English Deutsch Français Italiano Español Português 繁體中文 Bahasa Indonesia Tiếng Việt ภาษาไทย
All categories

Could I just use this address as the public one, and my organization use private ones but still connect to the internet and allow for vpn?
I need 10 networks with 10 hosts per network.
How would this work could I go
IT department 192.168.1.1-10 etc etc
Marketing 192.168.2.1-10? etc etc

2007-03-21 13:41:11 · 3 answers · asked by Anonymous in Computers & Internet Computer Networking

would these departments be in their own network and what subnet mask would i use?

2007-03-21 13:42:06 · update #1

3 answers

The answer to your question is Yes. You can use one puchased public IP address, and still do NAT (Network Address Translation) for your internal network.

You have to either have a router or firewall to do this. It can be a hardware firewall, or a PC with two NIC cards and a software firewall. Most companies do this exact thing to keep their internal networks seperated from the Internet.

You can also use a DHCP server for your inside network to assign IP addresses to most of your computers. (Some servers might require a static IP address).

You can use a VPN with this setup. I've setup several small businesses who do this exact thing including the VPN. For a small business you can look at watchguard firewalls (which also have the ability to do a VPN).

2007-03-21 13:56:03 · answer #1 · answered by QA Wizard 3 · 0 0

First, the 192 set is private, it can't be purchased. But, assuming you purchase a static IP address from your provider, then yes, you can make this work.
You give the static IP address to the WAN side of the router that is connected to the internet. The simplest would be to then connect 10 routers to this "public" router, one for each of your subnets. The LAN side of your public router could have an address of 192.168.1.1, (all subnets 255.255.0.0). Each of the other 10 routers would have the interface connecting to the public router with a 192.168.1.xxx address (2-11, for example). The interface connecting to the workstations would have IP addresses of 192.168.2-11.1. This would give you 11 subnets (10 for your network, and 1 for connectivity, which could later be used for a DMZ).

You could tighten up your subnet, but doing it this way gives you plenty of room for expansion (another 200+ subnets, each with 200+ more computers) without ever changing your IP or routing scheme. You could also use a VLAN, which would be faster, but more complex.

With the static IP address on the WAN side of the router, you can set up VPN at will.

2007-03-22 12:39:53 · answer #2 · answered by antirion 5 · 0 0

As per my limited knowledge about IP addresses, 192.168.x.x is a private IP address which you cannot buy.
If you want vpn for your environment, try to use hamachi software or setup a vpn using windows 2003 server or better yet try using linux, it works.

2007-03-21 20:51:45 · answer #3 · answered by ronaldtuibeo 1 · 0 0

fedest.com, questions and answers