http://www.ISAserver.org ------------------------------------------------------- Interesting... Tom, this all looks good. Personally, I have resorted to adding any new subnets on a 2048 (/21) "possibility", but using /24 to start (i.e. 192.168. 0.X, 4.X, 8.x, etc.). I could easily modify the last octet of the subnet mask on devices to add more IPs as well as easily modifying the DHCP range. This became a reality as I started to provide wireless Internet using captive portal where anyone got an IP address before access - but since the proliferation of iPhones/Pads and 'Droids, I had to move to WEP/WPA/2 just to avoid all those IP addresses quickly disappearing (this happens so easily at a Stadium/Arena, etc.). For Active Directory, don't forget to add the new range in in ADSites and Services, Sites, Subnets. I never thought about question #3, but I assume it will be random. Steve Comeau Associate Director of IT Rutgers Athletics - RAC 83 Rockafeller Road Piscataway, NJ 08854 732-445-7802 732-445-4623 (fax) www.scarletknights.com -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers Sent: Friday, November 16, 2012 12:36 PM To: 'isalist@xxxxxxxxxxxxx' Subject: [isalist] Creating a local multinet/dhcp superscope with TMG 2010 http://www.ISAserver.org ------------------------------------------------------- Ok, I am running out of IP addresses on my local network, so I need to make a change. I have looked at subnetting, but that just breaks up my current 192.168.1/24 network into a number of LANs, but I still have 254 IPs, actually a little less to allow for Network ID and Broadcast IP of each newly created network ID. I have looked at changing the IP scheme to 192.168/16 to give me 64k IPs but I don't need that many, and it looks like a ton of work across the network. I have looked at resubnetting by using 192.168.1/23 giving me 510 hosts with addresses from 192.168.0.1 to 192.168.1.254 (for scope 192.168.0.0), or 256 newly available DHCP addresses. Looks like it's a possibility. But I think I have settled on creating a local multinet using a DHCP superscope, based on this info: http://technet.microsoft.com/en-us/library/dd759168.aspx Our only router is the TMG 2010 box, that gets us out to the Internet. This is also our DHCP server, and DHCP gives out the gateway IP of the TMG box to clients. So if I understand this Multinet/SuperScope correctly, I need to do the following: 1) Add 192.168.2.1/24 to the Physical NIC on the TMG box, as a 2nd IP addr 2) Add 192.168.2.0 to 192.168.2.255 as a new range on in TMG 2010 (Networks - Internal - Addresses) 3) Verify the new logical network is in the Routine Table on TMG 2010 (Networking - Routing) 4) Create a new scope in DHCP of 192.168.2/24 with the same options as the 192.168.1/24 scope 5) Create the superscope with both networks Questions I have are: 1) Am I missing anything in my steps above? 2) I want to keep my servers and printers, etc, which have static IPs, the same (192.168.1/24 addresses). Is this ok? 3) How are the 192.168.2/24 IPs given out? Only when the 192.168.1/24 is fully used up or randomly? 4) Will the 192.168.2/24 systems be able to see the servers and systems on 192.168.1/24 network? (should be able to by routing through TMG 2010?) 5) Do I need to change anything in my DNS, WINS, Active Directory configurations? TMG 2010 DNS is a stub zone, used as a forwarder only, 2 other servers are DNS "masters" 6) Do I need to add or change any rules or system policies in TMG 2010? Anything else? Thx for any help you can give me. -Trogers ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx *** This message contains confidential information and is intended only for the individual named. If you are not the named addressee, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Rutgers University - DIA 83 Rockafeller Road Piscataway, NJ 08854 www.scarletknights.com *** ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx