Years ago I setup my addressing scheme using 192.168.1.x. Now I
sometimes have users connecting to our network over a VPN. And
frequently their local network (home wifi, hotel wifi, etc) are also
using 192.168.1.x. This ends up causing connection problems. I have
had a couple users change their home networks to something else and
their problems went away. Short of me re-doing all my network
addresses, is there something I am missing that would solve this
problem? Some way to handle VPNs so the PCs don’t confuse their local
IPs with my IPs?
Years ago I setup my addressing scheme using 192.168.1.x. Now I
sometimes have users connecting to our network over a VPN. And
frequently their local network (home wifi, hotel wifi, etc) are also
using 192.168.1.x. This ends up causing connection problems. I have
had a couple users change their home networks to something else and
their problems went away. Short of me re-doing all my network
addresses, is there something I am missing that would solve this
problem? Some way to handle VPNs so the PCs don’t confuse their local
IPs with my IPs?
Thanks,
Ken[/color]
So my response to KeN’s comment is…
We ran into the same issue a few years ago. We were 192.168.0.x, and
so were a few home networks. Since then we’ve done several vlan
shifts, the first one to eliminate the vpn issue, but a couple since
then for different reasons. I don’t know of any other way to resolve
it, either have users change their home networks, or you doing
something different at the office.
Years ago I setup my addressing scheme using 192.168.1.x. Now I[color=blue]
sometimes have users connecting to our network over a VPN. And
frequently their local network (home wifi, hotel wifi, etc) are also
using 192.168.1.x. This ends up causing connection problems. I have
had a couple users change their home networks to something else and
their problems went away. Short of me re-doing all my network
addresses, is there something I am missing that would solve this
problem? Some way to handle VPNs so the PCs don’t confuse their local
IPs with my IPs?[/color]
I hate this problem, for the same reasons you’ve mentioned. Personally,
if I had a company network, I’d put it randomly somewhere in the 10.x.x.x
range just to avoid this since most home networks take the 192.168.0.x or
192.168.1.x space. Some hotels may use 172.16.x.x or 10.x.x.x, but with a
random range of your own hopefully it’ll work out.
Alternatively, maybe push out explicit routes to what they need so while
they can keep their own network operational any attempts to reach
192.168.1.37 (a specific server they need to access) will have an explicit
route on their machine pushed out by the VPN software, telling the box to
use the VPN connection. Doing that for all of your boxes may be…
onerous. Still, it’s the only workaround that comes to mind as being
slightly reasonable and not involving changing your network around.
A slightly less-fun idea: VPN network gets its own range, and then you put
boxes there that people can remote-control which can access the rest of
the network. Terribly inefficient if the person wants to do something
that is not great via a GUI, or if their connection is slow, but you could
make it work. Bleh.
We ran into the same issue a few years ago. We were 192.168.0.x, and
so were a few home networks. Since then we’ve done several vlan
shifts, the first one to eliminate the vpn issue, but a couple since
then for different reasons. I don’t know of any other way to resolve
it, either have users change their home networks, or you doing
something different at the office.[/color]
I hate this problem, for the same reasons you’ve mentioned. Personally,
if I had a company network, I’d put it randomly somewhere in the 10.x.x.x
range just to avoid this since most home networks take the 192.168.0.x or
192.168.1.x space. Some hotels may use 172.16.x.x or 10.x.x.x, but with a
random range of your own hopefully it’ll work out.[/color]
Something for the list of things to do.
[color=blue]
Alternatively, maybe push out explicit routes to what they need so while
they can keep their own network operational any attempts to reach
192.168.1.37 (a specific server they need to access) will have an explicit
route on their machine pushed out by the VPN software, telling the box to
use the VPN connection. Doing that for all of your boxes may be…
onerous. Still, it’s the only workaround that comes to mind as being
slightly reasonable and not involving changing your network around.[/color]
I might look into that too…thanks.
[color=blue]
A slightly less-fun idea: VPN network gets its own range, and then you put
boxes there that people can remote-control which can access the rest of
the network. Terribly inefficient if the person wants to do something
that is not great via a GUI, or if their connection is slow, but you could
make it work. Bleh.[/color]
On Wed, 20 Feb 2013 19:09:16 +0000, KeN Etter wrote:
[color=blue]
Years ago I setup my addressing scheme using 192.168.1.x. Now I
sometimes have users connecting to our network over a VPN. And
frequently their local network (home wifi, hotel wifi, etc) are also
using 192.168.1.x. This ends up causing connection problems. I have
had a couple users change their home networks to something else and
their problems went away. Short of me re-doing all my network
addresses, is there something I am missing that would solve this
problem? Some way to handle VPNs so the PCs don’t confuse their local
IPs with my IPs?[/color]
That’s the reason my home network uses a 172.16.x.x network rather than
the default.