- This topic is empty.
-
Posts
-
I have eth00 configured for 192.168.50.0/24 and VPN99 configured to allocate addresses from a pool that is 192.168.50.220 – 192.168.50.240 as I want the VPN users to be be on the Internal network. Both eth00 and VPN99 are using 192.168.50.254 (internal IP of the zeroshell router) as their gateway.
When I attempt to bridge eth00 and VPN99 to allow them to communicate freely, zeroshell says there is an error due to overlap and the bridge cannot be created.
How do I set it up so that my VPN users are on the same internal network and multicast, broadcasts, etc. flow freely between VPN99 and eth00?
For reasons I don’t want to go into, I can’t simply allocate a new subnet for the VPN users and then use NAT to bridge across, the VPN users have to maintain an allocated IP address on the internal network without NAT.
Thanks for any advice!
Security-wise you should stick to the plan having your intranet as a different zone than the vpn users. NAT is not an issue, you can allocate an other address space for them, e.g. 192.168.51.0/24 and route between these two subnets. Do not apply any NAT on these 2 interfaces.
If you desperately want to bridge them, remove the IP addresses from interface VPN99, then try to bridge it with ETH00 and finally apply the IP on the BRIDGE00 interface.
- You must be logged in to reply to this topic.