OpenVPN clients with IP's in the same subnet as the internal lan?



  • Is this possible…

    Also if it is possible since the traffic is still going through the WAN would it block broadcasts from passing through.


  • Rebel Alliance Developer Netgate

    It's not possible in tun mode. It may be possible with bridging and tap mode, but it's not pretty.



  • I have made my internal subnet with the 10.230.1.0/25 subnet. My OpenVPN clients are on the 10.230.1.128/27 subnet so it should somehow be the same..


  • Rebel Alliance Developer Netgate

    No, that is not the same. Those are still separate subnets. Operating them in that way is no different than if you made them two completely different /24's, you've just restricted the IPs you have available for use by both sets of systems.

    If something on either side still has a /24 mask then it will never talk to things on the 'other' side of the tunnel. Or if by some miracle it gets traffic to it, it won't get it back.

    There are ways to get them into one flat subnet with tap/bridging, search the forums for details.


Log in to reply