Solved

IP address

Posted on 2004-09-30
7
206 Views
Last Modified: 2010-04-10
I have a network with a 172.16.0. IP and subnet mask of 255.255.255.0.  I want to create a VPN to another network that has to be on a different subnet scheme.  Do do this I would think that 172.16.1. with a subnet mask of 255.255.255.0
would this be the correct way to do this??
0
Comment
Question by:dtooth71
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 3

Accepted Solution

by:
TRobertson earned 350 total points
ID: 12190176
Yes that is ok, both of these are private subnets and perfect for your situation.
172.16.X.1-254
Longest you change the X and stay on 255.255.255.0 they will be different subnets and must pass through a gateway to connect to each other.
0
 

Author Comment

by:dtooth71
ID: 12190241
so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??
0
 

Author Comment

by:dtooth71
ID: 12190244
and keep the subnet 255.255.255.0 the same
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 3

Expert Comment

by:TRobertson
ID: 12190399
Yes, like you stated.  

Example:
172.16.0.x  255.255.255.0 subnet
device 1 172.16.0.1
device 2 172.16.0.2
device 3 172.16.0.3...
device 254 172.16.0.254

172.16.1.x 255.255.255.0 subnet
device 1 172.16.1.1
device 2 172.16.1.2
device 3 172.16.1.3...
device 254 172.16.1.254

172.16.2.x 255.255.255.0 subnet
device 1 172.16.2.1
device 2 172.16.2.2
device 3 172.16.2.3...
device 254 172.16.2.254


If you wanted to get complicated with the netmask and you could do something more complex like
172.16.0.x  netmask 255.255.255.128
network 1
172.16.0.1-172.16.0.126
network 2
172.16.0.129-172.16.0.254

However for simplicity i would stick with the first option.
checkout http://www.telusplanet.net/public/sparkman/netcalc.htm for subnet calculations
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 12191575
> so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??

The 255.255.255.0 mask says that different X values designate different networks.  RFC 1918 says these are private ranges that you can use for this if X is in the range 16 through 31.  Other values of X are public ranges which probably already belong to somebody else.


0
 
LVL 3

Expert Comment

by:frieked
ID: 12192619
Short answer to your question is yes, that is one correct way of picking a different subnet.
suggestion:  I have found it's good practice to keep your subnets more than 1 number away.  That way if you ever need to expand, then you have plenty of room.
For example if you pick subnets 172.16.0.0 and 172.16.1.0 it's possible that 3-4 years down the line after some expansions/mergers the 172.16.0.0 subnet could be filled and then you're faced with the headache of having to move your other subnet to make space.
Using a subnet mask of 255.255.255.128 as will make your subnets even smaller and isn't really necessary for most companies who use private address space since there's plenty of other subnets to go around.
Good idea would be to pick 172.16.0.0 and then maybe 172.16.128.0 or even 172.17.0.0
0
 
LVL 2

Expert Comment

by:DiCeR
ID: 12198579
172.16.0.1-255/255.255.255.0 and 172.16.1.1-255/255.255.255.0 will indeed be two different networks.

However - you will not establish a VPN connection to a different network by merely defining the new network.

Since traffic gets routed through one or more devices on its way from one network to the other, the MAIN POINT of a VPN-connection is to have a secure tunnel through the one-or-more-devices your traffic passes through. This tunnel is trustworthy even if the devices the traffic passes through isnt.

You will still need dedicated software and/or hardware that can make a VPN-connection between these two networks.

If your only need is a connection between those two networks, you shouldnt complicate things with a secure tunnel, but focus on arranging for the routing between them to work.

Hope this helps
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses
Course of the Month6 days, 10 hours left to enroll

634 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question