Hello!
I would like to preface my message by saying I am largely ignorant. Feel free to correct me on everything, I have come here to make a fool of myself so I can correct my misconceptions.
I have two Arubas separated by the Internet. They can ping each other. On either side of each Aruba is a separate private network. Let's call them the Office and Customer networks. Deeper in the customer network, beyond one router, is a private network I want the Office private network to be able to communicate with. Let's call that the Target network.
I was sent to the site with the goal of joining that Target network to the Office VLAN using the site-to-site VPN service, such that they exist in the same IP addressing space. I think that's impossible. I think the best we can do is have the Aruba at the customer site act as a router and leave the addressing intact and distinct. We'd then setup firewall rules to ensure we only route to and from our Office. We would thus not use the site-to-site service at all.
Am I correct that having the Target network and the Office network in the same addressing space (like, 10.128.10.0/24) via VPN is impossible with this architecture? If all I want is for the two networks to be able to communicate with each other, am I correct in that I just want the Aruba to be a router?
I appreciate any help.