¶ Overview
The overlap between private subnets used in a company’s private network and those commonly found in home WiFi networks can create significant challenges for remote access, particularly for employees who need to use devices on both networks concurrently. Exium offers insights and recommendations for mitigating these issues to ensure seamless connectivity and secure access.
¶ The Issue of Subnet Overlap
When a company’s private network shares subnets with home networks, users may encounter routing conflicts that hinder access to resources. For example, if a company uses a subnet such as 192.168.0.0/24, which is also frequently used in domestic settings, remote users face limitations in accessing both local devices (e.g., printers) in their home network and resources on the company’s private network simultaneously.
¶ Optimal Subnet Configuration
To avoid such conflicts and ensure effective use of Exium’s Zero Trust Network Access (ZTNA) technologies, organizations should adopt distinct private subnets. Here’s an example of a conflict-free setup:
Company Private Subnets:
- 192.168.110.0/24
- 10.20.150.0/24
Common Home Subnet:
- 192.168.0.0/24
This configuration allows users to access both local devices on their home network and resources on the company’s private network without routing conflicts.
¶ Recommendations for Avoiding Overlap
To prevent overlap between company private networks and typical home networks, the following subnet ranges should be avoided for corporate use:
- 192.168.0.0/24
- 192.168.1.0/24
- 10.0.0.0/24
- 10.0.1.0/24
These subnets are commonly used by most WiFi routers and can lead to connectivity issues when employees work remotely.
¶ Mitigation Strategies for Existing Overlaps
In cases where it is not feasible to restructure existing subnets to avoid overlap, Exium plans to provide an alternative solution (planned for 2025 GA). By leveraging secure tunneling provided by Zero Trust Network Access (ZTNA), the company’s private network (Zero TrustPaths defined in Exium's central admin console) traffic can be forced through the secure tunnel, allowing remote users to access company resources. While this ensures security, users may be unable to access local devices on their home networks.
¶ Conclusion
To enhance user experience and maintain seamless connectivity between home and company networks, it is imperative to carefully plan and allocate subnets within the organization. By following the recommendations to avoid common home WiFi subnet ranges and implementing best practices for network design, businesses can empower users with the ability to effectively manage both personal and professional resources without conflict, all while utilizing Exium’s advanced security protocols. Proper subnet management not only facilitates remote access but also strengthens the integrity and security of corporate resources.
To learn more about implementing SASE, XDR, IAM/ MFA, and GRC for your organization and explore tailored solutions that meet your unique requirements, contact Exium at partners@exium.net for a consultation or demonstration. If you are ready to get started, check out our testing and onboarding process.