[Openswan Users] Virtual Private !192.168.1.0/24

Paul Wouters paul at xelerance.com
Thu Jul 6 16:18:40 CEST 2006


On Thu, 6 Jul 2006, Brett Curtis wrote:

>
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24
>
> My internal subnet is 192.168.1.0/24. This is a pretty common IP range causing
> "I cant connect to the VPN" from my users.
>
> Now my question is this, do I need to change my internal subnet or can I just
> change the range of IPs given out by my l2tp daemon then make that change in
> the virtual_private line?
>
> Currently my l2tp daemon is giving out 192.168.1.130-140.

You're best of migrating your l2tp to a different IP range, though people on
that range would still not be able to connect to your 192.168.1.0/24 network,
unless you added some layer of nat.
The best thing is to get real ip space for your company. The next best thing
is to renumber the company network to another less commonly used range.

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list