|
Home > Archive > VPN > October 2007 > Simple netmask question, could some one please answer this question for me.
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Simple netmask question, could some one please answer this question for me.
|
|
| El CiD 2007-10-12, 1:16 am |
| Hello,
I will be setting up a cisco site to site vpn for the first time. I
will attempt at creating two sites connecting to the main office. In
order for the site to site vpn to work among site, I will need to have
a different subnet per tunner.
My idea is the following.
1st site.
Address: 172.16.0.1
Netmask: 255.255.255.0
Wildcard: 0.0.0.255
= 254 hosts
site 2
Address: 172.16.0.2
Netmask: 255.255.255.128
Wildcard: 0.0.0.127
= 126 hosts
Address: 172.16.0.3
Netmask: 255.255.255.192 = 26
Wildcard: 0.0.0.63
Hosts/Net: 62
Am I correct to say that this setup will meet cisco requirement for
separate subnet masks? even although the ip addressing is similar?
I went from a site with 254 hosts to site 2 with 126 down to site 3
with 62 hosts. Each site has a distintive subnet mask. I would like
to keep each site ip addressing similar as its easy to remenber. Site
1 ends with .1 site two with .2 and site 3 with .3
and please pardon my newbiness. I am trying to understand it all as I
go.
thank you.
| |
| El CiD 2007-10-12, 1:12 pm |
| Sir,
I would like to extend my gratitute in your answer for my question.
Last night, I kept on reading and trying to understand on how I should
approach my site to site vpn issue. I came to the same conclusion as
the answer you have given me below. You clarified the matter for me,
and now I have a better understanding on how the routing will work.
Thank you very much.
Yader
On Fri, 12 Oct 2007 07:07:34 GMT, Mike Drechsler - SPAM PROTECTED
EMAIL <mike-newsgroup@-DELETETHISPART-.upcraft.com> wrote:
>El CiD wrote:
>
>
>Your address ranges overlap. It will not work.
>
>Try:
>
>1st site
>address range: 172.16.0.0 - 172.16.0.255
>Set your router to be 172.16.0.1
>CIDR network notation: 172.16.0.0/24
>netmask: 255.255.255.0
>broadcast address: 172.16.0.255
>maximum addresses: 254
>
>2nd site
>address range: 172.16.1.0-172.16.1.127
>Set your router to be 172.16.1.1
>CIDR network notation: 172.16.1.0/25
>netmask: 255.255.255.128
>broadcast address: 172.16.1.127
>maximum addresses: 126
>
>3rd site
>address range: 172.16.1.128-172.16.1.191
>Set your router to be 172.16.1.129
>CIDR network notation: 172.16.1.128/26
>netmask: 255.255.255.192
>broadcast address: 172.16.1.191
>maximum addresses: 62
>
>Do not use the first or last IP's in the range (network route or
>broadcast IP). .0 and .255 are valid in the middle of larger sized IP
>blocks like /22 but can expose bugs in some software and routers that
>didn't expect these IP values.
>
>There is a handy dandy web based javascript calculator you can fiddle
>with here: http://www.subnet-calculator.com/cidr.php
>
>Basically your site routers will each need it's own range of addresses
>and those ranges cannot conflict with another router and subnet you are
>setting up.
>
>I'm guessing you aren't really running out of address space or you would
>understand the concepts much better. You may simplify things for
>yourself by just using /24 (255.255.255.0 netmask) sized subnets at all
>locations even though it wastes addresses for a small branch office that
>will never need that many IP's.
>eg: site1: 172.16.1.0/24 site2: 172.16.2.0/24 site3: 172.16.3.0/24
>
>The IP address of the router does not NEED to be the very first usable
>address in the IP range but it is convention that you setup your routers
>as the first usable IP to avoid confusion.
|
|
|
|
|