06-01-2006 06:30 AM - edited 03-09-2019 03:06 PM
Is there a way to get the concentrator to assign the client a tunnel address that will not clash/overlap with the address/netmask that the client gets from the hotel or his/her SOHO NAT router?
I cannot predict the address/netmask the client will receive at the hotel and the user may not have the nous to configure his/her SOHO router.
I would like to configure the concentrator to automatically assign a non-overlapping address/netmask - multiple client address/netmask pools required here?
06-01-2006 06:04 PM
If you are asking if there is a way for the concentrator to detect an overlapping LAN range with its primary DHCP scope and then shift to a secondary scope the answer is no.
The best bet is to just pick a range that is less likely to be used, (e.g. 172.31.255.0/24 and not 192.168.1.0/24)
06-02-2006 07:58 AM
Yes - this is what I'm trying to do - for example a concentrator can use a DHCP server and IPSEC IKE(v2) can now assign the inner IP address to the client.
But if the VPN server isn't aware of the client's outer configuration (maybe also a private IP address assigned by a hotel or other Internet POP) the inner configuration may overlap.
What do you folks practice to handle your road warrior colleagues? Have you ever run into this overlapping subnet problem?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide