• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Virtual IP is within in my LAN-Net !!??

Scheduled Pinned Locked Moved OpenVPN
2 Posts 2 Posters 428 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    LoCrux
    last edited by Apr 25, 2018, 10:30 AM

    could someone please explain me the meaning of the "Vitual IP"?

    I've 2 running OpneVPN connections, where I can see a "remote ip" and a "virtual ip".
    The function of the "remote ip" is clear (my public ip to the WAN).
    But the need/use/function of the "virtual ip" is unclear to me.

    As I've set up my LAN subnet with 10.0.0.0/8, so both "virtual ip's" are
    within my LAN. Does this e.g. mean all my Samba-Shares could be seen by
    my vpn provider????

    SYSTEM -> ROUTING -> GATEWAYS:

    
   Name                 Interface   Gateway     Monitor IP  Description
1\. WAN_DHCP (default)   WAN         a.b.c.1     a.b.c.1     Interface WAN_DHCP Gateway     
2\. VPN_P2P_DHCP         VPN_P2P     10.8.8.X    10.8.8.X    Interface VPN_P2P_DHCP Gateway     
3\. VPN_UK_DHCP          VPN_UK      10.8.8.Y    10.8.8.Y    Interface VPN_UK_DHCP Gateway   

    I'd like to know if this could be a problem.
    As all my clients are split up like this:

    
ROUTE_NO_VPN    : Hosts reside within 10.a.x.y/16  : all PC's 
ROUTE_NO_VPN_C  : Hosts reside within 10.a.y.z/16  : all PC's where children have access to (lot off stuff is blocked)
ROUTE_VPN_P2P   : Hosts reside within 10.b.x.y/16  : self explaining :) 
ROUTE_VPN_UK    : Hosts reside within 10.c.x.y/16  : Anroid Boxes to access BBC
ROUTE_PI        : Hosts reside within 10.d.x.y/16  : Home Automation (MQTT Broker, Sonoffs, Alexas)
ROUTE_GUEST     : Hosts reside within 10.e.x.y/16  : WiFi for Guests 
DENY_WAN        : Hosts reside within 10.f.x.y/16  : Things not alowed to phone outside

    So i'd like to keep the /8 for the LAN (if possible).

    Thanks for your help.

    1 Reply Last reply Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator
      last edited by Apr 25, 2018, 12:53 PM

      "So i'd like to keep the /8 for the LAN (if possible)."

      For what possible reason would you need such a large mask… Do you have 1.6 million some hosts on this LAN?

      A /8 makes zero sense on an interface - its only uses would be firewall rules and or summary routes, etc.

      Use of such a network means that you will have nothing but issues with vpn clients that are coming from any network using 10.x.x.x address space...

      Pick a realistic network size.. Love to help you work out whatever issue it is your having - but setting such a mask is just stupid, and made a new promise to myself not to deal with stupid ;)

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received