Solved

IP address

Posted on 2004-09-30
7
190 Views
Last Modified: 2010-04-10
I have a network with a 172.16.0. IP and subnet mask of 255.255.255.0.  I want to create a VPN to another network that has to be on a different subnet scheme.  Do do this I would think that 172.16.1. with a subnet mask of 255.255.255.0
would this be the correct way to do this??
0
Comment
Question by:dtooth71
7 Comments
 
LVL 3

Accepted Solution

by:
TRobertson earned 350 total points
Comment Utility
Yes that is ok, both of these are private subnets and perfect for your situation.
172.16.X.1-254
Longest you change the X and stay on 255.255.255.0 they will be different subnets and must pass through a gateway to connect to each other.
0
 

Author Comment

by:dtooth71
Comment Utility
so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??
0
 

Author Comment

by:dtooth71
Comment Utility
and keep the subnet 255.255.255.0 the same
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 3

Expert Comment

by:TRobertson
Comment Utility
Yes, like you stated.  

Example:
172.16.0.x  255.255.255.0 subnet
device 1 172.16.0.1
device 2 172.16.0.2
device 3 172.16.0.3...
device 254 172.16.0.254

172.16.1.x 255.255.255.0 subnet
device 1 172.16.1.1
device 2 172.16.1.2
device 3 172.16.1.3...
device 254 172.16.1.254

172.16.2.x 255.255.255.0 subnet
device 1 172.16.2.1
device 2 172.16.2.2
device 3 172.16.2.3...
device 254 172.16.2.254


If you wanted to get complicated with the netmask and you could do something more complex like
172.16.0.x  netmask 255.255.255.128
network 1
172.16.0.1-172.16.0.126
network 2
172.16.0.129-172.16.0.254

However for simplicity i would stick with the first option.
checkout http://www.telusplanet.net/public/sparkman/netcalc.htm for subnet calculations
0
 
LVL 11

Expert Comment

by:PennGwyn
Comment Utility
> so I can make the X 172.16.X.1 any other number except the 0 that is on the current network??

The 255.255.255.0 mask says that different X values designate different networks.  RFC 1918 says these are private ranges that you can use for this if X is in the range 16 through 31.  Other values of X are public ranges which probably already belong to somebody else.


0
 
LVL 3

Expert Comment

by:frieked
Comment Utility
Short answer to your question is yes, that is one correct way of picking a different subnet.
suggestion:  I have found it's good practice to keep your subnets more than 1 number away.  That way if you ever need to expand, then you have plenty of room.
For example if you pick subnets 172.16.0.0 and 172.16.1.0 it's possible that 3-4 years down the line after some expansions/mergers the 172.16.0.0 subnet could be filled and then you're faced with the headache of having to move your other subnet to make space.
Using a subnet mask of 255.255.255.128 as will make your subnets even smaller and isn't really necessary for most companies who use private address space since there's plenty of other subnets to go around.
Good idea would be to pick 172.16.0.0 and then maybe 172.16.128.0 or even 172.17.0.0
0
 
LVL 2

Expert Comment

by:DiCeR
Comment Utility
172.16.0.1-255/255.255.255.0 and 172.16.1.1-255/255.255.255.0 will indeed be two different networks.

However - you will not establish a VPN connection to a different network by merely defining the new network.

Since traffic gets routed through one or more devices on its way from one network to the other, the MAIN POINT of a VPN-connection is to have a secure tunnel through the one-or-more-devices your traffic passes through. This tunnel is trustworthy even if the devices the traffic passes through isnt.

You will still need dedicated software and/or hardware that can make a VPN-connection between these two networks.

If your only need is a connection between those two networks, you shouldnt complicate things with a secure tunnel, but focus on arranging for the routing between them to work.

Hope this helps
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now