HI,

I have a customer who has a 2762 installed on their business premises with a 192.168.1.0/24 network. There is a VPN set up so that one of their employees can access network resources whilst out of the office. However, if they try to access the VPN at home they cannot do so on their home wifi as this is also set to 192.168.1.0/24. This also applies if they are on a cusotmer's site with the same ip range. Obviously, if they VPN in using a 4G connection there is no clash and it works, but I'd like to see if there is a way round this that would allow the VPN to work without having to change the ip range. I could change the ip range of the business or home network but would rather not, as it only skirts the issue as there is always a change that whatever ip range I choose for the business network, a customer's site could have the same. So is there a way to configure the router to give the VPN client a different ip address, yet still allow them to access files from their business premises?

RedFez wrote: ...Obviously, if they VPN in using a 4G connection there is no clash and it works...

I'm not sure that "obviously" applies ... because, presumably they still receive a 192.168.1.x address from the VPN Server. Perhaps this connection is set to use the VPN as the "Default Gateway" and the connection via fixed Internet isn't?...

Presumably what normally happens, is that any attempt to access the "remote" 192.168.1.0/24 network, results in the client ARP'ing for it on the 'local' network (and thus failing to find it). In which case, setting the VPN connection to the Vigor to be the "Default Gateway" might be enough to make it spring into life?

Otherwise, adding a selection of Routing Entries on the client PC, might do it. (i.e. 192.168.1.y/255.255.255.255 -> 192.168.1.z) (Where 'y' is the node you want to access at the Vigor 2762 end, and 'z' is the IP address the VPN client received. Clearly, setting the VPN profile so that the client receives a fixed IP address would be required, if these Routing entries are to be stored as 'persistent' settings).

You could also investigate your idea of configuring the VPN IP address to be a different network, which might help. To do this, you would have to set up a LAN (say 192.168.2.0/24) and configure the VPN profile to use this LAN, instead of the default LAN1. AFAIK, this new LAN would either have to have a physical port, or have a (dummy) SSID assigned to it, to allow it be enabled (along with Routing to the main LAN).

Traceroute and Wireshark are probably your friends, from this point on

Hi hornbyp

Thanks for the reply. That gives me a few things to try! I'll let you know how I get on.