Out of ipv4 addresses on local network

Hello, my main site consists of local range of 10.0.0.0, also have 3 other sites connected thru vpn and those consist of 10.1.1.0, 10.2.2.0 and 10.3.3.0.

I  have no issues with the ips on the other 3 remote sites but my main sites its running out of local IPs due to the amount of equipment we have added recently. How can i add more IPs to my main site with out affecting VPN communications with the other sites? would it have to be something like 10.0.1.0 or diff subnet mask or something like that?

Dhcp is handled by windows 2003 servers (will change that to a 2008r2 soon)

thanks in advanced

ComptxAsked:
Who is Participating?
 
jrichesinCommented:
You will still need to modify the VPN "interesting traffic" rules to allow the new subnet / subnets across the VPN tunnels.  These rules would have to be edited on all the devices.  It is not really difficult.  What type of devices are you using for your VPN hardware?
0
 
Hutch_77Commented:
Anything you do is going to affect the VPN.  You will need to create VLAN's and then add routing to your local lan and routing to your VPNTunnels t know where each vlan is.  For what you are sayign I would create 1 for servers and 1 for PC's and if you do VOIP 1 for Voice possibly.
0
 
ComptxAuthor Commented:
sounds complicated, i cant just add like another subnet or something that does nto require alof of changes?
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
Hutch_77Commented:
Here is your answer.  Add the subnet.  How will the switches know where that subnet exists?

When you added the new subnets for the VPN you had to add routing in the connection,  This would be exactly the same.
0
 
ComptxAuthor Commented:
cisco asa 5505 on all sites
0
 
jrichesinCommented:
Yes....so the configuration would be simple.  You can just increase your subnet by changing your subnet mask or you could add another subnet and route between them.  That all depends on how much traffic is on the subnet and how many IP's are in your subnet.  If you have more that about a class C worth of devices (254)....I would subnet and route between subnets.
0
 
davesheppardCommented:
Have you got a spare 5505?

Why not hide a bunch of printers or dumb IP devices behind a 5505 NAT?  cant see whay that wouldnt solve your issue relatively easily.

OK it wont give you gigabit port speeds etc, but, printers, generally dont need that.

Just an out of the box idea.



 
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.