Comments

• Hi @preston I did it as you said. It seems to be working fine for all protocols between 192.168.2.0/24 and 192.168.100.100/32. But, there is always a "but" in IT!!! I did a "tracert" to realize PING from 192.168.2.0/24 to 192.168.100.100/32 is going through Internet and not through VPN. If I stop PING and wait for some…

  in VPN NETWORK OVERLAPPING PROBLEM (at source) Comment by SEBASTIAN November 2020
• @preston That is a good one. I just need to be sure 192.168.100.100 is not being used. I will have a try and let you know if it worked. Thanks,

  in VPN NETWORK OVERLAPPING PROBLEM (at source) Comment by SEBASTIAN November 2020
• @Saravanan In that case I could do NAT over IPSEC on their firewall, or I could do "Numbered Tunnel Interface VPN (Route-Based VPN)". Thanks,

  in VPN NETWORK OVERLAPPING PROBLEM (at source) Comment by SEBASTIAN November 2020
• Hi @Saravanan I agree with you. I am trying to explain this scenario to the customer. They are going to ask their Data Center tech guys one more time the possibility to change the config on site "A". I do not see any other chance to solve this. Thanks!

  in VPN NETWORK OVERLAPPING PROBLEM (at source) Comment by SEBASTIAN November 2020
• Hi @preston I think I see your point. I have to reach just an IP address 192.168.100.100 through the VPN. And the NSA9650 has a static route to reach the hole 192.168.100.0/24 network through the router at "C". The problem I see is the VPN is in "main mode", not "tunnel mode". So I cannot configure any specific route…

  in VPN NETWORK OVERLAPPING PROBLEM (at source) Comment by SEBASTIAN November 2020
• Hi @Saravanan, I cannot touch configuration on the other site of the VPN.

  in VPN NETWORK OVERLAPPING PROBLEM (at source) Comment by SEBASTIAN November 2020
• Hi @Saravanan , I will try this tonight. I will keep you informed. Thanks!

  in Analytics not showing real name for APPLICATIONS, THREATS. Comment by SEBASTIAN October 2020
• Yes, it is the on premise version.

  in Analytics not showing real name for APPLICATIONS, THREATS. Comment by SEBASTIAN October 2020
• Hi @BWC It worked as you said. I have put network address 192.168.2.0/24 inside the VPN configuration. Then a NAT rule for 192.168.2.0/24 to go through X1 and an ACL rule to allow this traffic from VPN to WAN. Thanks!

  in Need to reach a WAN IP through a LAN to LAN IPSEC VPN Comment by SEBASTIAN October 2020
• I am going to do some tests with your thoughts...

  in Need to reach a WAN IP through a LAN to LAN IPSEC VPN Comment by SEBASTIAN October 2020
• @Harika , thanks!

  in How to empty On-Prem Analytics databases Comment by SEBASTIAN October 2020
• Sorry, but I did not mention Router 1, X1 and X2 are all doing NAT.

  in NAT rule between two WANs Comment by SEBASTIAN September 2020
• Sorry, NAT priority is fine.

  in NAT over IPSEC scenario Comment by SEBASTIAN September 2020
• Yes, the remote end is also Sonicwall. 192.168.1.0/24 and 192.168.50.0/24 are included as the remote networks for SITE B. If I do a NAT rule on SITE B for traffic coming from 192.168.1.0/24 (translated to 192.168.50.0/24) to 192.168.2.0/24 seems to work. I have to test it with real traffic. Not just a PING. I am wondering…

  in NAT over IPSEC scenario Comment by SEBASTIAN September 2020
• Hi! Yes, this is exactly what I am doing for TEST 1. Interesting traffic for VPN source is 192.168.1.0/24 and 192.168.50.0/24 and destination 192.168.2.0/24 and 192.168.3.0/24 Unfortunately it is not working. I can see from Site B that IPSEC FASE 2 for 192.168.50.0/24 is not up. So, I guess something is wrong with NAT rule…

  in NAT over IPSEC scenario Comment by SEBASTIAN September 2020
More Comments