giga797
asked on
New /23 DHCP Scope Issues
We were running out of ip addresses on our network, decided to expand our subnet 192.168.2.1/24 to 192.168.2.1/23 so we can have another 255 addresses. Everything works fine for the any users that get dhcp within the 192.168.2.1-254 addresses but anyone with 192.168.3.1-254 cannot access the internet. is there anything else that needs to be configured for those clients to access the internet? we have a cisco 1921 router.
hi,
chances are that you have an access list allowing 192.168.2.0/24 on the gateway router, which you should change in 192.168.2.0/23
Please be aware that access-lists in cisco routers use wildcards.
In that case you have some access-list
192.168.2.0 0.0.0.255
which would be changed into
192.168.2.0 0.0.0.254
the router itself needs to have its subnet mask changed
hope this helps
max
chances are that you have an access list allowing 192.168.2.0/24 on the gateway router, which you should change in 192.168.2.0/23
Please be aware that access-lists in cisco routers use wildcards.
In that case you have some access-list
192.168.2.0 0.0.0.255
which would be changed into
192.168.2.0 0.0.0.254
the router itself needs to have its subnet mask changed
hope this helps
max
Did you change the subnet mask on the NIC of the DNS server (which I assume is your DHCP server), the LAN interface on the router and in the DHCP options?
-saige-
-saige-
ASKER
max_the_king i changed it according to your suggestion but still no luck below is the settings. I can ping the devices with the 192.168.3.x from the router. what would the gateway be for the 192.168.3.x clients? 192.168.2.1?
ip dhcp pool
network 192.168.2.0 255.255.254.0
default-router 192.168.2.1
dns-server 209.244.0.3 209.244.0.4
lease 0 4
interface Vlan1
description TOLAN
ip address 192.168.2.1 255.255.254.0
ip flow ingress
ip nat inside
ip virtual-reassembly in
ip access-list extended PATv2
remark PAT ACL v2.5
permit ip 192.168.2.0 0.0.0.254 any
ip dhcp pool
network 192.168.2.0 255.255.254.0
default-router 192.168.2.1
dns-server 209.244.0.3 209.244.0.4
lease 0 4
interface Vlan1
description TOLAN
ip address 192.168.2.1 255.255.254.0
ip flow ingress
ip nat inside
ip virtual-reassembly in
ip access-list extended PATv2
remark PAT ACL v2.5
permit ip 192.168.2.0 0.0.0.254 any
yes It is correct.
It should work.
may need a reboot if possible.
max
It should work.
may need a reboot if possible.
max
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
max_the_king thank you for your help, so i will change it to permit ip 192.168.2.0 0.0.0.254 any correct?
permit ip 192.168.2.0 0.0.1.255 any
max
max
I am assuming you haven't divided your network into vLANs to make this easier?