[TriLUG] OT - VPN configuration question

Thomas Moriarty moriarty.tom at gmail.com
Thu Dec 27 15:30:42 EST 2007 

I used to work in a support center that assisted people that were trying 
to do just what you describe.  The big problem is going to be with the 
networking and not the OS.  If you are on a local network (192.168.1.x) 
and you are trying to connect to another local net (192.168.1.x) but 
they are separated by the Internet, NAT'ing will have to be used.  The 
problem is that the upstream device (usually a router or switch) will 
see the local address and attempt to find that local host on the 
internal net instead.  It would never go out over the Internet.  Where I 
worked, this was called an "Overlapping Subnet Issue".  Possible 
solutions are to change the local networking on the sending side, change 
the local networking on the receiving side, OR, using something that 
allows your remote host to communicate with the local hosts 
differently.  I think that I read that OpenVPN offers a way to "remap" 
the iptables.  I read it here:

https://www.ossg.ru/docs/OpenVPN/faq.html

Good luck!

Christopher L Merrill wrote:
> (ok, it is slightly on topic since we are using OpenVPN on a BSD
> box for our VPN)
>
> We are using OpenVPN for our VPN solution on a BSD firewall.  We all
> have laptops with the OpenVPN client.  One person has reported a
> problem connecting from public hotspots if the IP address given at
> by the hostspot is a 192.168.1.x address.  He thinks the problem is
> due to our office also using 192.168.1.x addresses.  As a result, he
> wants to change our internal network to something else...which will
> be a LOT of work.  I've never had any problems connecting from
> anywhere. I connected yesterday from a hotspot and noted that I had
> been assigned a 192.168.1.x address and I did not have any problems.
>
> The only obvious difference is that he's on OSX and I'm on XP.
> Other than that, I can't come up with an answer to the problem.
>
> Any ideas what the problem might be or how to fix it?
>
> C
>
>
>   

-- 
ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸, ø¤º°`°º¤ø ,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø

Thomas J. Moriarty, III
moriarty.tom at gmail.com
919-619-5709

More information about the TriLUG mailing list