Solved

IP address

Posted on 2004-09-30
7
197 Views
Last Modified: 2010-04-10
I have a network with a 172.16.0. IP and subnet mask of 255.255.255.0.  I want to create a VPN to another network that has to be on a different subnet scheme.  Do do this I would think that 172.16.1. with a subnet mask of 255.255.255.0
would this be the correct way to do this??
0
Comment
Question by:dtooth71
7 Comments
 
LVL 3

Accepted Solution

by:
TRobertson earned 350 total points
ID: 12190176
Yes that is ok, both of these are private subnets and perfect for your situation.
172.16.X.1-254
Longest you change the X and stay on 255.255.255.0 they will be different subnets and must pass through a gateway to connect to each other.
0
 

Author Comment

by:dtooth71
ID: 12190241
so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??
0
 

Author Comment

by:dtooth71
ID: 12190244
and keep the subnet 255.255.255.0 the same
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 3

Expert Comment

by:TRobertson
ID: 12190399
Yes, like you stated.  

Example:
172.16.0.x  255.255.255.0 subnet
device 1 172.16.0.1
device 2 172.16.0.2
device 3 172.16.0.3...
device 254 172.16.0.254

172.16.1.x 255.255.255.0 subnet
device 1 172.16.1.1
device 2 172.16.1.2
device 3 172.16.1.3...
device 254 172.16.1.254

172.16.2.x 255.255.255.0 subnet
device 1 172.16.2.1
device 2 172.16.2.2
device 3 172.16.2.3...
device 254 172.16.2.254


If you wanted to get complicated with the netmask and you could do something more complex like
172.16.0.x  netmask 255.255.255.128
network 1
172.16.0.1-172.16.0.126
network 2
172.16.0.129-172.16.0.254

However for simplicity i would stick with the first option.
checkout http://www.telusplanet.net/public/sparkman/netcalc.htm for subnet calculations
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 12191575
> so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??

The 255.255.255.0 mask says that different X values designate different networks.  RFC 1918 says these are private ranges that you can use for this if X is in the range 16 through 31.  Other values of X are public ranges which probably already belong to somebody else.


0
 
LVL 3

Expert Comment

by:frieked
ID: 12192619
Short answer to your question is yes, that is one correct way of picking a different subnet.
suggestion:  I have found it's good practice to keep your subnets more than 1 number away.  That way if you ever need to expand, then you have plenty of room.
For example if you pick subnets 172.16.0.0 and 172.16.1.0 it's possible that 3-4 years down the line after some expansions/mergers the 172.16.0.0 subnet could be filled and then you're faced with the headache of having to move your other subnet to make space.
Using a subnet mask of 255.255.255.128 as will make your subnets even smaller and isn't really necessary for most companies who use private address space since there's plenty of other subnets to go around.
Good idea would be to pick 172.16.0.0 and then maybe 172.16.128.0 or even 172.17.0.0
0
 
LVL 2

Expert Comment

by:DiCeR
ID: 12198579
172.16.0.1-255/255.255.255.0 and 172.16.1.1-255/255.255.255.0 will indeed be two different networks.

However - you will not establish a VPN connection to a different network by merely defining the new network.

Since traffic gets routed through one or more devices on its way from one network to the other, the MAIN POINT of a VPN-connection is to have a secure tunnel through the one-or-more-devices your traffic passes through. This tunnel is trustworthy even if the devices the traffic passes through isnt.

You will still need dedicated software and/or hardware that can make a VPN-connection between these two networks.

If your only need is a connection between those two networks, you shouldnt complicate things with a secure tunnel, but focus on arranging for the routing between them to work.

Hope this helps
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setting out for Cisco UCS 2 59
Force a WIFI client onto a specific access point 7 63
tamper proof asset tags - benefits 4 56
Distinguished username as email address 4 40
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question