BenB
|
| posted on 19/11/13 at 07:44 PM |
|
|
Network issues :(
Okay, here's the problem. At work we have a manually configured network using 10.X.X.X IPs with a 255.255.255.71 subnet mask. I've bought
some fancy heating automation device which insists on having a 192.168.1.222 IP (presumably expecting a standard 255.255.255.0 subnet). If I manually
reconfigure my IP to 192.168.1.x then I can "see" the device and it works fine BUT it kicks me off outlook, our work cloud-based software,
the internet etc etc.
Ideally I want to be able to keep my 10.x.x.x IP whilst being able to use the device demanding a 192.x.x.x IP....
Now I could just have two computers on my desk but it seems a bodge- I'm going to want to control the device once a month max. Or I could have
batch files on my desktop to automate the IP change and accept that when I go to "192.x.x.x" mode I'm going to experience crashes.
Any ideas? I'm thinking I could presumably get another network card and have two LANs on the computer and set mine up as a bridge- but that
seems a bodge also. I can't see why I couldn't get a device which would interface with the device almost like a mini-router (IE it would
"translate" signals to / from the heating device from a 10.x.x.x to a 192.168.x.x IP. Not sure if such a thing exists though.
Any other ideas? Apart from hunting down and beating the person who decided that all networks would be on a 192.X.x.x/255.255.255.0 address?
|
|
|
|
|
garyo
|
| posted on 19/11/13 at 07:55 PM |
|
|
If it's a windows PC then you shouldn't need to have multiple network cards, and depending on the OS can normally find an
'advanced' button inside the TCPIP settings for the adaptor and set up multiple IP addresses, each with their own netmask.
|
|
|
Xtreme Kermit
|
| posted on 19/11/13 at 07:58 PM |
|
|
Isn't there something odd about the 192.168 and the 10. Networks that states they are not routable?
Definitely hunt down the vendor and reprogram them...
|
|
|
britishtrident
|
| posted on 19/11/13 at 08:22 PM |
|
|
192.168 networks are pretty common, more so in my experience so than 10. .
I the device has a web browser http interface you could boot Puppy Linux off a pen drive.
Another easy solution would be plug in a USB Ethernet interface.
[I] “ What use our work, Bennet, if we cannot care for those we love? .”
― From BBC TV/Amazon's Ripper Street.
[/I]
|
|
|
britishtrident
|
| posted on 19/11/13 at 08:28 PM |
|
|
quote:
Originally posted by Xtreme Kermit
Isn't there something odd about the 192.168 and the 10. Networks that states they are not routable?
Definitely hunt down the vendor and reprogram them...
Yes not routable but they can be linked by bridgingng, the bridge can simply be a PC with two network cards.
[I] “ What use our work, Bennet, if we cannot care for those we love? .”
― From BBC TV/Amazon's Ripper Street.
[/I]
|
|
|
r1_pete
|
| posted on 19/11/13 at 08:33 PM |
|
|
192.168.. are private network ranges and cannot be 'published' on the internet, any traffic from such devices is NATd (Network address
Translated) at the internet access point, hence why you cannot connect to the cloud, presumably a pseudo public cloud available over the internet.
Can you connect to the device using 192.168.1.222 similar to the way you would connect to your router to configure it?
|
|
|
scudderfish
|
| posted on 19/11/13 at 08:40 PM |
|
|
You should be able to have more than one IP address on the network card.
|
|
|
mark chandler
|
| posted on 19/11/13 at 09:12 PM |
|
|
That's an odd mask for a private LAN, 255.255.255.71 as you are restricting the number of devices when you will be NAT'ing to the public
side, is there any reason for this?
If not I would just change the mask to 255.255.255.0 on all devices as you have implied that the new device will allow a 10. range with a more
standard mask.
|
|
|
BenB
|
| posted on 19/11/13 at 09:22 PM |
|
|
If only I could change the local IPs. Trouble is they're set by the NHS IT dept who control everything including to the connection to the N3
connection. I think I would get in trouble (understatement of the year) if I changed all the local IPs 
|
|
|
BenB
|
| posted on 19/11/13 at 09:24 PM |
|
|
Never spotted the "alternative configuration" under IP4. Let's hope it allows me to connect to them both at the same time. That
would be nice. Then it's just a question of whether the software will talk to the device via one connection and connect to the device's
internet portal via another. Fingers crossed.
