Solved

LAN subnet and workstation IP address

Posted on 2013-05-30
5
650 Views
Last Modified: 2013-05-30
The following is copied from a SonicWall support document concerning a VPN client failure.:

A. Make sure that the SonicWALL LAN subnet and workstation IP address are not in the same subnet.

I thought I understood it, but apparently I don't.  Could someone give an elementary explanation, please.
0
Comment
Question by:lantervj
  • 2
  • 2
5 Comments
 
LVL 4

Accepted Solution

by:
artsec earned 250 total points
ID: 39209716
It means if your SonicWALL LAN subnet is 10.10.1.0 then your workstation IP Address subnet should be another range such as 192.168.1.100.
0
 

Author Comment

by:lantervj
ID: 39209730
So, if a lot of incoming VPNs are on 192.168.1.x (very common) and my LAN is 192.168.1.x then it will fail those VPNs?
0
 
LVL 4

Expert Comment

by:artsec
ID: 39209740
Yes, the remote users for VPN and the workstation users should have different IP subnets / ranges.
0
 
LVL 10

Assisted Solution

by:Mohammed Rahman
Mohammed Rahman earned 250 total points
ID: 39209741
Assuming this is for "issues encountered when trying to get an IP address for the virtual adapter when using the SonicWALL Global VPN Client"

A subnet is a logical group of networked devices. All the devices in same subnet will be able to communicate directly with each other without the need of Routing (Layer 3) device. A subnet will let you know (limit) the maximum HOSTS that you can have on a single logical network.

When it says that "Make sure that the SonicWALL LAN subnet and workstation IP address are not in the same subnet." it mean, the IP addresses assigned to workstation should not be in same logical range assigned to Sonic Wall.
** You should not be able to ping from Workstation to Sonic Wall (provided there is no routing device in between them)

Eg: You can assign the following IP address/subnet mask to the workstation.

IP: 192.168.0.2
Subnet Mask: 255.255.255.0
Gateway: 192.168.0.1

In the above case, you have a subnet or /24, and the above network can have a maximum of 254 hosts connected and communicate with each other without the need of a router.

You can assign IPs to 254 devices in the above range and all will be talking to each other without the need of a router (that is what you call subnetting, dividing your network to control unnecessary broadcast and collision domains)

The 254 hosts can have IPs starting from 192.168.0.1 to 192.168.0.255 (all having subnet mask as 255.255.255.0)
Now, the SONIC Wall should not have any IP in the range 192.168.0.X (X-- number from 1 to 255). If you assign any IP from the above range, the Sonic Wall and the Workstation will be on same subnet.

Now, to check whether the IP of workstation and Sonic Wall is in same subnet, you can go the the online subnet calculator and check yourself :)

http://jodies.de/ipcalc

Enter the IP of your workstation in the first box and the subnet mask in second box, click on calculate.
** Once you get the result, make sure that the Sonic Wall IP is not falling between HostMin: and HostMax: (as in the picture below) - HostMin to HostMax defines the IP range for a given network.
Subnet
0
 

Author Closing Comment

by:lantervj
ID: 39209757
Different but pertinent.  Good responses.  I miss my WatchGuard Firebox.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Setting up SSH Cisco We are all told that you should not use Telent for connecting to devices because it is unsecure and all clear text. Much better is to use SSH, but it can seem a bit of a challenge setting it all up and especially in a small n…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question