Hello,
I am setting up a VPN for a small company I work for, using openVPN.
I would like to know whether it is always necessary to change the LAN address range away from the commonly used ones like 192.168.0.0 and 10.0.0.0?
The reason I am asking is because we have a lot of small devices on our wireless network which will be difficult to move to another address block. People on the VPN only need to be able to access the file server in any case, which is the same machine that will be running the openvpn server.
I was wondering whether in that case it would be possible to set up open vpn with a tap interface, and have the file server listen for traffic on that interface? The reason I am thinking of using tap rather than tun is because we access the file server using windows file sharing (it runs samba under debian linux).
Thanks for any advice on this,
andrew baxter.
lan address range question
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: lan address range question
no this is not necessary - the warnings printed are merely for your convenience; I have set up openvpn in many environments using 192.168.{0,1}/24 or 10.x.y.0/24 environments.
As long as you are aware of what you are doing and you know the basic RFC1918 rules (private addressing) then you should be fine.
As long as you are aware of what you are doing and you know the basic RFC1918 rules (private addressing) then you should be fine.