Re: IP renumbering vs. Stand-alone

[Mark Wilk <markwilk () gmail com>]

The new program is attached to our network but needs to VPN into their
main site.  Basically we are adding 2 computers to our own internal
network.  The problem we ran into is the main office that these two
computers has to VPN to has the same internal IP address.  I guess a
simpler way to put it is a computer on our network needs to VPN to
another network with the same internal IP address.  (example: Computer
1.1.1.1 goes through our firewall and our public IP of 3.3.3.3 into
their public IP of 4.4.4.4 to try to connect to their 1.1.x.x network)
 We really can't change much on the other network as far as IP
addresses (without huge overhead) so any changes can only be done on
our end.

Could you please explain what you mean by NAT, I googled it but I'm
confused still...sorry about my n00bishness.

On 11/30/05, Brian Loe <knobdy () gmail com> wrote:
> Okay, I'm a bit confused. This new "program" is another remote network
> of two users? And those two users are going to be VPNing into you? You
> and they have the same IP address range? A. Change their range, remove
> those few IPs from your network, NAT the links on both ends.
>
> This new program is a new office but they will need to also connect to
> another company/office via VPN which has the same IP range as you? Nat
> the links.
>
> It would SEEM, any way this goes you should be able to NAT the links.
>
> As for changing your IP range, its not something I would suggest doing
> if you can help it but if you have to, and you don't already have a
> DHCP server, move to a DHCP server. :) I prefer to have even my static
> IP addresses in the DHCP server - either reserved in the pool, or
> reserved in a seperate pool for just reserved IPs.
>
> On 11/29/05, Mark Wilk <markwilk () gmail com> wrote:
> > Hello Group,
> >
> > I work for a small office with around 100 users with two office
> > buildings connected by fiber.  The main office has two domain
> > controllers and a Lotus Notes server, all running Win2k3 and the
> > Satellite office has one domain controller running Win2k3.  All of the
> > users are or will be running Win XP and we use a PIX firewall.  The
> > issue we have is we recently set up an additional program (2 users)
> > that is part of our organization but can also be treated as a
> > stand-alone office.  This separate office needs to VPN into another
> > location that has the same internal IP numbering scheme as us thus
> > causes a problem.
> >
> > Our two options are to renumber our internal IP address or to treat
> > the office as a complete stand-alone and have them VPN into our
> > network as well as the other location.  The problem we run into with
> > the stand-alone option is that this same program might be set up in
> > the satellite office as well meaning they will have to VPN into 3
> > different locations.  Another issue is the fact that both offices are
> > located in the middle of nowhere, so the same ISP we have in the main
> > office isn't available in the satellite office.  What would be the
> > best way to go about this?  Has anyone had to deal with renumbering
> > their network?  How much downtime should I expect if I take this
> > route?  How difficult is it to set up multiple VPN connections on the
> > same machine?


--
Mark


[Your Skills In Reading Have Improved +1]