In all of the sample configs I have seen, the pool of address' used to give to the VPN clients are from a different subnet than the local one (inside). Is there a reason to, or not to, use address from the local inside subnet?
It should be a different subnet than the inside so the return packets are routed to the gateway vpn device. If they’re on the same subnet, the gateway will discard the packet.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
