Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


VPN Tunnel: IP Question

  • Please log in to reply
1 reply to this topic

#1 SurfNinja


  • Members
  • 5 posts
  • Gender:Male
  • Location:England
  • Local time:10:57 PM

Posted 09 March 2017 - 04:06 PM




I need to establish a VPN tunnel between office A and B. Bi directional support is required. Please see details below.


Office A

Office A is running a flat level IP Scheme with no VLANS. It's current ip scheme is: /22. A microsoft threat management gateway is installed at this office. Only a small number of people need connectivity to office B. Around 8 people.


Office B

Office B would only like office A to access their /28 addresses over the tunnel.



What's the cleanest and best way to establish a tunnel between the two sites from an IP perspective? Office A will need to make a /28 range available over the tunnel, but instead of allocating the necessary users with static IP addresses on their workstations is there a better way to manage this tunnel?


Appreciate any advice and guidance.



BC AdBot (Login to Remove)


#2 Wand3r3r


  • Members
  • 2,027 posts
  • Local time:08:57 PM

Posted 11 March 2017 - 04:42 PM

You are not concerned about the office LAN subnets[ except that they need to be different at each site] when talking about WAN traffic

The /28 or /22 is a subnet mask and not the actual subnet.

Your users don't need static ips.  You would filter via a firewall vpn policy to only allow those host names access to the vpn.

Edited by Wand3r3r, 11 March 2017 - 04:43 PM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users