Results 1 to 13 of 13

Thread: Network problem

  1. #1
    Junior Member
    Join Date
    Oct 2007
    Posts
    13

    Question Network problem

    Hey guys, noob here.

    I have a network of 10-15 computers. So its a Class C address, correct? that starts with 192.xxx.xxx.xxx. Will i need to subnet this small of a network? How would one go about doing so?

    There are wired computers, and 2 wireless routers. One for the public and one for a staff meeting room.

  2. #2
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,867
    You have room to add more than 225 more computers and it'll still be fine as a class C. No reason to subnet.

    However....I'd recommend making a VLAN for your wireless "public" guests, so they can't cause problems with the main business network. A simple managed switch that can do port based VLANs would be able to do this. Or, depending on your access point...some of them support a feature which can VLAN each wireless client.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  3. #3
    Junior Member
    Join Date
    Oct 2007
    Posts
    13
    Quote Originally Posted by YeOldeStonecat View Post
    You have room to add more than 225 more computers and it'll still be fine as a class C. No reason to subnet.

    However....I'd recommend making a VLAN for your wireless "public" guests, so they can't cause problems with the main business network. A simple managed switch that can do port based VLANs would be able to do this. Or, depending on your access point...some of them support a feature which can VLAN each wireless client.
    I was going go to go with these two wireless devices listed below, but if i only went with one because i can make a VLAN with the Cisco SRW2024, which one would you recommended?

    Cisco RVS4000
    Cisco WAP4400N

  4. #4
    Regular Member
    Join Date
    Jan 2009
    Posts
    112
    i think you mean 192.168.x.x, but there is no point in subneting it into anything smaller.

    You can do a vlan for the wireless, or another subnet. If you router supports a second subnet that may be the easiest way.

  5. #5
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,867
    Quote Originally Posted by SLY_Z_28 View Post
    I was going go to go with these two wireless devices listed below, but if i only went with one because i can make a VLAN with the Cisco SRW2024, which one would you recommended?

    Cisco RVS4000
    Cisco WAP4400N
    The SWR2024...that'll take care of your VLANs easily...probably the quickest and easiest way to keep the network simple and securely separated.

    Router to port 1 of the switch, primary network into ports 2-20 of the switch.

    Ports 2-20 making up VLAN 1, which also has port 1 as a member.
    Port 21 ...create VLAN 2, also make port 1 (the router) a member of that VLAN 2.

    For "budget" access points, I've had the best success in using the wrt54gl routers....flashed with DD-WRT or Tomato firmware, configured in access point mode. And if you need good range...replace the stock antennas with a pair of extra long high gains.

    The wap4400 models....I've used them before...they're OK for internet access, but under higher traffic seem to get flakey.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  6. #6
    Junior Member
    Join Date
    Oct 2007
    Posts
    13
    Quote Originally Posted by bilbus View Post
    i think you mean 192.168.x.x, but there is no point in subneting it into anything smaller.

    You can do a vlan for the wireless, or another subnet. If you router supports a second subnet that may be the easiest way.

    FYI, this is a small business, would that change the IP addressing scheme? Why not a random range from 192.0.1.1 to 223.255.254.254? Say 199.1.30.0 so i can increase security and remember that specific business?

  7. #7
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,867
    I usually make business networks a bit different than 192.168.0.x or 192.168.1.x....only due to possibility of remote users VPN'ing in from home. Most home routers are 192.168.0.xxx or 192.168.1.xxx. VPN setups usually prefer different IP ranges. Easier to build the main office network on a different setup than go and try to change a dozen home users home routers after the fact.

    For security purposes...it doesn't really have one. Your network is hidden behind NAT, those IPs aren't seen. The fact that its 192.168.1.xxx or 10.50.10.xxx is irrelevant to security.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  8. #8
    Junior Member
    Join Date
    Oct 2007
    Posts
    13
    Quote Originally Posted by YeOldeStonecat View Post
    The SWR2024...that'll take care of your VLANs easily...probably the quickest and easiest way to keep the network simple and securely separated.

    Router to port 1 of the switch, primary network into ports 2-20 of the switch.

    Ports 2-20 making up VLAN 1, which also has port 1 as a member.
    Port 21 ...create VLAN 2, also make port 1 (the router) a member of that VLAN 2.

