Planning the new addressing scheme
In order for overlapping subnets to be able to communicate over a route-based IPsec tunnel, new virtual subnets of equal size must be decided upon and used for all communication between the two overlapping subnets.
Devices on both local networks DO NOT need their IP addresses changed. However, the devices/users will need to be sure to use the new subnet range of the remote network when communicating across the tunnel. |
In this example, you perform a one-to-one mapping of HQ’s 192.168.1.0/24 network to 10.1.1.0/24, and Branch’s 192.168.1.0/24 network to 10.2.2.0/24. This will allow HQ clients to use Branch’s new subnet to communicate to Branch clients, and vice-versa.