Solved

LAN subnet and workstation IP address

Posted on 2013-05-30
5
683 Views
Last Modified: 2013-05-30
The following is copied from a SonicWall support document concerning a VPN client failure.:

A. Make sure that the SonicWALL LAN subnet and workstation IP address are not in the same subnet.

I thought I understood it, but apparently I don't.  Could someone give an elementary explanation, please.
0
Comment
Question by:lantervj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 4

Accepted Solution

by:
artsec earned 250 total points
ID: 39209716
It means if your SonicWALL LAN subnet is 10.10.1.0 then your workstation IP Address subnet should be another range such as 192.168.1.100.
0
 

Author Comment

by:lantervj
ID: 39209730
So, if a lot of incoming VPNs are on 192.168.1.x (very common) and my LAN is 192.168.1.x then it will fail those VPNs?
0
 
LVL 4

Expert Comment

by:artsec
ID: 39209740
Yes, the remote users for VPN and the workstation users should have different IP subnets / ranges.
0
 
LVL 10

Assisted Solution

by:Mohammed Rahman
Mohammed Rahman earned 250 total points
ID: 39209741
Assuming this is for "issues encountered when trying to get an IP address for the virtual adapter when using the SonicWALL Global VPN Client"

A subnet is a logical group of networked devices. All the devices in same subnet will be able to communicate directly with each other without the need of Routing (Layer 3) device. A subnet will let you know (limit) the maximum HOSTS that you can have on a single logical network.

When it says that "Make sure that the SonicWALL LAN subnet and workstation IP address are not in the same subnet." it mean, the IP addresses assigned to workstation should not be in same logical range assigned to Sonic Wall.
** You should not be able to ping from Workstation to Sonic Wall (provided there is no routing device in between them)

Eg: You can assign the following IP address/subnet mask to the workstation.

IP: 192.168.0.2
Subnet Mask: 255.255.255.0
Gateway: 192.168.0.1

In the above case, you have a subnet or /24, and the above network can have a maximum of 254 hosts connected and communicate with each other without the need of a router.

You can assign IPs to 254 devices in the above range and all will be talking to each other without the need of a router (that is what you call subnetting, dividing your network to control unnecessary broadcast and collision domains)

The 254 hosts can have IPs starting from 192.168.0.1 to 192.168.0.255 (all having subnet mask as 255.255.255.0)
Now, the SONIC Wall should not have any IP in the range 192.168.0.X (X-- number from 1 to 255). If you assign any IP from the above range, the Sonic Wall and the Workstation will be on same subnet.

Now, to check whether the IP of workstation and Sonic Wall is in same subnet, you can go the the online subnet calculator and check yourself :)

http://jodies.de/ipcalc

Enter the IP of your workstation in the first box and the subnet mask in second box, click on calculate.
** Once you get the result, make sure that the Sonic Wall IP is not falling between HostMin: and HostMax: (as in the picture below) - HostMin to HostMax defines the IP range for a given network.
Subnet
0
 

Author Closing Comment

by:lantervj
ID: 39209757
Different but pertinent.  Good responses.  I miss my WatchGuard Firebox.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Wildcard Certificate means all of your sub-domains will resolve to the same location, regardless of the non-SSL Document-Root specification. A user will need to purchase a wildcard SSL from a vendor or a reseller that supplies them. Similar to ha…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question