Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

HELP! IPSEC Site-to-Site with overlapping subnet

Hi All Gurus,

I urgently need help on the following-

I need to create a site-site VPN between two site which is using the same subnet.



|Site A,|---- |Fortigate 90D|---- |Tunnel| -----|Fortigate 90D| ----|Site B,|


User in site A should be able to access Servers in Site B just like a local area network (join server domain, print server, DHCP etc)

I tried to follow the guideline from the official handbook but it doesnt work. I could have missing some steps.

I also followed the guideline here..


Appreciate any of your kind advise.


I luckily didn't have to deal with this personally I don't have any first-hand experience. But I found an article discussing about Windows Domain behind NAT. It has a link to Microsoft's official answer to this situation at the end.

But first thing you need to verify is the clients on one side can ping the servers on the other side.


VPN users should have a unique subnet.  You enable split tunneling and give access to the VLAN/interfaces they need access to. 

Top Kudoed Authors