Netscreen VPN
Last response: in Networking
Archived from groups: comp.security.firewalls (More info?)
Dear All,
I would like to confirm something, 2 networks withe the same IP subntes,
1.The company network (192.168.1.0/24, with netscreen and ouside range of
213.168.X.X, connected to the internet via 2MB pipe, small remote network
(wireless) with same 192.168.1.0/24 range, connected to the internet via
DSL,
Laptop on this remote network with 192.168.1.x ip, running netscreen remote
client, trying to connect to mailserver 192.168.1.y (not nat'd) on the
company network and won't- I say this is because they are on same network
and how does it know to route traffic over the VPN, I want to nat the mail
server to an address in 213.168.x.x range and then I think it will work, i
am the only IT bloke without a degree so I get shot down every time (quite
spitefully). can anyone confirm this or tell me I am wrong.
Thanks
Mike
Dear All,
I would like to confirm something, 2 networks withe the same IP subntes,
1.The company network (192.168.1.0/24, with netscreen and ouside range of
213.168.X.X, connected to the internet via 2MB pipe, small remote network
(wireless) with same 192.168.1.0/24 range, connected to the internet via
DSL,
Laptop on this remote network with 192.168.1.x ip, running netscreen remote
client, trying to connect to mailserver 192.168.1.y (not nat'd) on the
company network and won't- I say this is because they are on same network
and how does it know to route traffic over the VPN, I want to nat the mail
server to an address in 213.168.x.x range and then I think it will work, i
am the only IT bloke without a degree so I get shot down every time (quite
spitefully). can anyone confirm this or tell me I am wrong.
Thanks
Mike
More about : netscreen vpn
Archived from groups: comp.security.firewalls (More info?)
In article <u5WFc.642$Nh3.127@newsfe3-win.ntli.net>, msjnicholson
{REMOVESPAM}@msn.co.uk says...
> Dear All,
> I would like to confirm something, 2 networks withe the same IP subntes,
> 1.The company network (192.168.1.0/24, with netscreen and ouside range of
> 213.168.X.X, connected to the internet via 2MB pipe, small remote network
> (wireless) with same 192.168.1.0/24 range, connected to the internet via
> DSL,
> Laptop on this remote network with 192.168.1.x ip, running netscreen remote
> client, trying to connect to mailserver 192.168.1.y (not nat'd) on the
> company network and won't- I say this is because they are on same network
> and how does it know to route traffic over the VPN, I want to nat the mail
> server to an address in 213.168.x.x range and then I think it will work, i
> am the only IT bloke without a degree so I get shot down every time (quite
> spitefully). can anyone confirm this or tell me I am wrong.
In general you have two problems:
1) Both networks are using a common subnet - you should not be using
192.168.0.0/24 nor 192.168.1.0/24 for anything.
2) Both networks are in the same address space - how is a machine in
network 1 suppose to know if 192.168.1.1 is remote or local?
Try 192.168.8.0/24 for the first one and 192.168.16.0/24 for the second
one and it should work.
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
In article <u5WFc.642$Nh3.127@newsfe3-win.ntli.net>, msjnicholson
{REMOVESPAM}@msn.co.uk says...
> Dear All,
> I would like to confirm something, 2 networks withe the same IP subntes,
> 1.The company network (192.168.1.0/24, with netscreen and ouside range of
> 213.168.X.X, connected to the internet via 2MB pipe, small remote network
> (wireless) with same 192.168.1.0/24 range, connected to the internet via
> DSL,
> Laptop on this remote network with 192.168.1.x ip, running netscreen remote
> client, trying to connect to mailserver 192.168.1.y (not nat'd) on the
> company network and won't- I say this is because they are on same network
> and how does it know to route traffic over the VPN, I want to nat the mail
> server to an address in 213.168.x.x range and then I think it will work, i
> am the only IT bloke without a degree so I get shot down every time (quite
> spitefully). can anyone confirm this or tell me I am wrong.
In general you have two problems:
1) Both networks are using a common subnet - you should not be using
192.168.0.0/24 nor 192.168.1.0/24 for anything.
2) Both networks are in the same address space - how is a machine in
network 1 suppose to know if 192.168.1.1 is remote or local?
Try 192.168.8.0/24 for the first one and 192.168.16.0/24 for the second
one and it should work.
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
Related ressources:
- ForumVPN Tunnel between BEFSX41 and Netscreen 5 Series
- ForumNetscreen 5GT alternative VPN client for Windows
- ForumRouting problem over VPN from Vigor 2600+ to Netscreen 5GT
- ForumCisco VPN Client pass-through a Netscreen ?
- ForumNetscreen VPN
- ForumNetScreen 5XP / ScreenOS 2 preventing VPN connections over..
- ForumNetscreen 5GT vs. Symantec Enterprise Firewall 7.04
- ForumStatic route through Netscreen Remote: can it be done?
- ForumNetScreen 5GT
- ForumNetscreen support experience?
- Forumnetscreen 5xp, windows 2000 and error 789
- Forumnetscreen 5gt for 3 offices and vpns
- ForumWatchguard Firebox 700 vs. Fortigate 100 vs. Netscreen 5GT
- ForumNetscreen question
- ForumNetscreen policies using domain names - having problems
- ForumNEED HELP: Simple VPN from XP to Netscreen 5GT
- ForumRouter/firewall with L2 VPN and L2TP DNS suffix?
- ForumHelp me build a VPN
- ForumRouter Setup
- ForumNetscreen 5 2.6.XXX image ?
- More resources
Read discussions in other Networking categories
!
