Assistance Creating LAN Subnet

[Evil Apple User]

I am attempting to create four subnets from my LAN, but I ran into a snag that I can't seem to figure out what I'm doing wrong.

 

Internet Service Provider: Century Link

Modem: Zyxel C3000Z

 

Router's Gateway IP address: 192.168.0.1

LAN Subnet Mask: /24 (255.255.255.0)

 

The plan was to subdivide my LAN into four subnets (all of the same size). This is the first time I've ever done this, but I believe this is the correct math:

 

New Subnet Mask will be /26 (255.255.255.192)

Block Range is 64 so....

First Subnet: 192.168.0.0/26

Second Subnet: 192.168.0.64/26

Third Subnet: 192.168.0.128/26

Fourth Subnet: 192.168.0.192/26 

 

I went into my routers settings and configured just the second subnet exactly as I have above (I didn't want to do all of them because then I might screw everything up). I connected my computer with the appropriate IP address for the subnet, etc.... and I was in.... kind of.

 

I was able to access the router itself and log into the router to make changes. But that was the extent of my connection.

 

I could not access any other devices on the network (which would make sense I think because I was the only device on the subnet). I could not access the WAN at all. All I could access was my router at 192.168.0.1.

 

It seems like somehow my subnet is able to access the router's gateway address of 192.168.0.1 (when I ping it, that is the only connection that doesn't fail) but it doesn't seem to know to use the router to access the WAN.

 

This is probably one of those topics that is so convoluted that it's difficult to really know what the issue is, but does anyone have any ideas? I've tried everything I can think of the last few hours and can't figure it out. 

 

****

 

(One other thing that may be useless, but my brain is thinking maybe something is wrong with my subnet math because of this. So by default the router's gateway address is 192.168.0.1. In my math, that very first subnet technically INCLUDES the router's gateway address....... which I don't think that would make sense to have the router's gateway address inside of its own subnet. And when I then attempted to build that first subnet of 192.168.0.0/26, my router did indeed give me an error code saying that that subnet was in conflict because an address like that already existed. So I was never able to build the first subnet. 

 

But as far as I can tell the main network to divide into subnets is indeed 192.168.0.0.... so that's what I have to subnet I think......  which means the first subnet I think would have to be what I came up with.....

 

I dunno     )

[Needfuldoer]

1 hour ago, Evil Apple User said:

I am attempting to create four subnets from my LAN

For what reason? What are you trying to accomplish?

 

Did you create a route for each new subnet to get out to the outside world?

[Evil Apple User]

6 hours ago, Needfuldoer said:

For what reason? What are you trying to accomplish?

 

Did you create a route for each new subnet to get out to the outside world?

I am trying to split up my network so it is more secure. The main computers and laptops will be on first subnet; and IoT devices will be on a second subnet. The last two are just splitting it up in case I need it in the future.

 

A Route for each new subnet to get out to the outside world? No, but that does seem to be my problem. I would imagine that is supposed to be a setting in my router (which I don't think it is, so perhaps my router cannot do it...?) 

[Evil Apple User]

7 hours ago, TechlessBro said:

First make sure all devices have the same subnet mask.

Otherwise they don’t know to ask the gateway to forward the packets to the next subnet.

 

so your PC is say on 192.168.0.10 but wants to talk to say 192.168.0.100 well it won’t know to sent that to the router/gateway and will try to send it direct. It won’t make it.

Make sure nothing is on the broadcast IP for each subnet too.

You can use the online calculators to check everything. Even seasoned network professionals use them.

https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=26&cip=192.168.0.1&ctype=ipv4&printit=0&x=112&y=22

 

Thank you for that online calculator - that is a very handy feature! 

[LIGISTX]

20 minutes ago, Evil Apple User said:

I am trying to split up my network so it is more secure. The main computers and laptops will be on first subnet; and IoT devices will be on a second subnet. The last two are just splitting it up in case I need it in the future.

 

A Route for each new subnet to get out to the outside world? No, but that does seem to be my problem. I would imagine that is supposed to be a setting in my router (which I don't think it is, so perhaps my router cannot do it...?) 

Does your router and firewall support vlans, and has a mechanism to block traffic across subnets? Also, your switches and Wifi AP’s will need to be vlan aware in order for this to work as well (unless all wired devices will be on a single subnet, which would remove the need for vlan aware switches, but you would still need vlan aware Wifi AP’s.. or you could use vlan aware switches and multiple non-aware AP’s and just set the vlan each AP sees at the switch). 
 

All of this to say, if you can’t actually put firewall rules in place between the subnets, and you don’t have a way to physically get the different devices on the subnets (vlan aware network hardware), this will not provide any actual security. Subnets can talk to each other unless there is a firewall stopping the communication.