1

Is there any way at all to connect possibly hundreds of IOT devices that have the same LAN IP (192.168.1.1) to one OpenVPN server? The devices have openvpn client preinstalled.

I've been told it's 100% not possible. Is that correct? Obviously I am no expert and just asking for clarification.

cv05
  • 11
  • 1
  • Are they going through some kind of network with NAT to reach the VPN server? The local address of a device doesn't really matter all that much. – Zoredache May 11 '18 at 06:15

1 Answers1

2

I don't see how these devices are all on the same network, if they all have the same IP address.

If they're all on different networks, then they must be behind NATs in order to talk to anything non-local. In that case, there should be no problem connecting them all to the same OpenVPN server (at least in tun mode). Each client will be identified by its public (NATted) IP address, and each will be assigned its own address from the OpenVPN server pool. You should be fine in such a situation.

Your only other problem will come if you use 192.168.0 behind the server as well, in which case the clients may have routing issues. Don't do that.

MadHatter
  • 79,770
  • 20
  • 184
  • 232
  • If you were using `192.168.0` or something you could just ignore that and run IPv6 inside your tunnel, and have a nice unique address space with basically zero chance of conflicting with anything. – Zoredache May 11 '18 at 06:16
  • Absolutely agree, which is why I said "issues", rather than "you're stuffed". But life will be simpler for the OP if (s)he avoids this, I think. – MadHatter May 11 '18 at 06:17
  • They are all out in the field using a natt'd private ip. I probably asked my question incorrectly by stating they are all on the same subnet. I meant they all have the same local ip (192.168.1.1). – cv05 May 11 '18 at 06:29
  • Yes, I think we got that, and it doesn't much matter. If you still think we've incorrectly understood your setup, you should probably add a diagram to your question. If you do that, **please don't redact anything**. – MadHatter May 11 '18 at 06:32