I intend to deploy VOIP phones, network printers, workstations, and wireless access points. but running low on available IP address.
my current network is192.168.1.0 / subnet 255.255.255.0 (or 192.168.1.0/24). how can i obtain more IPs for this intended purpose? i need communication to exist between all IPs on the LAN.
Extend your LAN to 192.168.1.0/23
So you can use ipadresses from 192.168.0.1 to 192.168.1.254
Thank you for contacting the Sophos Community!
As mentioned by System Administrator, if you want to increase the number of IPs you need to move the Mask, however, if this isn’t a possibility, you can try using VLANs You can configure a VLAN to use 192.168.2.0/24 for example. For the devices to communicate you would need some routing and a switch that supports VLANs.
Try configuring VoIP phones in their own VLAN, and Workstation in their own VLAN and AP in their own VLAN, basically segment your network by devices.
As a recommendation try to stay away from using 192.168.1.0 and 192.168.0.0 subnets in business environments as this can cause you issues in the future if you try to deploy SSL VPN or IPsec tunnels with home users as the subnets mentioned, as used by 99% of the home users.
Addition to Emmanuel post, you can also add the alias interface with different subnet and can create LAN to LAN firewall rule to allow access between them:
Mayur Makvana| Technical Account Manager
If a post solves your question use the 'Verify Answer' button.
do I have to create the alias on the existing LAN interface that is my port1?
Yes, you are correct, so the physical connection would be from LAN Port1 to the same LAN switch.
thank you. And then I create a LAN to LAN firewall rule for communication between the two LANs? which is the source network in this case? is there any need for a LAN to WAN firewall rule?
Yes, you shall require LAN to LAN rule. Either you can keep ANY to ANY or both the network in source and destination.
can I do DHCP for this alias?
As of now, we don't have an option to create the DHCP on alias.
Thanks. I will do static assignments. same IP addressing(gateway and DNs) as with the LAN port 1?
You will have to set the Gateway IP as Alias interface IP and DNS you may set according to your requirement.
i saw this in the article you shared.
Traffic from an alias network has to be masqueraded to reach other internal networks. Otherwise the firewall will drop these packets as "Invalid Packets".
How do I achieve this?