Problem with VPN and network addresses

njcomputergroup · 01-25-2012, 06:32 PM

I have users connecting via VPN just fine. Except when the occasional users home network is on the same the network as the office.

Office: 192.168.1.0

Server trying to access is 192.168.1.150

Users Home network is 192.168.1.0 as well.

How can i fix without having to reconfigure either network?

TirsoJRP · 01-27-2012, 05:28 AM

That's why you should never use 192.168.1.x at office.

njcomputergroup · 01-31-2012, 04:43 PM

Yes I know...I took over this network from previous IT company....

Anyway...Does anyone have a solution for me, or am I screwed here?

dbunyard · 01-31-2012, 04:46 PM

Quote:

Originally Posted by njcomputergroup

Yes I know...I took over this network from previous IT company....

Anyway...Does anyone have a solution for me, or am I screwed here?

There is no solution other than to re-IP. You simply cannot have a VPN tunnel between 2 networks with the same IP scheme. If you try to go to 192.168.1.2 for instance it just doesn't know where to route it if there are 2 different networks that have that address.

Sorry but there isn't a magic fix to make this work, you NEED to re-IP the office network.

sky-knight · 01-31-2012, 05:58 PM

Tell the person with the linksys at home to bring it to work and you can change the LAN IP in there to something else for them.

A reboot will bring all their home equipment in line in most cases.

Other than that, all you can do is make some instructions for users to reconfigure routers that use that IP address space commonly. (Linksys is the big one)

I would try and hold of on renumbering the office network. It won't be too many more months and you'll have the option of rolling out IPv6. If you're going to renumber into a new range, you may as well renumber into a new protocol and move forward all at once.

johnsonx42 · 01-31-2012, 08:15 PM

you can try exporting just the one host 192.168.1.150/32 in the vpn setup. I was able to work around this issue at one site by doing that (in my case I exported 192.168.1.96/27 and 192.168.1.128/27, as all the needed network devices were in those ranges). As long as the remote client isn't using that exact address, it should work (it did for me, surprised though I was).

marvosa · 02-05-2012, 10:37 PM

The 3rd option would be to NAT your VPN traffic, but why over complicate the issue.

Change the office network to something not used by typical SOHO routers.

01-25-2012, 06:32 PM	#1 (permalink)
njcomputergroup Newbie Join Date: Jan 2012 Posts: 3	Problem with VPN and network addresses I have users connecting via VPN just fine. Except when the occasional users home network is on the same the network as the office. Office: 192.168.1.0 Server trying to access is 192.168.1.150 Users Home network is 192.168.1.0 as well. How can i fix without having to reconfigure either network?

01-31-2012, 05:58 PM	#5 (permalink)
sky-knight Join Date: Apr 2008 Location: Phoenix, AZ URLs submitted: 8 Posts: 15,460	Tell the person with the linksys at home to bring it to work and you can change the LAN IP in there to something else for them. A reboot will bring all their home equipment in line in most cases. Other than that, all you can do is make some instructions for users to reconfigure routers that use that IP address space commonly. (Linksys is the big one) I would try and hold of on renumbering the office network. It won't be too many more months and you'll have the option of rolling out IPv6. If you're going to renumber into a new range, you may as well renumber into a new protocol and move forward all at once. __________________ Rob Sandling, BS:SWE, MCP Intouch Technology Phone: 480-272-9889 rob@intouchtechllc.com UntangleAppliances.com Phone: 866-794-8879

01-31-2012, 08:15 PM	#6 (permalink)
johnsonx42 Master Untangler Join Date: Jan 2011 Posts: 626	you can try exporting just the one host 192.168.1.150/32 in the vpn setup. I was able to work around this issue at one site by doing that (in my case I exported 192.168.1.96/27 and 192.168.1.128/27, as all the needed network devices were in those ranges). As long as the remote client isn't using that exact address, it should work (it did for me, surprised though I was). Last edited by johnsonx42; 01-31-2012 at 08:20 PM..

Protect

Filter

Perform

Connect

Manage

Add-Ons

01-27-2012, 05:28 AM	#2 (permalink)
TirsoJRP Untangler Join Date: Oct 2010 Posts: 56	That's why you should never use 192.168.1.x at office.

01-31-2012, 04:43 PM	#3 (permalink)
njcomputergroup Newbie Join Date: Jan 2012 Posts: 3	Yes I know...I took over this network from previous IT company.... Anyway...Does anyone have a solution for me, or am I screwed here?

02-05-2012, 10:37 PM	#7 (permalink)
marvosa Master Untangler Join Date: Jan 2009 Location: Minneapolis, MN Posts: 136	The 3rd option would be to NAT your VPN traffic, but why over complicate the issue. Change the office network to something not used by typical SOHO routers.