Re: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Aarno Aukia
Yes, altough you could move to 192.168.0.0/23 first, already doubling the number of usable addresses... -Aarno On Fri, Apr 3, 2009 at 13:25, Eugen Leitl eu...@leitl.org wrote: It seems I'll be running out of LAN addresses on the local 192.168.0.0/24soon. Is boosting it as easy as moving to

RE: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Greg Hennessy
; eu...@leitl.org Subject: Re: [pfSense-discussion] extending LAN private network Yes, altough you could move to 192.168.0.0/23http://192.168.0.0/23 first, already doubling the number of usable addresses... -Aarno On Fri, Apr 3, 2009 at 13:25, Eugen Leitl eu...@leitl.orgmailto:eu...@leitl.org

Re: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Eugen Leitl
On Fri, Apr 03, 2009 at 01:52:46PM +0100, Greg Hennessy wrote: What he said :-). Using a /16 is guaranteed to come back and bite you in the posterior I can use 192.168.x.0 with x coding for specific things, like storeys, or admin addresses. at some later stage. Go to a /22

Re: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Eugen Leitl
On Fri, Apr 03, 2009 at 03:48:33PM +0100, Paul Mansfield wrote: use vlans, a managed switch, and use 192.168.x.0/24 for each vlan. for bonus points, use NAC and dynamic vlans to allow only approved devices and put them on the right network. I like this suggestion. Looks like the way to go.

Re: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Chris Buechler
On Fri, Apr 3, 2009 at 3:34 PM, David Rees dree...@gmail.com wrote: On Fri, Apr 3, 2009 at 7:48 AM, Paul Mansfield it-admin-pfse...@taptu.com wrote: use vlans, a managed switch, and use 192.168.x.0/24 for each vlan. for bonus points, use NAC and dynamic vlans to allow only approved devices

Re: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Eugen Leitl
On Fri, Apr 03, 2009 at 12:34:26PM -0700, David Rees wrote: (we do something similar, vlan N is 192.168.N/24. it's bad practise to use vlan1 so we start at 2) I'm fairly new to VLANs - why is it bad practice to use vlan1? Because VLAN ID 1 is the default VLAN? -- Eugen* Leitl a

RE: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Greg Hennessy
To: discussion@pfsense.com Cc: eu...@leitl.org Subject: Re: [pfSense-discussion] extending LAN private network On Fri, Apr 3, 2009 at 7:48 AM, Paul Mansfield it-admin-pfse...@taptu.com wrote: use vlans, a managed switch, and use 192.168.x.0/24 for each vlan. for bonus points, use NAC and dynamic vlans

Re: [pfSense-discussion] extending LAN private network

2009-04-03 Thread Daniele Guazzoni
On Fri, 2009-04-03 at 12:34 -0700, David Rees wrote: I'm fairly new to VLANs - why is it bad practice to use vlan1? -Dave Especially in a Cisco environment VLAN-1 is, beside being the default VLAN, also used by several management protocols like CDP, VTP, VQP, ... Some of them carries network