Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Roadwarrior two subnets the same - Would this cause issues?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 3 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      root2020
      last edited by

      Suppose that I have Site-A which would be the pfsense OpenVPN Server, and the network would be something uncommon like 172.20.10.1 to avoid IP conflict. FYI I would configure OpenVPN to use the 10.0.8.0/24 tunnel.

      Question #1: What if a roadwarrior-A connected from a coffee shop with the 192.168.1.0/24 network and another roadwarrior-B was in another coffee shop with 192.168.1.0/24. Would these two warriors cause headache because they are coming from same subnet addresses?
      Question #2: If I had roadwarrior-C with the subnet of 172.20.10.0/24 would this cause issues?

      Thanks,

      Rhett

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke
        last edited by

        @root2020:

        Suppose that I have Site-A which would be the pfsense OpenVPN Server, and the network would be something uncommon like 172.20.10.1 to avoid IP conflict. FYI I would configure OpenVPN to use the 10.0.8.0/24 tunnel.

        Question #1: What if a roadwarrior-A connected from a coffee shop with the 192.168.1.0/24 network and another roadwarrior-B was in another coffee shop with 192.168.1.0/24. Would these two warriors cause headache because they are coming from same subnet addresses?
        No problem until both RoadWarriors want to communicate with each other

        Question #2: If I had roadwarrior-C with the subnet of 172.20.10.0/24 would this cause issues?
        Yes if the destination where the RoadWarrior wants to connect to is on the subnet of 172.20.10.0/24. No problem probably with other destination subnets. But not 100% sure.

        Thanks,

        Rhett

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          Actually in case #1 you probably wouldn't have a problem. When a road warrior connects, and talks on the VPN tunnel, the traffic from the client should be coming from its OpenVPN client IP, not the IP it obtained from the coffee shop network.

          In case #2 you would have a problem trying to reach anything in that subnet, yes. It would believe it was local. You could setup some 1:1 NAT for another unused subnet that people can use in that case though, like 172.20.11.0/24 that maps on the OpenVPN interface to 172.20.10.0/24 on the inside. Then if you have a conflict, the clients just connect to IPs in the alternate subnet.

          Though with that odd of a subnet I doubt you'd ever hit a coffee shop or hotel using that.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.