Hello,
Today I found a case that I've intermittently found in the past, but I decide to bring it up in the forum and try to find a permanent solution.
I connected to a public WiFi network with an iPad. The network provided the following through DHCP:
IP: 10.157.180.98
Mask: 255.0.0.0
Gateway: 10.128.128.128
When connecting to my network through SSL-VPN, I was provided with an IP address in the 172.16.0.0 /24 segment:
IP: 172.16.0.20
Mask: 255.255.255.0
Gateway: 172.16.0.1
However, my internal LAN is in the 10.0.0.0 /24 segment.
As expected, accessing local network resources didn't work, due to the public Wi-Fi IP Assigned to the device and its mask (255.0.0.0). (I want to force all traffic to be routed through the VPN when connected to it).
Based on all this, how can I address the conflict (due to the device's DHCP provided address and mask conflicting with my internal network segment) without changing my LAN's network segment (of course), and given that I can't control the public Wi-Fi's IP address I get?
The first thing that comes to mind is to have the VPN write a route to the iPad's routing table with a lower metric than the Public WiFi's network (and that wil force all traffic to go through the VPN).
If I connect to the VPN from a network that uses a different network segment (DHCP providing addresses in the 172.16.x or 192.168.x ranges), everything works as expected.
Thanks!
Edited TAGs
[edited by: Erick Jan at 2:34 AM (GMT -7) on 29 Apr 2024]
