Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

What are the official VPN ip ranges?

0 views
Skip to first unread message

root

unread,
Dec 24, 1998, 3:00:00 AM12/24/98
to
Sense of Reason (m...@me.com) wrote:
>I am using the ip number range 192.168.0.* to setup my VPN's at the moment.
>I do not have a problem with changing the third number set to 42 for
>example, but is the 192.168 range a VPN ip range anyway, thus making my
>original configuration valid?

I'll respond by giving you some definitions.

First, a VPN is a Virtual Private Network. I define it as an
encrypted connection between two (or more) trusted gateways so that it
performs as if it were a real, physical, private network. You can use
any IPv4 IP addresses, as you please, on the private portions of you LAN,
but you can also use Non-Routable (RFC 1918) addresses as well.

Second, Non-Routable addresses are probably what you are asking
about. According to RFC 1918, the following addresses are reserved for
private networks, and by convention, are not routed on the Internet at
large (unless the router is misconfigured, or you have some special purpose
on your public portion of your network (i.e. @HOME uses some of these
addresses for their routers! I call them Semi-Legal addresses :-)

10.0.0.0 netmask 255.0.0.0.0
172.16.0.0 netmask 255.255.0.0
192.168.0.0 netmask 255.255.255.0

Now, I may be mistaked by that last one. I think there are more than
just the one Class C subnet reserved. That's why I always use something from
the first range (10.0.0.0), although I end up using a Class C netmask. It's
just easier for me to remember.

For you to definitively answer your question, consult RFC 1918. Any
search engine should show you multiple copies.

Sense of Reason

unread,
Dec 25, 1998, 3:00:00 AM12/25/98
to
Hello,

Bo Jiang

unread,
Dec 25, 1998, 3:00:00 AM12/25/98
to Sense of Reason
for VPN you can use any valid TCP/IP address, even the ip you assigned to are already on the internet, because from VPN server to VPN client Virtualy are 1 hop away, or say on same subnet, so, TCP/IP packet will not go to your gateway(Dail-up adapter).But you will have problems other way around, can't access any internet resources have same within your VPN subnet addresses. you can use subnet mask to limit your VPN subnet addresses to 4 or 2, so , other addresses will go to your gateway.

Bo

Don Kelloway

unread,
Dec 25, 1998, 3:00:00 AM12/25/98
to
minor correction/s...

The masks are irrelevant and it's 172.16.0.0 through 172.32.0.0

--
Happy Holidays,
Don Kelloway
Email - dkelloway(a)commodon(dot)com
Personal website - http://www.commodon.com
AOL IM (http://www.aol.com/aim) - DKelloway

For *your* protection, visit http://www.commodon.com/threat.htm to learn
about Back Orifice and NetBus. Both of which are threats to a user's
security on the 'net.

root wrote in message ...


>Sense of Reason (m...@me.com) wrote:

>>I am using the ip number range 192.168.0.* to setup my VPN's at the
moment.
>>I do not have a problem with changing the third number set to 42 for
>>example, but is the 192.168 range a VPN ip range anyway, thus making my
>>original configuration valid?
>

Michael Sierchio

unread,
Dec 25, 1998, 3:00:00 AM12/25/98
to
root wrote:

> 10.0.0.0 netmask 255.0.0.0.0
> 172.16.0.0 netmask 255.255.0.0
> 192.168.0.0 netmask 255.255.255.0

No.

10.0.0.0/8 (netmask 255.0.0.0)
172.16.0.0/12 (netmask 255.240.0.0)
192.168.0.0/16 (netmask 255.255.0.0)

Ronald Ng

unread,
Dec 29, 1998, 3:00:00 AM12/29/98
to

root wrote:

>
> Second, Non-Routable addresses are probably what you are asking
> about. According to RFC 1918, the following addresses are reserved for
> private networks, and by convention, are not routed on the Internet at
> large (unless the router is misconfigured, or you have some special purpose
> on your public portion of your network (i.e. @HOME uses some of these
> addresses for their routers! I call them Semi-Legal addresses :-)
>

> 10.0.0.0 netmask 255.0.0.0.0
> 172.16.0.0 netmask 255.255.0.0
> 192.168.0.0 netmask 255.255.255.0
>

Just to verify, the above addresses are the correct non-routable addresses.

vcard.vcf

New

unread,
Dec 31, 1998, 3:00:00 AM12/31/98
to
These addresses are routeable, and they are classful address spaces unless
you are playing VLSM games. It is only by RFC1918 and common convention that
they are not allowed on the internet.

You can route them internally all you want. If you connect a network using
RFC1918 addresses to the internet, your perimeter router or your firewall
must perform Network Address Translation.

Joe

0 new messages