Skip to main content
jpalo
jpalo
New Member
February 12, 2019
Question

Duplicate ip when vip is configured.

  • February 12, 2019
  • 1 reply
  • 3600 views

Goodmorning,

i hope im using the right place on the forum.

 

Context:

I configured an ipsec vpn over Paloalto Network (site A) and a Fortigate (site B). On site B i had to configure a nat 1:1 and a VIP to avoid overlapping on the site A. The vpn and the nat works perfectly. 

 

The problem:

On the lan of site B i get duplicate ips on the Windows Server when i assign an static ip of the nat network (vip network).

 

Reason:

I need to add a secondary ip for the nat network on the windows servers to make WMI work over VPN to avoid this problem (https://support.microsoft.com/en-us/help/248809/prb-dcom-does-not-work-over-network-address-translation-based-firewall)

 

Im not sure if the reason is the ant and the vip configuration making this issue. The same context but using pfsense and Paloalto, works. 

 

Thank you for all and sorry for my bad English.

Have a nice day.

    1 reply

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    February 12, 2019

    Well, as the MS document says you're using application NAT is not allowed, while you set NAT against the condition. Only option seems to be make the subnets unique through locations to remove NAT. No way around it.

    Terms & ConditionsAccessibility statement