|
Posted by El CiD on October 12, 2007, 9:44 am
If you were Registered and logged in, you could reply and use other advanced thread options
I would like to extend my gratitute in your answer for my question.
Last night, I kept on reading and trying to understand on how I should
approach my site to site vpn issue. I came to the same conclusion as
the answer you have given me below. You clarified the matter for me,
and now I have a better understanding on how the routing will work.
Thank you very much.
Yader
On Fri, 12 Oct 2007 07:07:34 GMT, Mike Drechsler - SPAM PROTECTED
>El CiD wrote:
>> Hello,
>>
>> I will be setting up a cisco site to site vpn for the first time. I
>> will attempt at creating two sites connecting to the main office. In
>> order for the site to site vpn to work among site, I will need to have
>> a different subnet per tunner.
>>
>> My idea is the following.
>>
>> 1st site.
>>
>>
>> Address: 172.16.0.1
>> Netmask: 255.255.255.0
>> Wildcard: 0.0.0.255
>>
>> = 254 hosts
>>
>> site 2
>>
>>
>>
>> Address: 172.16.0.2
>>
>> Netmask: 255.255.255.128
>> Wildcard: 0.0.0.127
>>
>> = 126 hosts
>>
>>
>> Address: 172.16.0.3
>>
>> Netmask: 255.255.255.192 = 26
>> Wildcard: 0.0.0.63
>> Hosts/Net: 62
>>
>>
>>
>> Am I correct to say that this setup will meet cisco requirement for
>> separate subnet masks? even although the ip addressing is similar?
>>
>> I went from a site with 254 hosts to site 2 with 126 down to site 3
>> with 62 hosts. Each site has a distintive subnet mask. I would like
>> to keep each site ip addressing similar as its easy to remenber. Site
>> 1 ends with .1 site two with .2 and site 3 with .3
>>
>>
>> and please pardon my newbiness. I am trying to understand it all as I
>> go.
>>
>> thank you.
>
>
>Your address ranges overlap. It will not work.
>
>Try:
>
>1st site
>address range: 172.16.0.0 - 172.16.0.255
>Set your router to be 172.16.0.1
>CIDR network notation: 172.16.0.0/24
>netmask: 255.255.255.0
>broadcast address: 172.16.0.255
>maximum addresses: 254
>
>2nd site
>address range: 172.16.1.0-172.16.1.127
>Set your router to be 172.16.1.1
>CIDR network notation: 172.16.1.0/25
>netmask: 255.255.255.128
>broadcast address: 172.16.1.127
>maximum addresses: 126
>
>3rd site
>address range: 172.16.1.128-172.16.1.191
>Set your router to be 172.16.1.129
>CIDR network notation: 172.16.1.128/26
>netmask: 255.255.255.192
>broadcast address: 172.16.1.191
>maximum addresses: 62
>
>Do not use the first or last IP's in the range (network route or
>broadcast IP). .0 and .255 are valid in the middle of larger sized IP
>blocks like /22 but can expose bugs in some software and routers that
>didn't expect these IP values.
>
>There is a handy dandy web based javascript calculator you can fiddle
>with here: http://www.subnet-calculator.com/cidr.php
>
>Basically your site routers will each need it's own range of addresses
>and those ranges cannot conflict with another router and subnet you are
>setting up.
>
>I'm guessing you aren't really running out of address space or you would
>understand the concepts much better. You may simplify things for
>yourself by just using /24 (255.255.255.0 netmask) sized subnets at all
>locations even though it wastes addresses for a small branch office that
>will never need that many IP's.
>eg: site1: 172.16.1.0/24 site2: 172.16.2.0/24 site3: 172.16.3.0/24
>
>The IP address of the router does not NEED to be the very first usable
>address in the IP range but it is convention that you setup your routers
>as the first usable IP to avoid confusion.
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map