Go Back   Cyber Tech Help Support Forums > Hardware > Networking


Networking Use this board for problem solving and the discussion of Networking, router, and Wi-Fi issues

Topic Tools
Old May 28th, 2008, 10:20 PM
arstacey's Avatar
arstacey arstacey is offline
Senior Member
Join Date: Sep 2003
O/S: Windows XP Pro
Location: Mercersburg, PA
Age: 47
Posts: 162

I am really just looking for some clarification on an issue I am working on. We currently use a hardware VPN to connect our 32 location back to the corporate office where they use Terminal Services to run our point-of-sale system. In order for the vpn to work, each location has to be on it's own subnet. The people who initially set everything up set the corporate ip scheme as 192.168.1.x. subnet

So in order to get the vpn to work, I set each location up as 192.168.2.x, 192.168.3.x, and so forth. The problem is, we are running out of ip's at the corporate office due to the 254 ip limit of that specific subnet. This is what I want to do:

Set the corp scheme to 10.[location].[devicetype].[device]

For example, an access point at the corp office may be and a webserver may be Location 101 may be for the first machine and for their vpn firewall/router. I want the second octet to be the one that dictates the location.

My problem is in the subnet mask. Do I set it to I know that works but doesn't that put everything on the same subnet? I was the subnets segregated, which is required for the vpn to work. Thanks in advance for any advice.
Reply With Quote
Old May 30th, 2008, 01:56 AM
Met44 Met44 is offline
Senior Member
Join Date: Oct 2007
Posts: 126
You may want to read up a bit on subnetting and variable length subnet masks (VLSM) if you are looking to conserve address space. There are lots of free resources on this - Cisco has a good one here: http://www.cisco.com/warp/public/701/3.html.

Switching to a 10. network could be a good idea, especially if it is a growing company. You would want to use a /16 (or /24) mask if you were not taking advantage of VLSM, which I would encourage you to do if you can understand it, as it will save you more address space (which is probably a non-issue for you with a network), but it also looks a little nicer logically.

To answer your question, you must consider what the subnet mask is doing for you. It tells you how much of your IP address is used to define the network address - basically, the non-zero bits are your network bits. ALL network bits must match for two computers to be considered on the same subnet. Consider: /16 is on the same network as /16.

Why? The /16 is shorthand to say the first 16 bits of the IP address (remember that an IP address can be expressed in binary notation, where each number shown represents one bit, rather than decimal as above) is used to define the network. A /16 mask can be expressed in decimal notation as

From a computer's point of view, it "chops off" anything that is not a network bit when trying to match up two IP addresses to see if they exist on the same network. How does it know where to chop? The subnet mask tells it to chop beginning at the first zero (in binary notation - but it happens to also work in decimal notation in this demonstration). This is what your computer sees from the above example: is equal to The computers are on the same network.

Now take these two: /24 and /24

Notice the /24 mask ( Your computer applies the subnet mask to each IP address, and then compares the two values: is not equal to Different networks.

A /8 ( mask) would indeed put all of your nodes on the same network.

If the above does not make much sense to you, I would recommend doing some reading on subnetting - the Cisco link above gives a good overview, and there are many other resources online covering the "ropes" of the subject. There is more to subnetting than may first meet the eye, but once you have the concepts tied down it is really not bad at all.

Other advice would be to definitely make sure you have a plan well thought out before implementation, especially if you are going the VLSM route. Make sure to double check that you are not using overlapping address space on multiple networks in your plan, before you start changing things over. Good luck!

Last edited by Met44; May 30th, 2008 at 01:58 AM.
Reply With Quote
Old May 30th, 2008, 12:38 PM
Snurfen's Avatar
Snurfen Snurfen is offline
CTH Subscriber
Join Date: Sep 2003
O/S: Windows 7 32-bit
Location: south Wales
Posts: 8,338
VLSM - the best way to go for this sort of setup. It takes a little getting your head around, but is worth the effort.

On the link provided by Met44, you probably won't be able to use the subnet calculator (need to be a Cisco partner) .
Here's a good one.
Reply With Quote


Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Clarification Mr Bean Windows Vista 8 January 7th, 2007 02:57 AM
Clarification grinchman007 Malware Removal 1 July 28th, 2006 03:57 AM
clarification blackkettle Windows 98 3 November 10th, 2003 06:02 PM

All times are GMT +1. The time now is 03:39 PM.