    For "budget" access points, I've had the best success in using the wrt54gl routers....flashed with DD-WRT or Tomato firmware, configured in access point mode. And if you need good range...replace the stock antennas with a pair of extra long high gains.

    The wap4400 models....I've used them before...they're OK for internet access, but under higher traffic seem to get flakey.
    Excellent explanation, that gives me a great idea now whats going on, thank you again.

    Another question, If i wanted to incorporate VPN, I know that i cant use something that has the same IP range. So if my business network starts with 10.1.30.0...I could use 192.168.1.1. for associates and 172.0.1. for my home network that i can connect to?

  9. #9
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,867
    Quote Originally Posted by SLY_Z_28 View Post

    Another question, If i wanted to incorporate VPN, I know that i cant use something that has the same IP range. So if my business network starts with 10.1.30.0...I could use 192.168.1.1. for associates and 172.0.1. for my home network that i can connect to?
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  10. #10
    Junior Member
    Join Date
    Oct 2007
    Posts
    13
    Quote Originally Posted by YeOldeStonecat View Post
    The SWR2024...that'll take care of your VLANs easily...probably the quickest and easiest way to keep the network simple and securely separated.

    Router to port 1 of the switch, primary network into ports 2-20 of the switch.

    Ports 2-20 making up VLAN 1, which also has port 1 as a member.
    Port 21 ...create VLAN 2, also make port 1 (the router) a member of that VLAN 2.

    For "budget" access points, I've had the best success in using the wrt54gl routers....flashed with DD-WRT or Tomato firmware, configured in access point mode. And if you need good range...replace the stock antennas with a pair of extra long high gains.

    The wap4400 models....I've used them before...they're OK for internet access, but under higher traffic seem to get flakey.
    I checked on the DD-WRT and there was a lot of info there. I also checked on tomato too.

    Now i just want to confirm, the public wireless will be controlled by the switch with VLAN as you recommend earlier but if the switch is not close to the public, will DD-WRT or Tomato Firmware take care of that distance and let it connect wireless? Or would i use a remote base station like the Cisco Aironet 1140? Would the 1140 need its own static IP?

  11. #11
    Junior Member
    Join Date
    Oct 2007
    Posts
    13
    anyone?

  12. #12
    Regular Member
    Join Date
    Jan 2009
    Posts
    112
    Quote Originally Posted by SLY_Z_28 View Post
    FYI, this is a small business, would that change the IP addressing scheme? Why not a random range from 192.0.1.1 to 223.255.254.254? Say 199.1.30.0 so i can increase security and remember that specific business?
    192.168.x.x is a valid private range .. 192.0.x.x is owned by someone.

    You can not just choose random ip addresses for your network, most of these addresses are owned.

    For access points i like dlink 3200APs, much more powerful then linksys models. They are entry level buisness class WAPs so they dont lock up like the home grade linksys ones.

    By far the easiest solution is to have two networks (or vlans .. but vlans can be complicated if you have not done them before)

    and two access points (or 1 AP if you use a vlan and multi ssid on the dlink APs) plug each ap on the appropiate network.

    I would guess the less secure network has a its own internet connection, or your router has a seperate interface.
    Last edited by bilbus; 03-12-09 at 02:59 AM.

  13. #13
    Regular Member
    Join Date
    Jan 2009
    Posts
    112
    in his example the switch just controls access.

    The AP is what users will connect to, and that is pluged into the switch.

    The vlans on the switch just prevent the office vlan from talking to the public vlan .. and vice versa

Similar Threads

  1. Odd network problem (establishing connections?)
    By nemetroid in forum Networking Forum
    Replies: 5
    Last Post: 12-06-08, 04:23 PM
  2. Belkin N1 Wirless Network Problem!!?
    By dandino in forum Wireless Networks & Routers
    Replies: 5
    Last Post: 12-03-08, 11:39 AM
  3. network problem.. could it be virus attack?
    By maxchock in forum Networking Forum
    Replies: 0
    Last Post: 10-04-08, 04:18 AM
  4. Problem Browsing Network?
    By bbimber in forum Networking Forum
    Replies: 1
    Last Post: 05-12-08, 09:49 PM
  5. problem connecting to network through switch
    By themillerj in forum Networking Forum
    Replies: 2
    Last Post: 12-10-07, 01:03 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •