Answer the question
In order to leave comments, you need to log in
Why do vpn clients need a pool of addresses separate from the home network if I want to have access to the home network from the vpn client?
In all the manuals, I saw that you need to use a separate pool of addresses for vpn clients. Why is this needed?
Answer the question
In order to leave comments, you need to log in
Then, so that people learn to read books, manuals, instructions. RTFM.
We learned the word Routing, OSI Model, Classes of IP networks. And at meetings you can brag about smart words. Or, outsource everything. :)
Another option is for people to pay a lot of money for their education. Starting CISCO ICND costs now 52 thousand rubles. If you go deep into the VPN another 52 thousand.
Let's save you 104 thousand. :)
Having made a VPN, you will already get access to your home network.
It's just that the home network becomes accessible through the VPN network, which is why it is also called a tunnel.
The packet went to the VPN subnet and left already in your home network.
In general, let's start from the beginning, from the time when there were still dinosaurs.
You are sitting in a cafe, you took out a laptop, connected to wifi, you got the Internet and routing to the Internet,
your ip 10.0.0.250 router is 10.0.0.1 and the routing on your laptop is
0.0.0.0/0 through 10.0.0.1
Now you run VPN on your laptop.
You have a tunnel 172.17.100.0/24 Your
home network is 192.168.0.0/24
When you connect a VPN, you are assigned ip 172.17.100.2 through which the network 192.168.0/24 is available.
In your routing table, the path
192.168.0.0/24 appears through 172.17.100.2
And now everything is connected.
Now when you want to see cats in contact, you watch cats through the route
0.0.0.0/0 10.0.0.1
When you want to access your home network, for example, on a computer 192.168.0.33
data transfer is carried out along the route.
192.168.0.0/24 172.17.100.2
Here is the routing chain
10.0.0.250-->(192.168.0.33) through 172.17.100.2-->(received data sent further)172.17.100.1-->192.168.0.1(home network router)- ->192.168.0.33
You can also do without VPN if, for example, you connect 2 offices into one class C network.
Routing of class C networks is possible, at the level of the provider's equipment and through VLANs, but this is a completely different story and costs money.
Since VPN is a separate service that is potentially dangerous and traffic from it must be filtered, and such a scheme is much easier to set up than a scheme when the VPN client is on the same subnet
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question