0

I have this situation: I implemented a VPN using the address 10.0.0.0/16. Now, I'm on an office that have a local network on 10.0.0.0/16 too. 

my computer ==> Local network ==> VPN
                 10.0.0.x         10.0.x.x
                Computer X        DNS
                 10.0.0.2         10.0.0.2

As you can imagine, when I connect to my VPN, there's a conflict with the addresses, starting with the OpenVPN's DNS server, on 10.0.0.2. When I try to open a webpage, my computer it's routing the DNS queries to a local computer with address 10.0.0.2 that has nothing to do with the DNS server with the same number on the VPN. So, my computer can't resolve any name.

Change the VPN to a different address like 10.10.x.x/16 it's not possible. Change the local address to something different to 10.0.0.x/24 neither. What would be the best solution for this?

At first, I thought on configure OpenVPN on some way, so the DNS would be on something like 10.0.30.2. Is it possible? The second idea is to change the routing table every time I connect to the VPN (I'm using Mac OS X El Capitan).

JonDoe297
  • 563
  • 2
  • 8
  • 21
  • 3
    `What would be the best solution for this` - You are screwed? One of the networks needs to change. – Zoredache Oct 04 '16 at 21:43
  • I'm about to start to migrate the VPN to a different address space... – JonDoe297 Oct 04 '16 at 21:48
  • 1
    It won't help - you are screwed. No way around it, unless you want some semi-working environment, which you can achieve with mapping IPs from one of the networks to a virtual non-existant subnet, which the other network would have the route to. Basic services will work, but you'll never get something which has mitm-protection (like anything with word SSL in it) to work in that configuration... – Anubioz Oct 04 '16 at 22:43
  • Well, yes, I resigned to that situation. I'm finishing to migrate all the services to the new address. Thank you for your comments. I will leave this question here, open, as a monument about how I was screwed and I will never create again a VPN with common addresses like 10.0.0.x. – JonDoe297 Oct 05 '16 at 00:05

0 Answers0