Solved

IP address

Posted on 2004-09-30
7
201 Views
Last Modified: 2010-04-10
I have a network with a 172.16.0. IP and subnet mask of 255.255.255.0.  I want to create a VPN to another network that has to be on a different subnet scheme.  Do do this I would think that 172.16.1. with a subnet mask of 255.255.255.0
would this be the correct way to do this??
0
Comment
Question by:dtooth71
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 3

Accepted Solution

by:
TRobertson earned 350 total points
ID: 12190176
Yes that is ok, both of these are private subnets and perfect for your situation.
172.16.X.1-254
Longest you change the X and stay on 255.255.255.0 they will be different subnets and must pass through a gateway to connect to each other.
0
 

Author Comment

by:dtooth71
ID: 12190241
so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??
0
 

Author Comment

by:dtooth71
ID: 12190244
and keep the subnet 255.255.255.0 the same
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Expert Comment

by:TRobertson
ID: 12190399
Yes, like you stated.  

Example:
172.16.0.x  255.255.255.0 subnet
device 1 172.16.0.1
device 2 172.16.0.2
device 3 172.16.0.3...
device 254 172.16.0.254

172.16.1.x 255.255.255.0 subnet
device 1 172.16.1.1
device 2 172.16.1.2
device 3 172.16.1.3...
device 254 172.16.1.254

172.16.2.x 255.255.255.0 subnet
device 1 172.16.2.1
device 2 172.16.2.2
device 3 172.16.2.3...
device 254 172.16.2.254


If you wanted to get complicated with the netmask and you could do something more complex like
172.16.0.x  netmask 255.255.255.128
network 1
172.16.0.1-172.16.0.126
network 2
172.16.0.129-172.16.0.254

However for simplicity i would stick with the first option.
checkout http://www.telusplanet.net/public/sparkman/netcalc.htm for subnet calculations
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 12191575
> so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??

The 255.255.255.0 mask says that different X values designate different networks.  RFC 1918 says these are private ranges that you can use for this if X is in the range 16 through 31.  Other values of X are public ranges which probably already belong to somebody else.


0
 
LVL 3

Expert Comment

by:frieked
ID: 12192619
Short answer to your question is yes, that is one correct way of picking a different subnet.
suggestion:  I have found it's good practice to keep your subnets more than 1 number away.  That way if you ever need to expand, then you have plenty of room.
For example if you pick subnets 172.16.0.0 and 172.16.1.0 it's possible that 3-4 years down the line after some expansions/mergers the 172.16.0.0 subnet could be filled and then you're faced with the headache of having to move your other subnet to make space.
Using a subnet mask of 255.255.255.128 as will make your subnets even smaller and isn't really necessary for most companies who use private address space since there's plenty of other subnets to go around.
Good idea would be to pick 172.16.0.0 and then maybe 172.16.128.0 or even 172.17.0.0
0
 
LVL 2

Expert Comment

by:DiCeR
ID: 12198579
172.16.0.1-255/255.255.255.0 and 172.16.1.1-255/255.255.255.0 will indeed be two different networks.

However - you will not establish a VPN connection to a different network by merely defining the new network.

Since traffic gets routed through one or more devices on its way from one network to the other, the MAIN POINT of a VPN-connection is to have a secure tunnel through the one-or-more-devices your traffic passes through. This tunnel is trustworthy even if the devices the traffic passes through isnt.

You will still need dedicated software and/or hardware that can make a VPN-connection between these two networks.

If your only need is a connection between those two networks, you shouldnt complicate things with a secure tunnel, but focus on arranging for the routing between them to work.

Hope this helps
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 3650 switch licensing 6 79
VOIP gateways - feedback 23 125
PoE Injector and switch 2 53
How can we block any website on a server 2007 standard or server 2008R2? 5 53
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question