Cheers peeps. Font of all knowledge as per
|
|
|
Brett Jones
|
| posted on 19/11/13 at 09:38 PM |
|
|
What is the make and model of this heating device as I'm sure there is a way to change it the 10.X.X.X range.
http://mnrvtecvortxbuild.blogspot.co.uk/
|
|
|
ashg
|
| posted on 19/11/13 at 09:45 PM |
|
|
from my understanding it will only use the alternate config if it doesn't pick up dhcp. if you cant open out the subnet then the only way is to
reconfig the 10. device
have a read of this http://www.tcpipguide.com/free/t_IPAddressClassABandCNetworkandHostCapacities.htm
chances are if you put your pc into the 192 range as a temporary measure then go to the admin interface on the heating device you will be able to
change the static address to a 10.* address. once that is done you can put your pc back on its normal address and access the heating device on its
new 10 address.
as you are on N3 you will need to raise an rfc ticket telling them the mac and host name of the new device to have a static ip allocated otherwise
there is a high probability it wont work, when I stopped working on N3 about 4 years ago they were just about to go forward with 802.1x which makes
it much more difficult for users like you to add rouge devices to the network, although im not sure if they ever managed it.
Anything With Tits or Wheels Will cost you MONEY!!
Haynes Roadster (Finished)
Exocet (Finished & Sold)
New Project (Started)
|
|
|
jeffw
|
| posted on 19/11/13 at 10:13 PM |
|
|
255.255.255.71 is not a subnet mask so I think you've made a typo there.
Simply change the IP on your PC to the 192,168.x.x subnet and then log on to the interface for the heating device and change the IP address to a
10.x.x.x address, defining the correct default gateway and IP Subnet Mask.
Both of the these ranges (192.168.0.0/16 and 10.0.0.0/8) are part of RFC1918 which defines non-routed private address space, the other range is
172.16.0.0/12
The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
|
|
|
chrism
|
| posted on 19/11/13 at 11:42 PM |
|
|
quote:
Originally posted by garyo
If it's a windows PC then you shouldn't need to have multiple network cards, and depending on the OS can normally find an
'advanced' button inside the TCPIP settings for the adaptor and set up multiple IP addresses, each with their own netmask.
What this guy says is correct, on the general page with the IP settings click on the advanced button and it will let you add another IP address and
subnet for your network card. This only works if your not using DHCP to automatically get an address, if you are using DHCP then you will need to set
your normal address as static and get the IT guys to reserve/exclude it from the DHCP server so you dont get a conflist.
The alternative tab is as others have said only there to configure an manual IP address as a backup if yout PC cant find a DHCP server if its set to
use one.
----------------------------
A little hard work never killed anyone, but why take the risk!
-----------------------------
|
|
|
snakebelly
|
| posted on 20/11/13 at 08:42 AM |
|
|
Its a perfectly valid subnet mask, a strange one granted but perfectly valid, As above, use multiple IP's on the NIC and you'll be good to
go. this is a commonly used setup so that normal users wont have access to the device. Just done an implementation where all the PC's Servers
etc were on a 192.168 range, all infrastructure devices, switches etc were on on the 172.16 range and all the building management systems stuff was on
a 10.10. range.
HTH
quote:
Originally posted by jeffw
255.255.255.71 is not a subnet mask so I think you've made a typo there.
Simply change the IP on your PC to the 192,168.x.x subnet and then log on to the interface for the heating device and change the IP address to a
10.x.x.x address, defining the correct default gateway and IP Subnet Mask.
Both of the these ranges (192.168.0.0/16 and 10.0.0.0/8) are part of RFC1918 which defines non-routed private address space, the other range is
172.16.0.0/12
The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
|
|
|
GreigM
|
| posted on 20/11/13 at 11:01 AM |
|
|
Another option would be to use a virtual machine (vmware, virtualbox, Vitual PC, hyper-v etc) to just boot a "separate" machine,
reconfigure its network details to be on the 10.X range and should work fine.
VM technology these days is very quick and efficient. You can even download "free" images from microsoft direct for whatever flavour of
VM you want to use: http://www.modern.ie/en-us/virtualization-tools#downloads
|
|
|
jeffw
|
| posted on 20/11/13 at 01:31 PM |
|
|
quote:
Originally posted by snakebelly
Its a perfectly valid subnet mask, a strange one granted but perfectly valid, As above, use multiple IP's on the NIC and you'll be good to
go. this is a commonly used setup so that normal users wont have access to the device. Just done an implementation where all the PC's Servers
etc were on a 192.168 range, all infrastructure devices, switches etc were on on the 172.16 range and all the building management systems stuff was on
a 10.10. range.
HTH
quote:
Originally posted by jeffw
255.255.255.71 is not a subnet mask so I think you've made a typo there.
