What are the security risks of using public address schemes for the DHCP of your VPN'd Users?

Question

At the company I work for we recently purchased a network scanning tool to help with asset inventory and overall PC network management. My supervisor, while looking at the different IP address ranges for the various offices, noticed the range 222.222.222.x on about 30 machine's. We called the IT supervisor at the site and was told that the address range is set up as the DCHP range for VPN users. This seems like a huge security risk to me.

What are the risks involved with using this range of addresses?

The address's are used publicly in China, what are the risks associated with this?

Does this open us up as an easier target for attack?

Answer 1

It does not add any major risk.

The fact that the range is public (versus private like 10.0.0.0/8) doesn't change much as attempts to contact it from the outside (from an attacker for example) would still end up going to the legitimate owner of the IP block.

Furthermore a well-configured network should have a firewall that would block access to those VPN clients from the outside if the packets manage to reach the network for some reason.

The only issue could be if the legitimate owner of the IP block is malicious and sets up malicious services on those IPs, and somehow your users try to access your company's VPN range but instead end up accessing the real IPs which are malicious (if for example their VPN goes down).

However it is very bad practice, as now those VPN clients can't contact the "real" 222.222.222.0/24 subnet, and depending on how the network is designed it could be that either the entire company's network can't reach 222.222.222.0/24, or that some computers in the company would reach the real 222.x.x.x instead of reaching the VPN clients.

Either get the company to acquire/rent out more IPv4 blocks for their VPN clients, or use private addresses (and NAT for v4) and move to IPv6 for everything else.