out how natting and iptables works first (if not already done so).
-
- Posts: 1
- Joined: Tue Oct 15, 2019 1:29 am
Re: Lan to Lan with same IP range
I have a similar issue. I will try your solution and see if it works.