Simply change the IP on your PC to the 192,168.x.x subnet and then log on to the interface for the heating device and change the IP address to a
10.x.x.x address, defining the correct default gateway and IP Subnet Mask.
Both of the these ranges (192.168.0.0/16 and 10.0.0.0/8) are part of RFC1918 which defines non-routed private address space, the other range is
172.16.0.0/12
The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
Seriously? You have me worried now.
255.255.255.71 is not a valid subnet mask
0.0.0.0 /0
128.0.0.0 /1
192.0.0.0 /2
224.0.0.0 /3
240.0.0.0 /4
248.0.0.0 /5
252.0.0.0 /6
254.0.0.0 /7
255.0.0.0 /8
255.128.0.0 /9
255.192.0.0 /10
255.224.0.0 /11
255.240.0.0 /12
255.248.0.0 /13
255.252.0.0 /14
255.254.0.0 /15
255.255.0.0 /16
255.255.128.0 /17
255.255.192.0 /18
255.255.224.0 /19
255.255.240.0 /20
255.255.248.0 /21
255.255.252.0 /22
255.255.254.0 /23
255.255.255.0 /24
255.255.255.128 /25
255.255.255.192 /26
255.255.255.224 /27
255.255.255.240 /28
255.255.255.248 /29
255.255.255.252 /30
255.255.255.254 /31
255.255.255.255 /32
these are the valid subnet masks.
I also find it more than a little odd that you have used potentially enormous subnets (10.10.0.0/16 is 65K addresses as is 172.16.0.0/8) for network
kit. Very strange design.
|
|
|
britishtrident
|
| posted on 20/11/13 at 02:04 PM |
|
|
71 (binary 1000111 ) is valid if illegal it just gives a subnet which is not any use to anybody.
[Edited on 20/11/13 by britishtrident]
[I] “ What use our work, Bennet, if we cannot care for those we love? .”
― From BBC TV/Amazon's Ripper Street.
[/I]
|
|
|
snakebelly
|
| posted on 20/11/13 at 03:11 PM |
|
|
Correct!
And I didn't mean we actually used a 10.10.0.0 I was abbreviating to show that using multiple IP Schemas on a single set of infrastructure is
not unusual.
|
|
|
jeffw
|
| posted on 20/11/13 at 03:29 PM |
|
|
quote:
Originally posted by britishtrident
71 (binary 1000111 ) is valid if illegal it just gives a subnet which is not any use to anybody.
[Edited on 20/11/13 by britishtrident]
You are wrong, it is not a valid subnet as defined by RFC1878. IPv4 does not support 255.255.255.71 as a subnet.
|
|
|
BenB
|
| posted on 20/11/13 at 05:52 PM |
|
|
Update. I was talking nutsack as per usual- the subnet mask was 255.255.255.192. Not sure where I got .71 from (well actually I do it was the last
digit of the 10.x.x.71 IP address and I was remembering them all of the top of my head). Makes more sense doesn't it (I've done a little
reading on IP subnets since last night). The good news is that I can now connect to the Max! eq-3 heating device and our network at the same time by
configuring an alternative IP address in the network connections. The network device still can't see the internet as that's via the
10.x.x.71 IP connection but I don't really need to connect (and it's probably just as well it can't talk to computers on the net!).
Happy bunny
Now if only I could get my thermostat to work. I've set it to 20 degrees but it seems to be turning my room into a sauna
thanks to everyone and sorry for talking borrocks re the 71
|
|
|
jeffw
|
| posted on 20/11/13 at 05:59 PM |
|
|
Your subnet now makes perfect sense. I would suggest getting admin access to the heater and set a static address on there which is in your main IP
allocation. You can then remove the additional IP from your PC and manage the device.
[Edited on 20/11/13 by jeffw]
|
|
|
stevebubs
|
| posted on 20/11/13 at 06:32 PM |
|
|
quote:
Originally posted by jeffw
Your subnet now makes perfect sense. I would suggest getting admin access to the heater and set a static address on there which is in your main IP
allocation. You can then remove the additional IP from your PC and manage the device.
[Edited on 20/11/13 by jeffw]
In normal managed services terms, that means ££ on the managed service bill. So long as the switch ports aren't tied down and monitored,
I'd just leave it as it is otherwise the surgery's IT costs will rise with no real benefit...
|
|
|
jeffw
|
| posted on 20/11/13 at 06:52 PM |
|
|
OK....I do number of bits and pieces for Hospices around network/security as well as working for several Investment Banks on IT security so you can IM
me if you have any questions.
|
|
|
