VLAN Routing

We often deploy building control systems to hundreds of sites and each of these sites have the same VLAN scheme.  This allows our techs to easily know where the different equipment should be on the network no matter where they are.  This also allows our deployments to be easier across all of our teams as they each have specific equipment on each VLAN within that site.

So the main problem is if we have a programmer on one site that needs to connect to another site and both sites have the same VLAN configuration, how can we make this happen?  If a programmer is working on a server at the site he is at and he needs to connect to another server at another site..... if both sites have the same VLAN config and believe it or not..... the servers also have the same IP address.....

any ideas????

Thanks in advance....

Robert

  • Hello Robert,

    Thank you for contacting the Sophos Community!

    So the VLAN will not be your problem, however having the same IP scheme would be, not sure how are you connecting the sites, if you are connecting the sites using IPsec you could try to NAT the IP of the Source and Destination, you could take this KB as a reference. 

    For example Site 1 has Subet 10.10.10.0/24 and Site 2 has subnet 10.10.10.0/24

    If you want that user from Site 1 access a computer on Site 2 in the same subnet you need to NAT this IP, make-believe it is using a different IP, so you would create in the IPsec tunnel two fake subnets:

    Local Subnet 10.10.1.0/24 

    Remote Subnet 10.10.2.0/24

    So if the customer needs to access 10.10.10.100 on Site 2, he would then enter 10.10.2.100.

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.