Openvpn ip address conflict ?



  • A new client already has a router in place with the network of 192.168.1.1.  He wants openvpn and pfsense.  If I do openvpn with a full tunnel, can i make lan 192.168.1.1?  I would have never chosen 192.168.1.1 because of the possibilities of IP address conflicts when connecting to the vpn from another network that uses 1.1.  I have seen opinions both ways.  I would make the vpn virtual network 192.168.8.1. Will he get a conflict if he's connected to a full tunnel VPN from a network with the same IP address scheme (work lan) as his home lan? Thanks.  He has a lot of static devices, so changing work lan would be a pain.



  • You are correct - the OpenVPN link will not route from work to-from home if both work and home have the same subnet (like 192.168.1.0/24). Packets will never get sent across the link, because the source device will think the (remote) target device is in its local LAN, because the target device has an IP address in the local subnet.
    Time to choose the easiest network to change, and change it. Or even better, during the holiday season, change both. No-one will notice, they will all be on leave  ;)


Log in to reply