I'm trying to establish a site-to-site VPN connection from office to datacenter.
Cisco RV042G and SonicWall NSA2400
In the office; we have the subnet 10.0.0.0/24 defined and hosts from
10.0.0.150 to 10.0.0.190 defined (.150 being the router)
In the datacenter; I have an interface (X4) that is setup for network 10.0.0.0/24 (.1 being the interface).
I can sucessfully establish the VPN connection; but then I can't reach the datacenter (for example by pinging 10.0.0.21 which is a server).
Ideally i'd like to map our office to the same 10.0.0.0/24 subnet on datacenter.
So 10.0.0.150-180 would be able to ping the whole 10.0.0.0/24 subnet.
Here's the SonicWall configuration :
OfficeSubnet10 is defined as a host range : 10.0.0.150-10.0.0.180
OfficeNatInteroute is defined as range : 10.0.0.190-10.0.0.220
And the Cisco Side.
I must be missing something really obvious but can't find what.
Best Answer
You cannot have the same subnet on both sides of the tunnel. You're essentially attempting to extend a L2 network from the office to the data center across a L3 VPN. Paul Kroon above mentioned a couple of workarounds. The other is to do double NAT: Source NAT the office to 10.1.0.0 and DC to 10.2.0.0. You must have unique (non NAT'd and routable) for the two ends of the VPN tunneL, usually the public addresses. Looks like the SonicWall has some NAT policies that could work with the Cisco device to accomplish this.