Questions

IP addressing for VPN

+
0 Votes
Locked

IP addressing for VPN

Mr
Hi, Can anyone please tell me what is the best pratcice for setting up IP addresses on a VPN? If I use 192.168.1.*** at my head office do I need to allocate a group of addresses from my this set for each of my sub-branches? (for example use 192.168.1.40 to 192.168.1.50 for sub-branch A) or do I give my sub-branch it's own range ie: 192.168.2.*** at one branch and 192.168.3.*** at another?
Any help would be greatly appreciated, thanks
  • +
    1 Votes
    Churdoo

    Each branch needs to be a separate network. If you're using 24-bit masks (255.255.255.0) and your main branch is 192.168.1.0/24 then you could use 192.168.2.0/24 for branch A, 192.168.3.0/24 for B, etc.

    Also I caution you, since 192.168.1.0 is a very popular network for off-the-shelf SOHO equipment that your home users may be using, and you may have some of them VPN from home via VPN client, then there is a potential conflict for such users.

    Therefore, consider using something other than 192.168.1.0 for your main site. For example, perhaps use 192.168.10.0/24 main site, 192.168.11.0/24 for branch A, etc. There will be a much smaller chance of VPN issues from home users using VPN clients from common SOHO equipment.

    +
    0 Votes
    deneventer

    A virtual private network needs a server at one end which controls the transactions ascribed over the internet per the office and home computer. OpenVPN-2.09 -install is a freeware VPN manager which helps with this process. To get a visual on the IP activity you need a control panel of sorts to accompany the VPN network. OpenVPN-Control_1.02 is also download-able. Do a Google search and download them. They might help with the configuration of your IP's. I think though you are referring to Subnet Masks, which are allocated to each IP respectively. Maybe this might help, if not check out the website of these downloads - they have all the info you need in their help files.

  • +
    1 Votes
    Churdoo

    Each branch needs to be a separate network. If you're using 24-bit masks (255.255.255.0) and your main branch is 192.168.1.0/24 then you could use 192.168.2.0/24 for branch A, 192.168.3.0/24 for B, etc.

    Also I caution you, since 192.168.1.0 is a very popular network for off-the-shelf SOHO equipment that your home users may be using, and you may have some of them VPN from home via VPN client, then there is a potential conflict for such users.

    Therefore, consider using something other than 192.168.1.0 for your main site. For example, perhaps use 192.168.10.0/24 main site, 192.168.11.0/24 for branch A, etc. There will be a much smaller chance of VPN issues from home users using VPN clients from common SOHO equipment.

    +
    0 Votes
    deneventer

    A virtual private network needs a server at one end which controls the transactions ascribed over the internet per the office and home computer. OpenVPN-2.09 -install is a freeware VPN manager which helps with this process. To get a visual on the IP activity you need a control panel of sorts to accompany the VPN network. OpenVPN-Control_1.02 is also download-able. Do a Google search and download them. They might help with the configuration of your IP's. I think though you are referring to Subnet Masks, which are allocated to each IP respectively. Maybe this might help, if not check out the website of these downloads - they have all the info you need in their help files.