Highlighted
Level 3: Gumshoe

Telstra IP Ranges - Work From Home

Answered

I'm on Telstra Core Internet (ADSL)

Employer has asked for list of IP ranges I may be connecting in from so the IPSEC VPN can be configured to accept them. Apparently it is managed by a 3rd party and they have to do this, despite it adding little-to-nothing to security, especially as they have to use PSK and not Certificates.

I imagine it may be quite a long list. Does anyone know where I can get hold of it?

Thanks,

David

.
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Level 25: The Singularity
Level 25: The Singularity
Accepted Solution

Re: Telstra IP Ranges - Work From Home

That comes in the realm of "good luck with that", there are literally billions of possible addresses. I don't believe that there is a list like that that is accessible.

 

I don't know of any security system that still works that way. The IP addresses aren't static and they change semi-regularly. Your employer needs a new provider, such a system is terrible from a security standpoint - if the list of possible addresses was opened up by them, then any Telstra connection could be used as a hacking origin.

Never be afraid to back yourself when trying new things, just always make sure you have 3 escape routes if things go wrong.

View solution in original post

Was this helpful?

  • Yes it was, thank you
  • No, I still need help
4 REPLIES 4
Highlighted
Level 25: The Singularity
Level 25: The Singularity
Accepted Solution

Re: Telstra IP Ranges - Work From Home

That comes in the realm of "good luck with that", there are literally billions of possible addresses. I don't believe that there is a list like that that is accessible.

 

I don't know of any security system that still works that way. The IP addresses aren't static and they change semi-regularly. Your employer needs a new provider, such a system is terrible from a security standpoint - if the list of possible addresses was opened up by them, then any Telstra connection could be used as a hacking origin.

Never be afraid to back yourself when trying new things, just always make sure you have 3 escape routes if things go wrong.

View solution in original post

Highlighted
Level 3: Gumshoe

Re: Telstra IP Ranges - Work From Home

Thanks, I agree and have said as much. Source IPs are easily spoofed, and if they insist on PSK and not certificates they can't be too concerned about security. But what do I know?

 

They've put a corporate level request in to find out, see what eventuates. 

.
Highlighted
Level 3: Gumshoe

Re: Telstra IP Ranges - Work From Home

"there are literally billions of possible addresses."

 

No there aren't. Telstra own a range of IP addresses, the pool they use for home users is likely to be a couple of dozen at most.

 

"I don't believe that there is a list like that that is accessible."

 

You mean like this: https://ipinfo.io/AS1221

They own about 400 ranges, most of which would be for internal use. If you go to http://whatismyip.com then find your ip in the list above, it is more than likely that your assigned IP from Telstra will always be from within the same range. 

 

 

 

 

Highlighted
Level 3: Gumshoe

Re: Telstra IP Ranges - Work From Home

"despite it adding little-to-nothing to security"

 

Exactly this. ACLs for VPN 'security' are clumsy, especially since the purpose of a VPN is to work remotely, and guess what, your remote location may change along with your IP address.

 

Email your CIO and tell him he is a monkey

Set it & forget it

With direct debit there’s no need to give paying your bill another thought.

Avoid queuing up and never worry about late fees again.

Setup direct debit