Subnet ID

Hello

Asked me to share a public ip address to one of our business partners, while it can allow access to one of its applications through this public server server.

I shared my firewall IP. All my internal network is tapped at one.

Public IP address on my firewall has been x.y.z.173/28.

Now he did it has helped my subnet id. x.y.z.160 that is to say the same thing and I was able to access my internal network server.

My questions?

1 is it allowed the range of my public ip of 161-174?

2. If he asked that my external ip address what it means was x.y.z.173 (as all my internal network patted me this IP). If he would have allowed 173 only even then my connection would have worked since my internal network.

3. Although I am not able to ping subnet id how it transmits traffic. Exactly how traffic flows on the internal network. To the best of my knowledge, it was something where internal ip address is translated to the public on the int of the firewall and then pushed to the router lan and its serial(wan something a.b.c.114/30) and ISP thorugh the lying modem (a.b.c.113/30). Whence the role of x.y.z.160 comes.

I'm a bit confused.

Reg,

Sushil

(1) If your partner has allowed the sous-reseau.160 - your ADDRESS IP will be able to connect. If he allows only 1 IP address, the IP address of your firewall outside interface - you'll be able to connect, anyway that it will work.

(2) If you want someone to access a server in your internal network behind the firewall you have 2 choices: -.

-Need leave based on the TCP/UDP port and use the firewall external IP = Port Forwarding.

-Assign a specific 1-1 external NAT address static IP in your range to specifically allow external to connect users to your server = static NAT 1:1

I want to erase something for you - IP routing is the result of a PHB = base by Hop. Any routing device must have an idea where a source/destination IP address is in relationship with himself. If a routing devices MUST be connected via IP on the device to the delivery, or connected to a device that knows how to get the IP address behind it.

Static/dynamic routing - with both you SHOULD always know the next hop = 1 hop away.

HTH >

Tags: Cisco Security

Similar Questions

  • Why is apple tv (4th Gen) using subnet different comcast

    I need to figure out if there is anything special/different regaurding how ATV (4th Gen) made the resolution DNS when wired to a Comcast cable modem only (no wifi and no router)?  I notice that my ATV selects a different subnet when ATV is set automatically resolve IP and DNS.  Example of my Dell PC Tower and Sony laptop automatically use a subnet of 255.255.255.0, but ATV uses the example below:

    67.166.208.26

    255.255.252.0

    router 67.166.208.1

    ATV works great just need to know why to solve network problems not related to my home office network and at home?

    Hello. You say there is no router, but I guess that the Comcast modem is also a router and DHCP server. Are you using IPv6? You use a static IP address?

  • How to set the subnet range when you create the wireless hotstop in mac

    Hello

    I create a wireless hotstop on my Macbook using the Internet sharing option. But she still attributes the 192.168.2. * subnet. How can I change this range for a * 192.168.100 as a user-defined.

    Thank you!!

    Jeff

    Unfortunately there is no setting in system preferences to change this for a reason any.

    If you really need to do this, you must do so through terminal to modify a specific file in a very specific way.

    NET-connection-sharing http://chariotsolutions.com/blog/post/Configuring-Network-used-by-Mac-OS-x-inter.

  • Not able to deploy images on different subnets

    Hi guys,.

    I'm having a problem of image deployment of T5565 for thin clients on a different subnet.

    The first message that I got, was "the subnet of the device (s) in red color is not the same thing with its device management gateway. You want to send the task anyway".

    I selected Yes, and finally the deployment will timeout with the following error: "job failed. Task become invalid before being sent".

    I am able to update the agents on these thin clients with success, however, and these devices are discoverable.

    Any help will be much appreciated.

    Kind regards

    Remo

    This has been sorted guys. I had tried to deploy the image by using PXE.

    Image without PXE deployment now works fine.

    Kind regards

    Remo

  • send packets to vmware virtual subnet with the NATing

    Interface WiFi of my Mac's on 192.168.0.0 and VMware linux VM's on 192.168.56.0(vmnet8 NAT interface). My WiFi router is a linux (RPI) running RaspberryPi. I'm making pass for traffic and define the static route to the network of comments to my router, so I don't want traffic back to my MAC for the network of comments of masquerade.

    There is also a host only interface, vmnet1, for the virtual subnet that doesn't masquerade traffic, but it does not transmit traffic.

    So, how can I disable the NAT on vmnet8 or forward traffic on vmnet1?

    Concerning

    Satya Gowtham Kudupudi

    You should ask on the forums of VMWare.

  • I can't add/subnet mask 31 255.255.255.254 ISP WAN > static IP setting in VPN Firewall SRX5308

    Hello

    I can't add/subnet mask 31 255.255.255.254 ISP WAN > static IP setting in VPN Firewall SRX5308. When I try to apply it, I get the popup error message like "invalid IP subnet mask. Please enter 0/128/192/224/240/248/252 for octet 4 ". I try to add provider NTU fiber optic internet service in one of the 4 WAN settings. The vendor gave me a 31 block IP and the subnet as 255.255.255.254 mask. It is a limitation in this firewall? I have to ask the provider to give me a 30 block the IP instead? With 30 block IP subnet mask will be 255.255.255.252 who is authorized by this firewall setting. I tried this on another (SnapGear SG560) firewall and it works without any problem. See the screenshots below. Can someone please?

    concerning

    Ridwan

    / 31 would be used in specific scenarios where you * really * need to keep the address space and on links only point to point. To be honest I've never met anyone, or any ISP that uses it. It works on point to point, because, well, there no need to broadcast address because there are only two devices on the link (one on each side of the cable)... IP address ranges would be;. 0-. 1,.2-. 3, etc.

