Network discovery across VPN and local subnets
This question is about interaction between VPN clients and local machines.
I have a simple network on the subnet 10.0.200.0/24. The router supports VPN. The router forces the VPN IP pool to be on a separate subnet than the local machines, 10.0.300.0/24.
VPN clients can easily cross the subnets if they know the destination IP address. Windows file sharing can work like this via IP. But, Windows clients can not discover and browse other Windows machines by name. Other applications that rely on network discovery also do not work across the subnets.
I have done some research and it sounds like this problem is caused by IP broadcast packets not crossing between subnets. Of course this is the intended behavior of a broadcast packet.
- If the router supported VPN IP pools within the main subnet, would this fix the problem?
2. What are the possible drawbacks of a network that whose VPN pool is in the main subnet?
3. Are there any SOHO routers that support VPN pools in the main subnet?
4. Why wouldn't all routers allow VPN pools in the main subnet?
- What would you recommend to someone who wants their VPN clients to behave more closely to the capabilities of local machines?
You're exactly right re: the Windows "browsing" functionality being based on broadcast packets and your VPN not forwarding broadcast packets across subnet boundaries.
Generally forwarding layer 2 broadcasts at layer 3 isn't desirable. Your particular VPN product may allow you to configure NetBIOS broadcast forwarding. Alternatively, you could look at implementing a WINS server on each side of the VPN to allow clients to "browse".
I'm with @joeqwerty on this, though, to some extent. Implement a structured methodology for resource location in your organization and you'll reap the benefits down the road.