This is my solution for using the same LAN subnet internally and at remote office.
Both company refuse to change there IP subnet, so here is my solution
The remote office only needs access to several IP address (i.e. Citrix server)
Main VPN office configuration:
LAN 192.168.1.0/24
Default gateway 192.168.1.251
Host needed 192.168.1.10
Remote office configuration:
LAN 192.168.1.0/24
Remote pc IP 192.168.1.104 (this must be above 192.168.1.15)
Remote Gateway 192.168.1.250 (this must be above 192.168.1.15)
On astaro:
Configure a network as follows
192.168.1.0 Mask 255.255.255.240
(This defines ip’s 192.168.1.0 through 192.168.1.15)
Under “Connections”, setup road warrior connection with subnet definition set to the above network definition.
Under “Remote Keys” setup virtual ip to something like this
Auto filter=ON and IP=192.168.2.101
On Sentinel
Setup “Remote Network” with the following
IP 192.168.1.0 mask 255.255.255.240
Setup Virtual IP to manual and set to 192.168.2.101 mask 255.255.255.0
Now create a batch file on the remote machine to redirect 192.168.1.0/27 to 192.168.2.101 as follows
Route add 192.168.1.0 mask 255.255.255.240 192.168.2.101
Obviously you will loose all connections to devices locally on remote pc network with ip’s 192.168.1.1-192.168.1.15
This is the best way I can figure out right now.
Instead of this static route, how about DNAT definition in Astaro?
This thread was automatically locked due to age.