Solved

ip address

Posted on 2013-02-03
8
286 Views
Last Modified: 2013-02-05
Hello All,

I ordered a new sonic wall to replace and existing firewall.   i purchased the installation package.  However halfway in to the installation the technician informed me that the subnet 192.168.1.x was common and not going to work with my VPN clients because most home networks operate with the same subnet.   He recommended changing the subnet but did not give any guidance. All of the VPN clients will be residential clients.   Is there a best business practice for an ip subnet for a small business yet able to access maximum devices. without running in to conflicting ip addressing\vpn  issues. can i just assign any set of ip address  internally and is there a set i should concider for usage?   Thank you
0
Comment
Question by:rschwab
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 100 total points
ID: 38849183
Both the LAN and VPN IP network segments should avoid common /default subnets like:
192.168.0.x
192.168.1.x
192.168.2.x
192.168.111.x
10.0.0.x
10.10.10.x
172.16.1.x

If any client tries to connect and their local subnet is the same, they will not be able to access resources on the corporate LAN, thus as mention at the corporate site avoid common subnets as per that list.  This may mean you have to change your current LAN network at the corporate site.
0
 
LVL 30

Expert Comment

by:pgm554
ID: 38849185
That's not true,as many different routers with different brand names hand out different subnet address ranges.

Most VPN  security settings actually will not allow you to access your home network  for security reasons.

Cisco by default has this turned on and I believe Sonicwall does the same.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 38849197
I believe pgm554 is referring to split-tunneling (accessing home resources simultaneously with the corporate resources), which is a different issue.  That can be configured with the Sonicwall but is not by default, and not recommended.
0
Optimum High-Definition Video Viewing and Control

The ATEN VM0404HA 4x4 4K HDMI Matrix Switch supports 4K resolutions of UHD (3840 x 2160) and DCI (4096 x 2160) with refresh rates of 30 Hz (4:4:4) and 60 Hz (4:2:0). It is ideal for applications where the routing of 4K digital signals is required.

 
LVL 79

Expert Comment

by:arnold
ID: 38849236
The main point and the reason the issue came up deals with avoiding having the Corporate LAN and VPN IP ranges with IP addresses that are common out of the box among various retail routers.

Split tunneling is no panacea.

As to the consideration it depends on your need. I.e. do you use vlans, do you need to separate systems based on their use/department?
How many IPs do you need?
0
 
LVL 1

Assisted Solution

by:matthewttm
matthewttm earned 150 total points
ID: 38850097
Hi,  there is no recommended set as it depends on the number of users (PC, printers, wireless devices).

normally if the number of users are small, say less than 200, you can consider to use 255.255.255.0 subnet.
0
 

Author Comment

by:rschwab
ID: 38851104
We are a shop of about 30 users and about 50 devices,  there will be two vlan.  one for in house wireless- routed and another for guests not routed.   At this time it's like the employee growth will be 1 employee per year.
     Sorry about my ignorance towards ip addressing.   If i understand correctly the subnet masking indicates the number of devices available. The current 192.168.1.x  is a common subnet used be many residential based routers. Since we are working with a private network there is nothing  preventing me from changing 3rd octet  to an  192.168.5.x  ?      thank you all for your assistance
0
 
LVL 79

Accepted Solution

by:
arnold earned 250 total points
ID: 38851145
Correct, you can choose any private block or combination of blocks
192.168.0-255.x
172.16-31.x.x
10.x.x.x

I.e. your switch supports DHCP relay agent functionality such that you can configure your DHCP with one IP scope for routed traffic and a separate for your guest.
0
 

Author Closing Comment

by:rschwab
ID: 38858179
I'm certainly not qualified to grade anyone in this field,  but the points assigned addressed my needs thank you all for your knowlege and sharing your expertise
0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question