What type of IP addressing scheme can I use within my company so that we can always use the Cisco VPN client (& that will be completely different from) for when we connect to our customer networks?

Posted on 2010-01-05
Last Modified: 2012-06-27
What type of ip addressing scheme can I use within my IT organization  so that we will be able to use the Cisco VPN client (& that will be completely different from) for when we connect to our customer's networks remotely?

The internal IP addresses that are used within my company's internal network must be completely different than those used within our customer's networks. This way, our internal company network won't be using any the same IP addresses or subnets that our customer networks would most commonly use.

I would like to use an IP v4 addressing scheme, but if we need to use an IP v6 addressing scheme, I will be willing implement this.

Can you please post some hyperlinks that discuss the best ways of doing this?
Question by:Knowledgeable
    LVL 11

    Accepted Solution

    What is the subnet mask for your Network?  As far as IP addressing goes there are only certain ranges that can be used. through through (APIPA only) through through

    The most uncommon range used by companies is the 172.16 range.

    However from personal experience and depending upon your subnet mask and the subnet mask of the remote system you may always have overlaps.  I classify an overlap as an IP address that is valid on both the local network and the remote network.  This is where you are running into a problem.   The easiest way to resolve an overlap issue is to set up a static NAT (network address translation) between your local system and the remote system.  This can be set on your local ASA or the remote router.
    LVL 2

    Assisted Solution

    Our practice is to use 10.150.x.0/24 networks for our internal net, and 192.168.x.0/24 for our clients.
    With the and ranges remember you can divide them up just by using a larger subnet mask (ie

    Author Comment


    What about using other subnet masks, such as (although I understand that this won't leave our network with as many available IP addresses as we otherwise might need)?
    LVL 2

    Assisted Solution

    That certainly helps, but bear in mind will still conflict with etc. If you use a small network mask fairly high up you reduce the likelyhood of a conflict. As mentioned before we use networks like and have not had any conflicts so far...
    LVL 11

    Assisted Solution

    mobiusNZ has a valid point that using a network higher up in the range can reduce conflicts.  

    However if the remote system you are connecting to via VPN has a wide open subnet like and assigns IP's via DHCP to the VPN clients you could possibly still have a conflict at 10.150.*.* depending upon how the remote client allocates their IP addresses. But like mobiusNZ mentioned if you use a 10.*.*.* address and start at a high range the chances for conflict a less likely.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now