Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1694 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Extending network over S2S VPN

prooi
Hello.

If I want to extend a network, say 192.168.16.0/24 on two locations, how would that be done?

Meaning, I got a setup like this:

SITE1 (192.168.16.0/24)  ASG  S2S  ASG  SITE2 (192.168.16.0/24)

Then, devices at SITE2 should be able to access devices at SITE1 without much trouble.

I think a RED box can do this, but I cannot setup a RED box, as everything runs virtualized.

Is this possible to do with Astaro?

I know that a Cisco can do something like it.

Regards,
Frederik


This thread was automatically locked due to age.
Parents
  • 0
    Hi Frederik,

    Please remember to always state the exact version - 9.004-34?

    It's never a good idea to use the same subnet in multiple locations - it complicates routing, requiring lots of NATting.  If it's possible to change the subnet from .16. at one site to something else, it will make your life much easier in the future.

    That said, if there are no duplicate IP addresses, the two sites can be bridged and share the same subnet, sharing a single DHCP server.  Instead of a S2S tunnel, this is done with a RED tunnel, configured as the server in 'RED Management' on one side, the client downloaded from there, and uploaded to the other site - no RED hardware required.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi Frederik,

    Please remember to always state the exact version - 9.004-34?

    It's never a good idea to use the same subnet in multiple locations - it complicates routing, requiring lots of NATting.  If it's possible to change the subnet from .16. at one site to something else, it will make your life much easier in the future.

    That said, if there are no duplicate IP addresses, the two sites can be bridged and share the same subnet, sharing a single DHCP server.  Instead of a S2S tunnel, this is done with a RED tunnel, configured as the server in 'RED Management' on one side, the client downloaded from there, and uploaded to the other site - no RED hardware required.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?