You cannot connect to computers on the LAN behind a remote IT-100 over a VPN Tunnel

SYMPTOM

You have used a computer to connect to your office IT-100 from a remote location over a VPN Tunnel. You have a successful connection to the IT-100 but are unable to connect to any of the computers on the LAN behind the IT-100 at your office.

CAUSE

The most likely cause is that the IP Addressing scheme for the LAN connected to the IT-100 and the LAN you are connected to at your current location is the same. When you attempt to access a computer connected to the IT-100, the IP address of that machine is the same as the IP address of a computer on the LAN to which you are currently attached.  From your computer's point of view, there appears to be two different computers with the same IP address available and it is not be able to determine to which computer it should connect.

SOLUTION

The addressing scheme of one of the LANs must be changed so that they represent two separate LAN networks or you must move your computer to another network that uses an IP addressing scheme that is different that the one used at your office.

RELATED ISSUES

Very often, LAN networks will be configured to use Private IP Address Space. These are ranges of IP addresses that cannot be routed across the Internet. Computers using this Address Space can only access the Internet through a Gateway Router configured with a routable IP address on its WAN port. Any number of LANs all over the world can use Private IP Address Space as long as those addresses are isolated from any other network using them. These ranges are commonly used in networks spanning from small home networks to large business networks. It is possible to be on a LAN using one of these ranges and attempt to connect to a remote LAN over a VPN Tunnel that using the same range. The three Private IP Address ranges specified by RFC 1918 are:

  • 10.0.0.0                -                 10.255.255.255

  • 172.16.0.0            -                 172.31.255.255

  • 192.168.0.0          -                 192.168.255.255

The LAN port of the IT-100 is set with a default IP address of 10.9.8.7. This address is part of a network of addresses ranging from 10.9.8.0 to 10.9.8.255, which is part of the Private IP Address Space.

MORE INFORMATION

For more information on the concepts discussed above, refer to the Glossary of Terms section of the EmergeCore website Support page and review IP Address, LAN, NAT, Network Interface, Router, Subnet Mask, VPN and WAN. Also see the HOW TOs section of the Support page and review the entries under VPN.


   
     
   
   
       

Copyright © 2006 EmergeCore Networks LLC. All rights reserved. Terms of Use and Privacy Statement.
IT IN A BOX ® is a registered trademark of EmergeCore Networks®..