Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: VPN connection on the same subnet

  1. #1
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    13

    Default VPN connection on the same subnet

    Hi everyone,
    I wanted to if the is any way to connect from a private network that configured like this:
    DHCP - 10.0.0.1-130
    subnet - 255.0.0.0
    to other network through VPN with the same settings.
    and i dont wanna change the configuration on both...

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    You'll probably have routing issues.

    I know I experienced something like this with my brother. His Linksys worked perfectly until he tried to VPN into work and they use the same 192.168.1.x address space. I ended up re-configuring his Linksys so that locally @ home he'd be 192.168.3.x and then thing were happy when he VPN'd to work.

    The problem is your local device has no way to know if (for example) 192.168.1.10 is local or VPN if both networks use the same RFC1918 address space.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Iplaman View Post
    Hi everyone,
    I wanted to if the is any way to connect from a private network that configured like this:
    DHCP - 10.0.0.1-130
    subnet - 255.0.0.0
    to other network through VPN with the same settings.
    and i dont wanna change the configuration on both...
    If you're connecting multiple sites via a VPN, then it's really no different with a regular WAN link like a T1. You'll need different subnets on each end.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    13

    Default

    i understand, but i prefer not to change it, is there any way to "split" the network, software side? or to make a specific route to a specific ip address?

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Iplaman View Post
    i understand, but i prefer not to change it, is there any way to "split" the network, software side? or to make a specific route to a specific ip address?
    You can bridge the two networks together, but it wouldn't be advisable, especially if you have the same IP's assigned on both sides of the network.

    Can I ask why you don't want to make the change? It really is the best method of managing two networks like this. Re-scheming an entire network while it may be time consuming is possible. It just takes careful planning.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    13

    Default

    cause my private network is my uncle's and he got server configurations on one of the computers so im not suppose to touch anything...
    what about changing only the subnet mask? form 255.0.0.0 to 255.255.0.0 isnt that should work?

    it sounds like bridging the network together will be the solution im looking for...
    cause one network uses 10.77.252.* and the other on 10.0.0.*

    how can i do that?

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Network Calculators

    If 10.0.0.1-130 (well 128) is going to be a single network then your mask should be 255.255.255.128
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Iplaman View Post
    cause my private network is my uncle's and he got server configurations on one of the computers so im not suppose to touch anything...
    what about changing only the subnet mask? form 255.0.0.0 to 255.255.0.0 isnt that should work?

    it sounds like bridging the network together will be the solution im looking for...
    cause one network uses 10.77.252.* and the other on 10.0.0.*

    how can i do that?
    Now which is it? In your first post you said both networks are configured the same, and now you're saying they have different subnets. If they're different then all you need to do is establish the VPN and configure the routes on each end.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  9. #9
    Just burned his ISO MasterCodeMonkey's Avatar
    Join Date
    Jul 2009
    Posts
    5

    Cool think of re engineering your network

    Thorin is quite right, unless your last device is x.x.x.127~130 as that mask only supports 1~126, but you might want to think of re engineering your network ( the 10.0.0.1~130 I assume)

    You’ve chosen a class A address and while that doesn’t really mean much on your own lan/wlan if you want to start connecting outside you’ll have problems.

    You’ve said your address is 1~130 so you don’t have more than 130 NIC in use on something like a Bus topology? Unless you’ve got several small LANs making up your one like a Tree topology, because you might want a class B then. Any way, I’m going off track. Sounds like you want a Class C IP and a subnet mask of 255.255.255.128 will give you a network of 126 usable hosts , 1~126

    You might want to think about using a class C IP address, 192-254 as this is designed for 255.255.255.x .

    So as an example:

    192.0.0.1 – start host
    192.0.0.126 – last host
    255.255.255.128 – subnet mask

    If you have less NIC’s like 62, 30 or 14 then you can further enhance your network with lower subnet mask.

    Hope this helps

  10. #10
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    If the subnets overlap, then what is your computer supposed to do when it wants to send a packet to 10.0.0.5? There's two possible routes that it could go, it could be sent to the LAN or it could be sent out across to your VPN. To rectify this situation, you would have to manipulate your routing table to tell it which IP addresses are on the VPN.

    It would really would be a bit of a mess though. It would help greatly if you could change your network submask at home ot one that doesn't overlap with the VPN one.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •