VPN Issue (The home and office networks are using the same subnet)
Hi!,
I'm using WatchGuard VPN on my iPad and can establish a connection to my office.
Both my office and home IP addresses are distributed as 192.168.1.x and I do not want to change them.
When I connect via VPN, my iPad searches for 192.168.1.x IP addresses on my home network and therefore cannot connect to the IP addresses in the office.
I do not experience this problem when using Windows.
At this point (reiterating that I will not change the subnet addresses), I thought of a solution like this:
Can I assign a second IP address (for example, 44.44.44.44) to the office computers I want to connect to, while keeping the IP addresses as 192.168.1.x?
If I do this, I think my iPad will connect to the office computer because it cannot find 44.44.44.44 on my home network.
At this point, it is important that the old IP address of the same computer (192.168.1.x) remains because changing it would require me to change the entire system.
Or, do you have any other suggestions to fix this?
Regards.
Comments
Hi @Emre
The issue here will come down to the ability to route to the remote network, which is difficult/impossible if your networks are the same.
If you're using the WatchGuard IPSec Client (windows/mac,) there is an ability in that client to do a 1:1 NAT, which is effectively masquerading the distant network as a different subnet to make the routing work.
For the iPad, since it's not able to work out where to send that traffic, your only option is going to be to re-IP one side, so that your routes work.
I would never suggest deploying a firewall with the standard 192.168.0.x, 192.168.1.x, 192.168.100.x, 10.0.0.x, as these are all very common as defaults on small/home routers. Using anything less common inside the RFC1918 private IP space will cause less headaches down the road.
-James Carson
WatchGuard Customer Support
You can try the OpenVPN client for SSLVPN connection which seems to work for me from my iPad.
Use Mobile VPN with SSL with an OpenVPN Client
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/mvpn/ssl/mvpn_ssl_ovpn_profile_c.html
Thanks Bruce. However, I am experiencing the same problem with OpenVPN as well. Perhaps the IP addresses in your home and work networks are different from 192.168.1.x.
I want to explain how I solved the problem for those who may encounter it.
In Watchguard; I added 192.168.44.1/24 as a secondary interface for 192.168.1.1/24 from "Network > Configuration > Interfaces > Trusted > Secondary".
In PC; I gave a second IP address in the format of 192.168.44.x under "Network Connections > Adapter Settings > Ethernet Card > Advanced > TCP/IPv4 > IP addresses".
As a result, for example, a computer now has both 192.168.1.75 and 192.168.44.75 as IP address;
Since the 192.168.44.x is different from my home network (which is 192.168.1.x), I can connect this way.
So, problem solved for me.