VPN Overlaped

MardoqueoRob · ‎2020-12-09

Hello friends

Has anyone ever done a site-to-site VPN with overlapping networks

GW-A
Public IP: 1.1.1.1
encryption domain:
192.168.2.0/24
192.168.3.0/24

GW-B
Public IP:1.1.1.2

Encription domain:
192.168.3.0/25

or some method to do it in CHeck Point, it is worth mentioning that the two GW have SO Gaia r80.40 and managed by a single Management

I really appreciate your help checkpoint teachers.

firewall1-gx · ‎2020-12-09

Hi Robl,

Overlap is bad when we talk about vpn., it's like ip or networks duplicated in your local network.

My consideration is perform NAT to change network or ask your vpn partner to change network him.

Warm Regards,

Alisson Lima

_Val_ · ‎2020-12-10

You need to NAT the overlapping part on one of the sites for this to work

MardoqueoRob · ‎2020-12-10

Hi _Val_, Any SK to follow the settings? Thank you

_Val_ · ‎2020-12-10

Not as I am aware of

G_W_Albrecht · ‎2020-12-10

Better change one network ! Without NAT this could run much smoother 8)!

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

MardoqueoRob · ‎2020-12-10

I found this sk170812 but it does not come with details of how to do it, the VTI VPN I already have it working but without overlap

Are you a member of CheckMates?