Case 1
I want to connect to remote LAN which have same IP address: 192.168.0.0 through VPN.
So I have to NAT each remote LAN with following address:
1 – 192.168.0.0 –> 172.20.0.0
2 – 192.168.0.0 –> 172.21.0.0
SiteA
iptables -t nat -I POSTROUTING -o VPN00 -s 192.168.0.0/24 -d 172.21.0.0/24 -j NETMAP --to 172.20.0.0
iptables -t nat -I PREROUTING -i VPN00 -s 172.21.0.0/24/24 -d 172.20.0.0/24 -j NETMAP --to 192.168.0.0/24ip route 172.21.0.0 255.255.255.0 via 1.1.1.2SiteB
iptables -t nat -I POSTROUTING -o VPN00 -s 192.168.0.0/24 -d 172.20.0.0/24 -j NETMAP --to 172.21.0.0
iptables -t nat -I PREROUTING -i VPN00 -s 172.20.0.0/24/24 -d 172.21.0.0/24 -j NETMAP --to 192.168.0.0/24ip route 172.20.0.0 255.255.255.0 via 1.1.1.1Case 2
My LAN A (192.168.2.0) want to reach 192.168.0.0 (LAN B) through 172.20.0.0 which is NAT address.
My LAN B (192.168.0.0) want to reach 192.168.2.0 (LAN A) through 172.31.255.0 which is NAT address.
SiteA
iptables -t nat -I POSTROUTING -o VPN00 -s 192.168.2.0/24 -d 172.31.255.0/24 -j NETMAP --to 172.20.0.0
iptables -t nat -I PREROUTING -i VPN00 -s 172.31.255.0/24/24 -d 172.20.0.0/24 -j NETMAP --to 192.168.2.0/24ip route 172.31.255.0 255.255.255.0 via 1.1.1.2SiteB
iptables -t nat -I POSTROUTING -o VPN00 -s 192.168.0.0/24 -d 172.20.0.0/24 -j NETMAP --to 172.31.255.0
iptables -t nat -I PREROUTING -i VPN00 -s 172.20.0.0/24/24 -d 172.31.255.0/24 -j NETMAP --to 192.168.0.0/24ip route 172.20.0.0 255.255.255.0 via 1.1.1.1Could being ??