Topic: Multiple ip ranges

[dwater]

I shy away from dhcp, mainly because it adds a failure point, and with windbloz computers who needs another? I like static!

I take your point, though I like it because it moves the failure point from me to the computer

Max.

[CharlieBrady]

I have an sme box and I want to enable multiple ip ranges on the lan side, i.e. 192.168.0.x, 192.168.1.x, 192.168.2.x .

Why do you want multiple ip addresses? Why not one larger network, which includes all the addresses you list (IOW, just change the netmask you configure)?

[thedude]

Because the box is going to handle a T1 connection, split among several different offices. We don't want the offices on the same network, mainly to keep people from snooping.

[cc_skavenger]

Would it not be easier to isolate each office with a hardware router.  Even with different subnets on the same physical network, people can still snoop with ethereal or other software sniffers.  I do it all the time to check our networks.  

HTH

[CharlieBrady]

We don't want the offices on the same network, mainly to keep people from snooping.

You'll need a router then. Period.

[thedude]

You'll need a router then. Period.

We have a cisco router (not firewall). We want to control the firewall, and not have individual firewall/routers for each office. It used to be that way and there were problems with offices running without firewalls, etc. It brought the whole network down several times. This way if someone screws up, I can track who did what. I can just delete their network from the interface and be done with them.

There are also other things on the network that need this setup.

Would it not be easier to isolate each office with a hardware router. Even with different subnets on the same physical network, people can still snoop with ethereal or other software sniffers. I do it all the time to check our networks.

We don't want multiple routers, and none of these users would have a clue what a packet sniffer is, or how to snoop.