[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] openvpn on Debian setup

  • Subject: Re: [Openvpn-users] openvpn on Debian setup
  • From: Tim Freedom <tim_freedom@xxxxxxxxx>
  • Date: Mon, 25 Jun 2007 11:16:05 -0700 (PDT)

--- Josh Cepek <josh.cepek@xxxxxxx> wrote:
> Tim Freedom wrote:
> > Thanks Josh for your reply, the only reason I introduced 172.20.x.x
> > was to avoid cases where the roaming laptops out there were assigned
> > an IP address already in my LAN - isn't that a problem or does it even
> > matter ?  In other words, assume in my LAN I have a PC with an IP address
> > of and someone in their hotel room gets assigned on
> > their roaming/warrior laptop (DHCP just happened to set it to that) -
> > will this laptop/user be able to VPN back to the office (there would
> > be a clash, no) ?  If this is indeed a problem how is this issue
> > addressed otherwise I'm cool with simply using for the bridge.
> Yes, it will cause a problem if the network range overlaps with another
> assigned to a mobile VPN client.  I would recommend you use a
> less-common subnet, and the 172.16/12 is a good choice (I use networks
> in this range for my LAN and my VPNs for that same reason.)  Also, even
> if you go with a routed setup and give VPN clients their own separate
> subnet from your LAN, the VPN will still be pushing your LAN network to
> the client, and if this overlaps with a range the VPN client is using it
> will still cause conflicts.  Normally you never want to duplicate
> network segments as it almost always leads to problems.

OK, I'm back to square one then :-/ - could someone please shed some
light on how to setup a proper environment so that VPN works no matter
what the roaming Laptops' IP addresses are ?  Hasn't anyone gone through
this process before or is everyone really picky about what the server VPN
IP (and LAN) is vs. what the various client IPs need to be, etc ?

So in order to not really care what the roaming laptops' IPs coming-in
are I realize that I need to modify my route tables and possibly rewrite
their headers, but I'm a relative newbie to all of this and all help
would be appreciated.  Is there a HOWTO or a detailed example to note
this info ?

I'm not trying to complicate things, on the contrary, just trying to
figure out a setting (config files, commands, etc) so that the VPN
will function no matter what/where the roaming laptops come-in on.

Thanks in advance for your assistance.


OpenVPN mailing lists