TUN without a separate IP address range
Posted: Wed Dec 08, 2021 10:44 am
Hi all:
I have been using OpenVPN in TAP mode for years, so that remote workers can connect to the office LAN.
Say I have an address range like 192.168.123.xxx . If DHCP uses the range .100 to .200, I can simply tell OpenVPN to use .201 to .220 for the clients (this is a small office).
But now I am investigating the TUN mode, because most mobile phones do not support TAP, at least without some head scratching.
Normally, you are told to use a separate range like 10.8.0.0/24 for OpenVPN clients. Then you must enable IP routing at the OS level, and configure the appropriate IP forwarding rules on the router.
The trouble is, network routing configuration is not easy, and the Internet router is a non-standard monster that is hard to understand.
Is it possible to keep using the same IP address range 192.168.123.[201-220] for the clients in TUN mode? This way, I would only need to reconfigure the server that OpenVPN is running on.
Thanks in advance,
rdiez
I have been using OpenVPN in TAP mode for years, so that remote workers can connect to the office LAN.
Say I have an address range like 192.168.123.xxx . If DHCP uses the range .100 to .200, I can simply tell OpenVPN to use .201 to .220 for the clients (this is a small office).
But now I am investigating the TUN mode, because most mobile phones do not support TAP, at least without some head scratching.
Normally, you are told to use a separate range like 10.8.0.0/24 for OpenVPN clients. Then you must enable IP routing at the OS level, and configure the appropriate IP forwarding rules on the router.
The trouble is, network routing configuration is not easy, and the Internet router is a non-standard monster that is hard to understand.
Is it possible to keep using the same IP address range 192.168.123.[201-220] for the clients in TUN mode? This way, I would only need to reconfigure the server that OpenVPN is running on.
Thanks in advance,
rdiez