If I subnetted a public IP address can I Legally use one of those subnets on a branch office server

Posted on 2008-11-04
Last Modified: 2012-05-05
Hello Experts, I have been given the task of installing server 2008 on 2 new servers, I am totally new to this and would like some help, i have 2 questions,
1.  If I subnetted a public IP address can I Legally use one of those subnets on a branch office server, and 2. what is a good ene to end hardware firewall device that I should use to connect the two sites.

Thanks for any help
Question by:Pullbeak
    LVL 18

    Accepted Solution


    regarding 1)
    NO, you may not use ANY of public available IP's, if they were not assigned to you via your ISP! Not only this is a violation and misuse, but may aslo be very risky and in many cases WILL lead to IP conflicts in public internet. Do NOT do that!
    Also, you should NOT expose your servers directly to public internet - instead, put them beyond firewall or router, which is doing NAT translation, and use public IP on firewall/router's public interface, and LAN subnet (192.168.x.x, or 10.x.x.x) on your local side. From public to local side you should only forward (and open) ports, which you need, others let stay closed for security reasons.
    For example, on your router/firewall (NAT device) for the purpose of configuring publically available WEB server, you should forward only 2 ports to be opened to public:

    YOUR public IP (port 80) -> FORWADRED TO -> Your LAN IP of server (port 80)
    YOUR public IP (port 443) -> FORWADRED TO -> Your LAN IP of server (port 443)

    Regarding 2)
    depends on how much you can afford to invest.
    You may use ANY Cisco 800 or 1800 series routers WITH VPN bundle to connect 2 distant sites into single LAN subnet.
    In lower price range, you may use D-link or Linksys or 3com routers, but look at Specs PDF before buying, to be sure that device supports NOT "VPN passthru", but VPN-to-VPN (L2TP) site-to-site connections.

    Alternative is also to use ANY router, which supports "VPN passthru" (which most routers support), and configure server on 1st site to be RRAS (VPN) server, and other side server to be VPN client. This sollution is not so reliable, but would work fine if you want to save some money.


    Author Closing Comment

    Thanks for the info, now I think that I can actually set this thing up

    Featured Post

    Live: Real-Time Solutions, Start Here

    Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

    Join & Write a Comment

    Patch Management is administrated by page 129 of  the following document: However, there are issues with Patch Management with FTP (for instance, a slow Internet connectio…
    Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now