    Most (if not all) Netgear devices will prevent you from setting 31, but you will probably be able to use without problem in all 30 cases, according to the setup of the ISP I do not think that it would cause you problems really. But if you can, I would certainly ask a 30 instead.

  • Can not handle JGS524Ev2 starting from a different subnet

    Is the JGS524Ev2 locked down to only allow web management from local subnet?

    I used the utility ProSafe Plus to search and detect my new switch from a computer with an address of 192.168.1.0/24. It's the same subnet as my DHCP scope, the switch was detected with a DHCP address.

    As soon as I give the switch a static IP address on my management subnet (192.168.3.0/24), the ProSafe utility gave an error about the utility is not not on the same subnet as the switch and now the switch is no longer detected. I can only detect and manage the switch if I'm on the PC which has an IP address on my subnet management.

    Is it normal? Is there a way to disable this feature?

    Finally had the chance to use Wireshark, all connections to the 192.168.1.0 network were being refused.

    I ended up reinstalling the firmware, even if it was the same version and then do a factory reset and everything reconfigure. It is now available.

    Very strange :-/

  • Receive "the IP is in conflict with the WAN IP subnet" when changes of LAN

    Hello

    I have the following features:

    ProSafe FVS336Gv3
    Router R6300v2

    The static IP setting for the LAN on the Prosafe is 192.168.1.1/255.255.255.0
    The static IP setting for the router WAN is 192.168.1.101/255.255.255.0
    The static IP setting for the router's local network is 10.9.8.1/255.255.255.0

    The settings of the router LAN, if I try to disable the DHCP server, I get the message:

    The IP address with the IP WAN subnet conflicts. Please enter a different IP address.

    Any ideas?

    Please notify.

    Have a great day,

    Don

    Eventually be a DNS setting on the WAN port on the router.

  • Unable to connect to storage as "different subnet."

    Have just updated my LenovoEMC device to the latest version of the software (4.1.114.33421) and now get the message

    "Unable to connect to the storage because it is in a different subnet.

    but I can go to the Admin in the usual way, through devices and can change anything, as all the mapped drives as if it worked and all the data is visible?

    Reset the system and all users etc., verified that DHCP is select rather than fixed, tried fixed without result.

    Someone has an answer that works or is a reset?

    Got it finally - works had to install a new version of Storage Manager - Version 1.4.8.33485

    After installation, restart the PC only and ran it Storage Manager - it took forever, but she finally found my nas and created links to explore.

    Can't believe that they a D A M N blip! in my previous post - AR even if you ask me.

  • Don't know my subnet on ReadyNas

    I'm trying to get in touch with my ReadyNas which I have not used for a few years. And now I can't find it with my Raidar and I thing is because I have the wrong subnet and I don't remember with subnet I used.

    With the help of mac and the subnet 'workgroup' does not work.

    What can I do?

    Fredrik

    I did a cover of the OS and after that, I found the SIN.

  • Default subnet mask

    Now I can easily connect USRPs to my PC. But I wonder if I move the USRPs into another room and assign a static Ip address in the pool of the Ministry of the IPs, I can still communicate with them via Ethernet?
    It depends on the device's default subnet mask. Right now, I guess it's 255.255.x.x. But if I assign them an IP address from the pool of my Department of IP addresses, then the address/subnet mask should also be updated. Is this possible?

    Hello cindy,.

    The simple answer to your question is Yes, you can connect to your USRP via Ethernet.  There is more information about this procedure in the Manual of the product for each device.  Take a look at page 6.  The default subnet can be different depending on your device, but the value by defect OR 29erxx series devices to 255.255.255.0.  "" "You can change the IP address of the device using the USRP Configuration Utility, available at the beginning" all programs "National Instruments" NOR-USRP ' Configuration of NOR-USRP

    Utility.  You will first need to connect directly to the device, apply to an IP address that is on the same subnet as your host computer, and then deploy the unit where you need it.

    I don't think there is a way to manually change the subnet and the gateway.  You must use the machine on the same subnet as your host, and the default gateway will be automatically assigned.

    Also, I wanted to point out that, in my experience, connect to a USRP device through a network can affect performance.  The latency introduced by the Ethernet communication decreases the throughput and responsiveness of the device, so depending on your use case, I would not recommend for Ethernet connections unless you have no other options.

  • WiFi AR5007 802. 11 b / g adapter cannot talk about bridge WET11 Wireless on the same subnet

    Hello

    My HP Compaq Presario C700 VISTA laptop (a AR5007 802. 11 b / g WiFi adapter) and the printer are on the same subnet. The laptop is WiFi connected to my WRT54G2 router/switch and the printer is connected to the workgroup switch that connects to the router via the LinkSys WET11 Wireless Bridge.

