Reply

Netgear FVS336Gv3 VPN with NAT Translation

icpcstx
Luminary

Netgear FVS336Gv3 VPN with NAT Translation

Greetings.  My office has asked me to setup a Site to Site VPN with one of their providers.  Usually not a difficult issue.  The issue here is that the site we are connecting to is already connected to another site that has the same IP configuration as us.  The solution seems to be in routing but I am lost on how to do this.  Any help is greatly appreciated.

Model: FVS336Gv3|ProSafe dual WAN gigabit firewall with SSL and IPSec VPN
Message 1 of 5
train_wreck
Luminary

Re: Netgear FVS336Gv3 VPN with NAT Translation

Either side will need to change IP subnets (yours or theirs). There is nothing else you can do. This is a shortcoming of the IPsec VPN protocol, you cannot use the same subnet on either end of a S2S VPN tunnel. Basically, if such a tunnel were to be created, the router would have duplicate subnets in the routing table; one for your LAN, and one for the other side of the tunnel.

Message 2 of 5
icpcstx
Luminary

Re: Netgear FVS336Gv3 VPN with NAT Translation

What about through NAT translation?

Message 3 of 5
DaneA
NETGEAR Moderator

Re: Netgear FVS336Gv3 VPN with NAT Translation

@icpcstx,

 

Welcome to the community! 🙂 

 

As per train_wreck, the only solution is to change the LAN subnet of your network (or have the other site change their LAN subnet).  

 

Kindly access and read the article below:

 

Configuring a Box to Box VPN on ProSAFE/ProSECURE routers using the VPN Wizard 

 

From the article above, you will observe that Site A has a different LAN subnet from Site B which is a requirement.  

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 4 of 5
DaneA
NETGEAR Moderator

Re: Netgear FVS336Gv3 VPN with NAT Translation

@icpcstx,

 

I just want to follow-up on this.  We’d greatly appreciate your feedback.

 

If ever your concern has been addressed or resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 5 of 5
Discussion stats
  • 4 replies
  • 1296 views
  • 0 kudos
  • 3 in conversation
Announcements