Can the intranets on both ends of the IPSec tunnel be on the same subnet

3

No.
If the two networks are on the same subnet, the local gateway considers a packet destined to the remote network as a packet exchanged within the local network. Therefore, the local gateway does not forward the packet to the remote network through the IPSec tunnel.
NOTE:
If a headquarters establishes IPSec tunnels with multiple branch offices, the headquarters network and the branch networks cannot be on the same subnet, and the branch networks cannot be on the same subnet, either.

Other related questions:
Setting the intranets on both ends of the IPSec tunnel to be on the same subnet on the USG5000
You are advised not to set the intranets of the two ends of the IPSec tunnel to be on the same network segment.

Setting the intranets on both ends of the IPSec tunnel to be on the same subnet on the USG9000
You are advised not to set them to be on the same network segment.

Setting the intranets on both ends of the IPSec tunnel to be on the same subnet on the USG6000
You are advised not to set the intranets of the two ends of the IPSec tunnel to be on the same network segment.

Setting the intranets on both ends of the IPSec tunnel to be on the same subnet on the USG2000
You are advised not to set the intranets of the two ends of the IPSec tunnel to be on the same network segment.

Types of interfaces on both ends of the GRE tunnel for the USG6000
Interfaces on both ends of the GRE tunnel are tunnel interfaces, used to encapsulate and decapsulate packets. The physical interface used to transmit encapsulated packets is known as the tunnel source interface, and the peer interface used to receive the packets is known as the tunnel destination interface.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top