    The installer works fine for over a year until he was there when my VISTA does not see any PC on the Working Group 3 weeks pass including the printer. However, the WAN access is not affected.

    I did the filming of following problems (in order):

    1. check the network settings on the laptop VISTA (x.x.x.29) and (x.x.x.201) printer and all look kosher.    (All my PC including notebook computer and printer have IP STATIC)

    2. check the router and the parameters of bridge and fines all eyes (router - XXX1, bridge - x.x.x.140).

    3 Ping printer, bridge, and other PC and received messages "Destination Unreachable Host" or "Request timed out". Although all are on the same subnet. Pingée router is OK.

    4 remove and re-add the wireless profile and tried to connect again. Same problem, no joy!

    5 started VISTA in safe MODE with NETWORK. Once again, the problem has persisted but at least eliminated applications as a potential source of problems.

    6. recycled power switch/router/workgroup bridge. No joy!

    7 WiFi connected other laptops to the same router (WRT54G2) and can ping other PC and printer END.    This means that the problem is limited to my VISTA laptop.

    8 given that the problem is on my VISTA and applications are not the source (see #5) of the problem, then probably the AR5007 802.11b.g wireless network card driver is original so I downloaded driver at HP and installed with version 7.3.201.25.  Problem is persistent...  Arhhh!

    Could there be something else that I missed? Can someone please help.

    Thank you

    You are the very welcome, John.

    Yes this driver will work fine on Vista Home Premium.

    According to the notes on the driver, it can just be run without uninstalling the current pilot you have on there now.

    After executing, you can confirm it 'takes' by going into Device Manager, expand network adapters, click the atheros wireless card, click the driver tab and you should see the installed version 2011.

  • How to get the mask of IP subnet by program

    Hi all

    for my application UI (contact control via an external library of LWIP system) would be very useful if the host network map is capable (that is correctly configured) to connect with the desired IP address.

    I have an idea to use GetAllTCPHostAddresses () function - and get host IP interfaces available. But how to get the IP subnet mask appropriate for each interface?

    Any advice will be appreciated!

    Thank you

    George

    Hi, Roberto,

    that all I wanted to thank you is a lot!

    Now I tested it and it is good work.

    See you soon,.

    George

  • Routing to the unauthorized via switch Ethernet HP 1910 169.254.0.0/16 subnet

    Hello

    I have a somewhat unusual situation at a customer site. They have an HP 1910 as a default gateway on their local network Ethernet switch. This is related to a Fortigate Firewall with a regular DSL connection and a WAN link to emote subnets. The question we have is that a new remote site has become active on the Wan. The unusual thing is that they have a 169.254.0.0/16 subnet. Don't ask me why this address range has been used but it is there. (169.254.0.0/16 is a space of address reserved for windows clients that cannot receive an IP via DHCP)

    The client is when they try and access a resource on 169.254.0.0/16 through the switch and on the Wan of the HP 1910 switch removes the packages and will not pass them. I have trioed add static routes on the switch, but it does not transmit packets 169.254.0.0/16. Al, the other traffic is very well. Has anyone ever encountered this weird behavior?

    I think I knew the people. Article 2.7 of the RFC section https://tools.ietf.org/html/rfc3927 which States that to 169.254.0.0/16 packages be sent to layer 3.

    Do not know why some devices transmit these packets, but it seems that best practices is for devices of L3 to drop packets that have 169.254.0.0/16 in their source/destination IP address fields.

  • How to determine if 2 IPs are on the same subnet

    Hi all!

    I have a Client/Server connection over a network, and I wants to determine if they are part of the same subnet.

    The server is installed on one OR cFP-2220, so I can't use all the exec system commands to access network settings.

    My code is so far simply determine if the client and server are both on the local host.

    Please see attachment!

    Concerning

    Paul

    Hello!

    Thanks for the reply.

    After a google search, I think it is the right way to do it: (Ref)

    XOR (B and H) (M & a)

    Thank you to direct me in the right direction!

    Kind regards

    Paul

  • cRIO-9104 .vi running on subnets

    I have a .vi I'm out of my computer with Labview version 8.2 and a cRIO-9104 running an another .vi plugged into an ethernet switch.  My problem is this: when I'm connected to the same switch and am assigned the same IP as my cRIO system, I am able to run the program without any problem.  However, when I try to connect to the same cRIO on a different pattern of ownership intellectual my program spits out an error.  I can ping successfully and deploy the program on the cRIO across different subnets; It's just when I go to run the program on the computer it throws the error.  The error is: code:-1950679022 source: LVVAR_RTSinglePointRead bool.vi.  It is the error in the program on the cRIO.  Thanks in advance for your help.

    After talking to tech support of NOR the solution to this problem is to use sockets of data at the same time with shared variables.  This article: http://digital.ni.com/public.nsf/allkb/474BC0745F63B7378625754D0069ECE8 explains how to do this.

Maybe you are looking for