Tell me more x
, there is a new speed test available. Give it a try, leave feedback!
dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer

Search Topic:
uniqs
776
share rss forum feed

connor79

join:2011-11-02

[General] Split tunnel question about subnets

Not sure if this is the best place, but I just bought a Cisco UC540 PBX and have it set up in my office. The default IP settings are for data 192.168.10.1 for the router, 255.255.255.0 for subnet mask, and then 10.1.10.1 I believe for voice and 255.255.255.0 for subnet mask.

I'm trying to set up VPN access which will be used to allow people at home to VPN in and use the Cisco IP Communicator on the 10.1.10.1 IP address, but I want to enable split tunneling.

When I do that, it makes me select the subnet that I want to isolate as VPN traffic from a drop down and has tons of options. I was going to put 255.255.255.0 since that's what it is, but then I started thinking that that's the default for most home routers.

So I'm just wondering, should I be changing the office subnet mask to something else like 255.255.254.0? So that I can enable that one as the isolated subnet mask for split tunneling? Or am I missing the concept of how this works? Basically want internet and local LAN traffic to use their own connection with only VPN traffic to use the VPN.


Wily_One
Premium
join:2002-11-24
San Jose, CA
kudos:1
The subnet mask indicates the size of the subnet. Sizing subnets depends on your needs - how many hosts do you need to support? If it's 254 or less, than a /24 mask is fine.

connor79

join:2011-11-02
I didn't realize that above the subnet mask that it wanted to isolate it actually wanted the IP addresses, so I put the 10.1.1.1 in there and left it on subnet 255.255.255.0 and that seems to work.


Wily_One
Premium
join:2002-11-24
San Jose, CA
kudos:1
The subnet is not 255.255.255.0 - that is the subnet mask. If your address is 10.1.1.x, then with that mask your subnet is 10.1.1.0/24.

HELLFIRE
Premium
join:2009-11-25
kudos:20
reply to connor79
Unless you know your networking and subnets and subnet masks, setting up a 255.255.255.0 (aka /24) is sufficient.

Corollary to this is "unless you know what you're doing, do NOT change the length of the mask between hosts on the
same subnet.

Regards