Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN conflicting with local network connection

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      digitalgimpus
      last edited by

      I was recently in a hotel with WiFi configured as such:

      
IP: 10.254.xx.xx
Subnet Mask: 255.0.0.0
Router: 10.128.128.128
DNS: 10.128.128.128

      Make note of that aggressively large subnet.

      My network is 10.10.0.0/16. In particular I push 10.10.1.0 [255.255.255.0], 10.10.2.0 [255.255.255.0], 10.10.3.0 [255.255.255.0], 10.10.7.0 [255.255.255.0], 10.10.8.0 [255.255.255.0].

      When connecting over OpenVPN on iOS I was unable to connect to devices on my network over VPN presumably because of that subnet on the wifi network.  Is there a way to give OpenVPN routes priority?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        No. Just stay away from anything in 10/8 for your local network. Pick something random for your LAN that isn't in 10/8, 192.168.0/24, 192.168.1/24 or 192.168.168/24.

        You can't fix idiocy like that but you can try to minimize the collisions.

        Two random examples:

        172.26.190.0/24
        192.168.188.0/24

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          "Make note of that aggressively large subnet."

          Really?  But your using a /16??

          "My network is 10.10.0.0/16"

          Isn't that the kettle calling the pot??  Why do people continue to use routing summary masks for their local networks???

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • T
            TheNarc
            last edited by

            I ran into the same issue a while back and solved it using the instructions from the user Efonne in this post:
            https://forum.pfsense.org/index.php?topic=43507.msg225465#msg225465

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.