Mac: Using VPN with same subnet as LAN

Recently I changed my home network over to 10.0.1.0/24. Initially this was great compared to 192.168.1.0/24 as the addresses were much shorter and more memorable. However, when using my VPN connection into work I noticed that any servers I tried to access would be routed to the LAN-side address rather than the address at the end of the VPN tunnel.

For example, connecting to 10.0.1.1 over HTTP or SSH showed my home router instead of my work router, even if you 'Set Service Order' in Mac OS X network preferences.

I resorted to setting a static route to the addresses I wanted to use. Don't worry about these being permanent, as they appear to be reset when you disconnect your VPN interface (PPP0)

sudo route add -host IP_ADDR -interface ppp0

for example:

sudo route add -host 10.0.1.7 -interface ppp0

Would route all packets destined for 10.0.1.7 through the VPN (ppp0) rather than through the local LAN (en0)

It would seem that you cannot do this for the entire 10.0.1.0/24 network by running sudo route add 10.0.1.0/24 -interface ppp0 for the reasons explained below.

You can, however, simply chain this into a bash script for commonly used servers work-side giving:

#!/bin/bash

sudo route add -host 10.0.1.1 -interface ppp0
sudo route add -host 10.0.1.10 -interface ppp0
#... repeat as necessary...

Sadly, you can't seem to route all of your internet traffic through the VPN as you would normally be able to do. This is because if you set the gateway (10.0.1.1) to be routed through the VPN, then your computer can no longer connect to the tunnel going outwards through your home network, also with a gateway on 10.0.1.1. Hence, running sudo route add -host 10.0.1.1 -interface ppp0 seemed to break my mac's network connection in this case as the computer couldn't send packets to 10.0.1.1 as it didn't know where the local 10.0.1.1 was any more if that makes any sense.

Anyways, I will soon be changing my home subnet so that it doesn't overlap, possibly by shifting to 10.0.0.1/24 or hope that Apple issues a software update which will fix the issue.

Published 2016-09-21