VPN IP from internal LAN range

nick_patchett · August 15

I need to setup remote access IPSEC for some users, but I need them to get an IP address on the internal LAN range so it routes traffic correctly down a VPN connection. Is this possible?

Zyxel_Kay · August 16

Hi @nick_patchett

As PeterUK mentioned, assigning VPN clients an IP address from your internal LAN range is generally not recommended because it can cause routing issues and IP conflicts. Instead, it's best to use a separate, non-overlapping IP range for your VPN clients.

If your goal is to allow VPN clients to communicate with devices on your LAN, you can achieve this by configuring appropriate routing rules. This way, traffic can be correctly routed between the VPN and LAN networks without causing conflicts.

PeterUK · August 15

If device on a LAN have 192.168.1.0/24 with a gateway then VPN IP with 192.168.50.0/24 can route to them devices on the LAN

If the clients connecting by VPN have a LAN of 192.168.1.0/24 or 192.168.50.0/24 you will have problem

Zyxel_Kay · August 16

Hi @nick_patchett

As PeterUK mentioned, assigning VPN clients an IP address from your internal LAN range is generally not recommended because it can cause routing issues and IP conflicts. Instead, it's best to use a separate, non-overlapping IP range for your VPN clients.

If your goal is to allow VPN clients to communicate with devices on your LAN, you can achieve this by configuring appropriate routing rules. This way, traffic can be correctly routed between the VPN and LAN networks without causing conflicts.

VPN IP from internal LAN range

Accepted Solution

All Replies

Categories

Security Help Center