Avatar of bwierzbicki
bwierzbicki
Flag for United States of America asked on

changing subnet mask on a network

I have site that is using 192.168.201.0 w/subnet mask 255.255.255.0
There is a windows 2003 SBS domain and the PDC is handling DNS and dhcp.

They also have a router in the building offering public wifi.
For the public wifi I have the router's wan port on the 192.168.201.0 subnet and it acts as a dhcp server to the public clients on a different subnet.

This business is wanting to cover a larger area with wifi. They want wifi to be available for both public and private users, employees

After looking into access points I think I'm going to go with ubuiti unifi pro.
It has up to four SSID's. I could allow public users to an SSID defined as "guest" and turn on client isolation for guest. Private users could connect to their own SSID and be isolated from guests.
I would still use the 2003 SBS as DHCP, only problem is that because of the way ip addressing and the dhcp scope was originally set up I'm kinda restricted on ip address to put into the scope.

So what I'd like to do is change the subnet mask to something else that would allow for more ip addresses. Maybe even something like 255.255.128.0

This would allow me to have a very large pool of ip addresses available for guest computers.

Is doing this as simple as changing subnet masks on my server, router's lan, computers/devices with static ip's and doing a release/renew on dhcp clients?
Network ArchitectureWireless NetworkingMicrosoft Server OS

Avatar of undefined
Last Comment
bwierzbicki

8/22/2022 - Mon
rl3

what you have suggested would only give a bigger address pool to the Windows 2003SBS DHCP/DNS; based on some comments you made this is not what you want to do.  

1.  Client addresses 192.168.201.1 - 192.168.201.255
2.  Address subnet in #1 is for client devices only
3.  Guest access/addresses different subnet than client and served from router dhcp not 2003SBS dhcp
      (Ex:  10.250.101.1 - 10.250.101.255)
4.   need larger address space for dhcp for Client SSID and Guest SSID, but maintain separate space
5.  Client SSID:  change subnet mask to 255.255.254 for 512 addresses (192.168.201.1 - 192.168.202.255)
                                                                    255.255.253 for 768 addreses (192.168.201.1 - 192.168.203.255

so the answer to your question is yes, but that is a lot of addresses.  you should only use this subnet mask if you want to server internet to anyone who happens to be in range of your network.  

if this summary is not correct please explain in more detail
ASKER CERTIFIED SOLUTION
hypercube

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
bwierzbicki

ASKER
rl3, I may have been a bit confusing in my explanation.
My thoughts were to keep the public and private computers on the same subnet. To do this I need more ip's in the DHCP pool.

I'd let the access points keep public computers from accessing the private computers via client isolation of the guest SSID.

fmmarshall, to get the coverage the client wants I'm going to have to add a minimum of 3 Access points. To keep costs down and to not have 6 AP's blasting each other with their transmissions, I was going to use the Ubiquiti I mentioned which would allow me to go with 3 AP's and provide for private and public.

Of course there is the possibility of VLANs and VLAN tagging to SSID but that sounds pretty complicated and a third party solution provider is going to be managing the router, so I'm looking for a simple solution and if client isolation keeps public from accessing private computers.

And now that I"m looking at this, I'm not sure if client isolation would stop wifi users from seeing wired computers, or just from seeing other wifi users. I may end up with a router for public and hanging all public AP's from that router, using 6 total AP's 3 for private, 3 for public.

I may
rl3

ok, so then the question is how many IP addresses do you really need?  

In my example above serving all DHCP IP addresses from 192.168.201.x/24 gives 256 addresses (remember to subtract the network and broadcast so 254 usable)

then 255.255.254 (/23) gives 512 (510)
         255.255.253 (/22) gives 768 (766)
         255.255.252 (/21) gives 1024 (1022) etc.
Your help has saved me hundreds of hours of internet surfing.
fblack61
hypercube

Nothing in the solution I suggested limits the number of Access Points.  You can add them with whatever channel assignments make sense.  The bigger issue is distribution of IP addresses and use of subnets and/or VLANs.

I have a hard time imagining that guests would be allowed to see company computers.  Thus the two subnets.  The size of the subnets can be what you need.
bwierzbicki

ASKER
thanks for all your comments