OpenVPN CIDR pool

aagaag · Jan 27, 2018, 9:27 AM

I am preemptively apologizing for this extremely naïve, N00b-ish question. In real life I am a medical doctor, and my knowledge of networking tech is full of huge gaps.

I need to set up an OpenVPN tunnel into my home network. The server is at internal IP address 10.10.10.2, the gateway (pfSense) has 10.10.10.1. The subnet is 255.255.0.0. The LAN devices use a pool of addresses between 10.10.10.3 and 10.10.14.255

I have set up OpenVPN on the pfSense gateway and it works in principle, but I cannot get the address pool right (in the OpenVPN settings):

10.0.8.0/24 (which pfSense lists as an example) works, but of course I do not see any device in my home network.
10.10.10.0/16 crashes the LAN!!!
10.10.0.0/16 does not work either.

Any advice would be gratefully appreciated!

aagaag · Jan 27, 2018, 1:55 PM

Never mind, I seem to have figured it out. 10.10.0.0/16 does the job after all.

johnpoz · Jan 27, 2018, 2:28 PM

"10.10.0.0/16 does the job after all."

Does the job of what - a firewall rule? A summary route - those are really the only valid uses of such a CIDR.. Do you have 65k some hosts you need on the same network? ;)

Use a more appropriate CIDR would be my suggestion.. Say a /24 or /23 if you have a lot of hosts..