Solved

LAN subnet and workstation IP address

Posted on 2013-05-30
5
671 Views
Last Modified: 2013-05-30
The following is copied from a SonicWall support document concerning a VPN client failure.:

A. Make sure that the SonicWALL LAN subnet and workstation IP address are not in the same subnet.

I thought I understood it, but apparently I don't.  Could someone give an elementary explanation, please.
0
Comment
Question by:lantervj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 4

Accepted Solution

by:
artsec earned 250 total points
ID: 39209716
It means if your SonicWALL LAN subnet is 10.10.1.0 then your workstation IP Address subnet should be another range such as 192.168.1.100.
0
 

Author Comment

by:lantervj
ID: 39209730
So, if a lot of incoming VPNs are on 192.168.1.x (very common) and my LAN is 192.168.1.x then it will fail those VPNs?
0
 
LVL 4

Expert Comment

by:artsec
ID: 39209740
Yes, the remote users for VPN and the workstation users should have different IP subnets / ranges.
0
 
LVL 10

Assisted Solution

by:Mohammed Rahman
Mohammed Rahman earned 250 total points
ID: 39209741
Assuming this is for "issues encountered when trying to get an IP address for the virtual adapter when using the SonicWALL Global VPN Client"

A subnet is a logical group of networked devices. All the devices in same subnet will be able to communicate directly with each other without the need of Routing (Layer 3) device. A subnet will let you know (limit) the maximum HOSTS that you can have on a single logical network.

When it says that "Make sure that the SonicWALL LAN subnet and workstation IP address are not in the same subnet." it mean, the IP addresses assigned to workstation should not be in same logical range assigned to Sonic Wall.
** You should not be able to ping from Workstation to Sonic Wall (provided there is no routing device in between them)

Eg: You can assign the following IP address/subnet mask to the workstation.

IP: 192.168.0.2
Subnet Mask: 255.255.255.0
Gateway: 192.168.0.1

In the above case, you have a subnet or /24, and the above network can have a maximum of 254 hosts connected and communicate with each other without the need of a router.

You can assign IPs to 254 devices in the above range and all will be talking to each other without the need of a router (that is what you call subnetting, dividing your network to control unnecessary broadcast and collision domains)

The 254 hosts can have IPs starting from 192.168.0.1 to 192.168.0.255 (all having subnet mask as 255.255.255.0)
Now, the SONIC Wall should not have any IP in the range 192.168.0.X (X-- number from 1 to 255). If you assign any IP from the above range, the Sonic Wall and the Workstation will be on same subnet.

Now, to check whether the IP of workstation and Sonic Wall is in same subnet, you can go the the online subnet calculator and check yourself :)

http://jodies.de/ipcalc

Enter the IP of your workstation in the first box and the subnet mask in second box, click on calculate.
** Once you get the result, make sure that the Sonic Wall IP is not falling between HostMin: and HostMax: (as in the picture below) - HostMin to HostMax defines the IP range for a given network.
Subnet
0
 

Author Closing Comment

by:lantervj
ID: 39209757
Different but pertinent.  Good responses.  I miss my WatchGuard Firebox.
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
MSP multi use software 4 153
Router assigned IP addresses 18 109
logon time 6 59
ICT security firms and audit/assurance offerings 3 39
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question