Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
274
Views
0
Helpful
4
Replies

Does VPN works with public range IP address?

Go to solution
lyesinn.ang
Level 1
Level 1

‎10-02-2002 05:30 PM - edited ‎02-21-2020 12:05 PM

Hi,

If I use public range IP address (eg 100.100.x.x) for my office network and I intended to use VPN to connect to my remote office. Will that post an issue? Will the be any impact?

My concern is that I might be sending out legel IP addresses to the internet which might cause a conflict. Can anyone clear my doubt about this.

Thank you!!!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
afakhan
Level 4
Level 4

‎10-02-2002 07:19 PM

Hello,

If you are going to make a VPN Lan to Lan (site-to-site) tunnel b/w your remote office and your office, it wont cause any problem if you have public (routable) IP addresses configured on your inside LAN at your office location, because by default IPSec Tunnel mode is used when you configure LAN to LAN tunnels, tunnel mode adds an extra routeable header, this header has source and destination IP addresses based on your local and remote IKE peer IP addresses, instead of your inside IPs, your inside IPs remain hidden inside the tunnel header, no matter what IP addresses they contain.

So its possible without any impact.

Thanks,

Afaq

View solution in original post

0 Helpful
4 Replies 4

Go to solution
afakhan
Level 4
Level 4

‎10-02-2002 07:19 PM

Hello,

If you are going to make a VPN Lan to Lan (site-to-site) tunnel b/w your remote office and your office, it wont cause any problem if you have public (routable) IP addresses configured on your inside LAN at your office location, because by default IPSec Tunnel mode is used when you configure LAN to LAN tunnels, tunnel mode adds an extra routeable header, this header has source and destination IP addresses based on your local and remote IKE peer IP addresses, instead of your inside IPs, your inside IPs remain hidden inside the tunnel header, no matter what IP addresses they contain.

So its possible without any impact.

Thanks,

Afaq

0 Helpful

Go to solution
lyesinn.ang
Level 1
Level 1
In response to afakhan

‎10-02-2002 07:58 PM

Hi Afaq,

Thank for clearing my doubt. Really aprreciate that.

Regards

LS Ang

0 Helpful

Go to solution
lyesinn.ang
Level 1
Level 1
In response to afakhan

‎10-02-2002 09:09 PM

Hi Afaq,

Just one more question. Does VPN works well with NAT? Let's say my remote site needs to do NAT whenever it needs to access to my network.

Thanks..

Regards

LS ang

0 Helpful

Go to solution
afakhan
Level 4
Level 4
In response to lyesinn.ang

‎10-03-2002 08:33 AM

Hi,

Yeah, NATing is fine, if you have an overlapped network across the tunnel.

Make sure that your crypto ACLs have NATed (after NAT IPs) in them, so that you can encrypt traffic after NATing.

Thanks,

Afaq

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents