Re: Changing Corporate subnet address

Hugh Norsworthy <HughNorsworthy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Thank you very much for the comments. I understand and am aware of
everything you mentioned. I'm not concerned about updating
workstation IP's as that is more of a time issue than anything else.


Yep - and it would be a very good time to implement DHCP. Seriously, it's
2007 & I can't see any reason to use statics for workstations....and using
AD-integrated DNS with DHCP running on one/both of your DCs, makes it *far*
more likely that your dynamic DNS updates will work.


But what worries me is DNS. DNS is at the heart of AD and when I
change my IP's all the DNS entires will be wrong.

Have you created any static entries in there? You can modify them. As for
your workstations & servers after changing the subnet, you could run

ipconfig /registerdns


Maybe my thinking is flawed but I believe after changing the subnet I
will start having name resolutions problems.

See above :)



"Lanwench [MVP - Exchange]" wrote:

Hugh Norsworthy <HughNorsworthy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Remote users connect from remote networks (hotel, airports, etc)
that often use the same subnet as my private subnet which causes
conflicting addressing (I don't know the technical terminology for
this).

You've got it. VPN users must not be using the same IP network as the
destination network uses.

I'm not using DHCP so all address are static assigned. DHCP
isn't my problem though,

Well, the *lack* of DHCP may be a problem, as it would be much
easier to change your client workstations on the 192.168.1.0 network
if you didn't have to visit desks. I suggest you implement DHCP now
- since you probably have to visit 50 desks anyway. DHCP is a
godsend and I use it even on tiny networks ...including DHCP
reservations for printers. The only devices that get static IPs are
servers & routers/firewalls/APs.

it's DNS

No, this isn't a DNS issue.

and the effect changing subnet
addresses will have on AD.

It should be fine, but do this after hours/on a weekend. You may
need to have someone in the remote offices make firewall/router
changes if you have no (non-VPN) remote connectivity to them.

I have 2 DCs in the corporate site and at
least 1 DC in each remote site.

On each DC in the corporate side, you'll need to change its IP (and
its DNS/WINS addresses appropriately). If you do use WINS make sure
the push/pull partnership is updated with the correct IPs. You'll
need to change your firewall/VPN policy so that the remote networks
know about the change. You'll need to deal with your workstations
and printers, which is going to be the most time consuming bit.


Thanks for the reply.

"PeterD" wrote:

On Wed, 18 Jul 2007 09:02:09 -0700, Hugh Norsworthy
<HughNorsworthy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Many of our remote users connect to our corporate network from
Hotels, airports, and etc. through our ISA server running Routing
and Remote Access. The problem is our private network uses IP
subnet 192.168.1.XXX which is such a standard now that many
hotels, airline lounges, and hotspots are using the same. The
remote users connect and authenticate fine but cannot reach any
corporate resources such as Exchange server or internal websites.

The only solution I know is to change the local subnet addressing
but I don't know what the effect will be on DNS and Active
Directory. There are approximately 50 nodes on the corporate
network and I should also mention that in addition to the
corporate site I have 3 remote sites, all part of the same Domain
and connected via VPN using Cisco PIX. They are different
subnets.

I would appreciate any advice or suggestions as to how to approach
this.

Q: How are your users connecting to the corporate network?


Thought: Though sometimes 'confusing' changing the subnet can be
relatively easy: create a new scope in the DHCP server, reassign
any static IPs to the new scope and have all users release/renew
their IP addresses. For a larger network, this process may not be
practical, and I'm sure others will have (better) solutions.



.

Relevant Pages

  • Re: A duplicate name has been detected on the TCP network...
    ... Our esteemed network Administrator discovered when joining an XP box to the ... > The DHCP Server is on a different subnet and is an NT DHCP server. ... > are happing in the subnet, and for reasons I am unclear of, workstations ...
    (microsoft.public.win2000.setup_deployment)
  • Re: Changing Corporate subnet address
    ... Maybe my thinking is flawed but I believe after changing the subnet I will ... VPN users must not be using the same IP network as the ... Well, the *lack* of DHCP may be a problem, as it would be much easier to ... no remote connectivity to them. ...
    (microsoft.public.windows.server.dns)
  • Re: Changing Corporate subnet address
    ... often use the same subnet as my private subnet which causes ... VPN users must not be using the same IP network as the ... Well, the *lack* of DHCP may be a problem, as it would be much easier to ... no remote connectivity to them. ...
    (microsoft.public.windows.server.dns)
  • Re: Routing problem, proprietary equipment
    ... Remote users in the 192.168.1.x ... subnet need to access the PC but not the device beyond it. ... >> this piece of equipment to run on its own network subnet so that routing ... Setup a NAT Device between the LAN and this "Device". ...
    (microsoft.public.win2000.networking)
  • Re: Changing Corporate subnet address
    ... and etc. through our ISA server running Routing and Remote Access. ... The problem is our private network uses IP subnet 192.168.1.XXX which is such ... The only solution I know is to change the local subnet addressing but I ...
    (microsoft.public.windows.server.dns)
Loading