Lan to Lan with same IP range

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
amselem
Posts: 2
Joined: Thu Aug 29, 2019 10:01 pm

Lan to Lan with same IP range

Post by amselem » Thu Aug 29, 2019 10:36 pm

Hello

I'd like to create a L3 Lan to Lan VPN, however they share the IP range and I can't change this.

It would be possible to use the SoftEther VirtualNAT/DHCP functionality to translate the addresses when exchanging traffic between both LANs?
I think I should enable VirtualNAT on both VPN servers so each LAN would always sees the traffic coming from the same IP range (the IP assigned by DHCP)

That makes sense? Is there any other way?

Regards
Jacobo

Stefan A.
Posts: 2
Joined: Thu Oct 10, 2019 10:29 am

Re: Lan to Lan with same IP range

Post by Stefan A. » Thu Oct 10, 2019 10:36 am

Hello Jacobo,

I've similar problem. Did you solve it?
Could you please share your solution?
Thanks.

Best
Stefan

ozone
Posts: 65
Joined: Thu Sep 19, 2019 7:18 pm

Re: Lan to Lan with same IP range

Post by ozone » Sat Oct 12, 2019 2:05 am

Don't think this kind of detail is in SE. Securenat is quite basic.

I would say (on linux):

-In SE: Create virtualhubs for both segments, create bridges and new tap devices on each virtualhub, and bridge them.
-In the host-os, add (one or more) fixed ip-addresses to the tap's, and use iptables with dst-nat to translate (and route) the traffic between the taps-ip's in one segment and dst-ip's in the other (and therefore between the vpn- and lan-segments).

This way, you can translate (and map) basically ANY address in one segment to ANY address in another. Per port is also possible.

Seems simple in the two lines above... But explaining it in detail will probably take at least 2 whole pages. It would be good to check out how natting and iptables works first (if not already done so).

joeperrine
Posts: 1
Joined: Tue Oct 15, 2019 1:29 am

Re: Lan to Lan with same IP range

Post by joeperrine » Tue Oct 15, 2019 1:32 am

I have a similar issue. I will try your solution and see if it works.

Post Reply