Potential problems with overlapping networks ?

Hello

I'm curious as to whether there are any potential problems with a roadwarrior 
OpenVPN setup where there are local (private) subnets/addresses on both sides 
of the tunnel which overlap. (Eg 192.168.0/24 are used on both sides)

Q:
Has anyone experienced any problemes with a OpenVPN roadwarrior setup
and overlapping local (private) subnets ?

I'm assuming the following roadwarrior setup 
(figure best viewed with a fixed width font):

 -----
 |PC1| LAN1
 -----
   |<pc1 - 192.168.1.5>
   |                      ======>           LAN1
   |<fw1 - 192.168.1.1>
 -----
 |FW1| (OPENVPN server - TUNNEL ENDS HERE)
 -----
   |<public - fw1>
   |
INTERNET
   |
   |<public - fw2>
 -----        ------
 |FW2|--------|PC2B| 192.168.1.5 (same local address as PC1, same lan as PC2A)
 -----        ------
   |<fw2 - 192.168.1.1>
   |                      ======>           LAN2
   |<pc2a - 192.168.1.2>
 ------
 |PC2A| (roadwarrior client - TUNNEL ENDS HERE)
 ------     

PC2A connects to the public address of FW1.

Since PC2A is a roadwarrior, there's no guarantee that the local ip addresses
of LAN2 (PC2A) does not overlap with those of LAN1 (PC1).
(Eg. 192.168.1.0/27 on both sides)


Q:
What if PC2A  is in need of connecting (simultaneously) to a machine on LAN2 
(eg. PC2B - see figure) and a machine on LAN1 (eg. PC1 - see figure), both 
which share the same local address (eg. 192.168.1.5). And TCP/IP is used
for both connections.

How will PC2 know which is which of PC1 and PC2B ? 
(PC2 sees this as an ip conflict maybe?)

Won't this be a potential problem, unless some sort of natting is hiding
the real local (private) address of one of the LANs ? 

If natting is advisable, should the natting be done for the machines on the 
serverside (behind FW1 in the figure above) ? 

I read in the OpenVPN FAQ that network which overlap in private address range 
should use natting (eg. iptables NETMAP)
Eg:
iptables -t nat -A PREROUTING -d 192.168.0.0/24 -j NETMAP --to 192.168.1.0/24
Q:
Is this type of natting adviceable for _all_ roadwarrior setups, or is it 
unnecessary, when using either briding or routing ? (And assuming that the 
roadwarrior person has not got the knowhow to make any changes to the openvpn 
client configuration themselves - so it's preferrable that it just plain 
works in "most" situations)

Thanks
Christian


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com