Hi,
Is there any NAT along in the path?
I think you should perform static NAT on PIX or ASA for all hosts in
10.2.2.0 network. Then CheckPoint will see different IP addresses from
one direction and there will be no conflict anymore.
-- Piotr Matusiak CCIE #19860 (R&S, SEC) 2009/10/7 manoj prajapati <manoj4784_at_gmail.com>: > Dear Techie, > > Having a doubts in Site to site VPN, > > I have 3 customer, cust1--- cust2 ---- cust3, > > the private ip address is , > Cust1 ---- 10.2.2.0 (PIX) > Cust2 ---- 10.10.10.0 (Checkpoing Nokia) > Cust3 ---- 10.2.2.0 (ASA) > > connectivity is Cust1 ---- Cust2 ---- Cust3 > | | | > 10.2.2.0 10.10.10.0 10.2.2.0 > > I want to achive a site to site VPN tunnel between Cust1 -- Cust2 & also > Cust2 -- Cust3 . But, here the cust1 and cust3 having a same private ip > address range. So, when establishing a VPN tunnel in Cust2 with cust2 to > cust1 & cust2 to cust 3, there will be a confict between the 10.2.2.0 > series range. > > I know that there is an overlapping network. have seen the cisco site as > well > > http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949f1.shtml > > But this is somewhat different scenario as i understand. > > Can anyone help me to resolve the issue. > Thanx > > Regards, > Manoj > > > Blogs and organic groups at http://www.ccie.net > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html Blogs and organic groups at http://www.ccie.netReceived on Wed Oct 07 2009 - 09:55:20 ART
This archive was generated by hypermail 2.2.0 : Sun Nov 01 2009 - 07:50:59 ART