Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issue with access lan when remote network is the same subnet

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 5 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      outlet
      last edited by

      Hello,

      I am using iOS with OpenVPN connect.  Over cellular I can browse the internet just fine and access local resources, but if I am on a public hotspot with the same subnet as my home network it will always resolve to the remote network resources.

      LAN: 10.0.0.0/255.255.0.0
      OpenVPN network: 10.140.0.0/16
      Example remote network 10.0.0.0/255.0.0.0

      I have force all traffic enabled and I push my local network in the advanced server settings.

      Is there any way to get OpenVPN to default to my LAN?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Yes, that is an issue. If the network you are at (coffee shop, university…) happens to use a subnet that overlaps with your home subnet then there is trouble. If you are somewhere that has used 10.0.0.0/8 then that is a big pain! People should be setting up their networks with just small parts of that - 10.20.30.0/24 etc. Try to pick what you think is an obscure piece of private IP address space - 172.17.42.0/24 ... - for your home LAN and for the OpenVPN tunnel network.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          @phil.davis:

          People should be setting up their networks with just small parts of that - 10.20.30.0/24 etc.

          Hey, that's already taken by me, leave it alone!  ;D

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            ^ hehehehe, how can you be using it.. I am using it ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • H
              heper
              last edited by

              you can 1:1 NAT your home-lan to a "virtual" subnet over your vpn.

              for example:

              hotspot_your_ip = 10.0.0.200
              lan_host_you_wish_to_reach = 10.0.0.100    <<–- routing issue
              1:1 NAT your home_lan to 172.18.1.0/24  -------- from hotspot_your_ip you'd then connect to to 172.16.1.100 | and the NAT would have you end up on 10.0.0.100    <<--- routing issue "solved"

              i have a couple of sites where changing the lan-subnets is a ton of work (static ip's). I've used this method to circumvent possible routing issues

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.