From owner-freebsd-questions@FreeBSD.ORG  Tue May  3 19:44:04 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5E0CB106566B
	for <freebsd-questions@freebsd.org>;
	Tue,  3 May 2011 19:44:04 +0000 (UTC)
	(envelope-from kevin.wilcox@gmail.com)
Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com
	[209.85.214.182])
	by mx1.freebsd.org (Postfix) with ESMTP id 282178FC1E
	for <freebsd-questions@freebsd.org>;
	Tue,  3 May 2011 19:44:03 +0000 (UTC)
Received: by iwn33 with SMTP id 33so490957iwn.13
	for <freebsd-questions@freebsd.org>;
	Tue, 03 May 2011 12:44:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type;
	bh=BmEy63OZ9VXL4/3i+3gxC/hWQiagArAheSMw3nxBgYk=;
	b=TPXtAQaD+4u+30vpQ+1GCUDnJoJz8ESxI2+HP4CbmfeAUZxqpo8EB1qP28q7902C6k
	6tj3OJwyJibProbYlrodyoohkEthMBKOoicBZF1XzT0dXinDB3zp4MPZUpVc8fOyVumJ
	L9XXKmnsGH3pwtmHLjHeLQgwTo/Ar+YadrYRk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=Sh/5rok1INefN8ApUOXf1TBDhSdm3xG2RL6sWZ7QEEVdMJMFQFpQpvp0gqjaXRoPnh
	1qQsVfwo/YTql5wE+qZAOdEniXeIhwev2pBd5ZUieTTIvW0Pg0DLVF4N8n4kL41r4IUI
	EOOaLPYMBkVnX9h1N5cVqlGdaOdlXvEhdmq/E=
MIME-Version: 1.0
Received: by 10.42.91.139 with SMTP id p11mr341784icm.402.1304451843437; Tue,
	03 May 2011 12:44:03 -0700 (PDT)
Received: by 10.231.36.195 with HTTP; Tue, 3 May 2011 12:44:03 -0700 (PDT)
In-Reply-To: <201105040519.56695.geoff@apro.com.au>
References: <201105040519.56695.geoff@apro.com.au>
Date: Tue, 3 May 2011 15:44:03 -0400
Message-ID: <BANLkTimCMBvCQqOE=8Xfd9_ZF-aQeWBGEA@mail.gmail.com>
From: Kevin Wilcox <kevin.wilcox@gmail.com>
To: geoff@apro.com.au
Content-Type: text/plain; charset=UTF-8
Cc: Free BSD Questions list <freebsd-questions@freebsd.org>
Subject: Re: Can I bridge the same subnet across a VPN?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2011 19:44:04 -0000

On Tue, May 3, 2011 at 15:19, Geoff Roberts <geoff@apro.com.au> wrote:

> Is it possible to join two sites with the same subnet across a VPN?

Yes.

> I have two sites that have the same subnet/mask.
>
> I need these two separated networks to behave as one across a VPN.

That's understandable. You may want to consider breaking the /24 into
two /25s, one at each site, and routing the connection instead but
that's not necessary and you can indeed use a bridge with few issues.

> Happy to use either IPSec or OpenVPN to actually encrypt the traffic.

We've done it as a demo of what you can do with OpenVPN, it's trivial
once you get some configuration issues straight in your head (or
that's how it worked for me).

To bridge in OpenVPN, take a look at:

http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html

kmw