Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP Range Overlap

Status
Not open for further replies.
JillofAllTrades

JillofAllTrades

MIS
Jan 29, 2004
146
0
0
US
I have finally figured out why sometimes my remote users cannot connect to email from various locations.

I use 10.0.0.x internally, and when the remote location also uses that range, viola, no email connectivity. They have a hosts file entry that says emailserver is at 10.0.0.12 but of course the pc is looking at the "local" 10.0.0.12 instead of going out over the VPN connection to "my" 10.0.0.12.

What can I do to resolve this, short of changing my entire internal IP address scheme?

Thanks in advance!

Christine
 
Sort by date Sort by votes
Not the easiest solution for non-technical users, but after the user connects they can modify the local route table.

from a command prompt:

>ROUTE DELETE 10.0.0.0
>ROUTE ADD 10.0.0.0 MASK 255.255.255.0 x.x.x.x METRIC 1

where x.x.x.x is there IP address once connected.

Note, some VPN clients will not allow you to change the route table once connected.

 
Upvote 0 Downvote
That actually wouldn't be too hard, since they have static IP addresses for their VPN connections.

I will test that, thanks!

Christine
 
Upvote 0 Downvote
Some VPNs, like Cisco, allow you to disable local LAN access completely, which would also solve the problem.
 
Upvote 0 Downvote
Jill,

Did you resolve this? If not, read on...

Are you saying that your have two networks connected via VPN (IPSEC?) that have the same network subnet address? (ie. network 10.0.0.X/255.255.255.0 connects to network 10.0.0.X/255.255.255.0) Let me know if I've read your post correctly.
 
Upvote 0 Downvote
I haven't tested the solution yet to know if it works.

My corporate network is 10.0.0.x/255.255.255.0.
My mobile workers sometimes stay in locations with high-speed access that also use a network of 10.0.0.x/255.255.255.0.
When this happens, they are unable to connect to our resources, as their laptop looks to the local network for these addresses.

I am using a Windows 2000 Server RAS PPTP VPN - very simple set up. I have static IP addresses assigned to the mobile workers via Active Directory.

The only option I have on the client end is to "Use the default gateway on the remote network" which will send traffic through the VPN connection if it can't be located on the local network. Setting this doesn't help. [thumbsdown]

As soon as one of those pesky mobile workers calls to complain again, I will try adding the route. ;-)

Christine
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

F
  • Question
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
0
Views
1K
FrankSider12
F
Sparrow4
  • Locked
  • Question
CISCO AnyConnect - URL instead of IP Address
Replies
4
Views
612
iggsterman
iggsterman
goombawaho
  • Locked
  • Question
IP address conflict
Replies
7
Views
99
goombawaho
goombawaho
mjoop
  • Locked
  • Question
Public appearance for line without public IP
Replies
2
Views
54
obtsystems
obtsystems
raist3001
  • Locked
  • Question
Creating an IPSEC VPN tunnel between 2 DLINK DSR-250 help
Replies
0
Views
51
raist3001
raist3001

Part and Inventory Search

Sponsor

Back
Top