1
I have a watchguard with the ip address of 192.168.1.254/24 (DHCP disabled) and all the user will get IP from Window 2008 DHCP Server [192.168.1.2 to 192.168.1.250] /24. Now I need to increase network for new comers.
So, I changed watchguard interface ip to 192.168.1.254/22 and changed subnet on Windows 2008 DHCP Server. Then, deleted the old scope [192.168.1.x] and changed new scope 192.168.0.0/22 so user should grab IP from [192.168.0.2 to 192.168.3.250] and Gateway should be WG IP address 1.254.
The problem now is I can use static IP on 192.168.1.x network computers and I can ping to GW and any PCs in the network. But, If I use static ip address on 1192.168.0.x , 92.168.2.x and 192.168.3.x, I can't even reach to GW which is watchguard interface. Do i need additional router like Cisco to do this job?
And I tried to turn on DHCP [192.168.1.2 to 192.168.3.250] on watchguard XTM 5 series firewall and deactivate Window server's DHCP, but I still can't use static ip address on user computers.
Please advice me on this. Cheers.
Vic
Posted 2016-01-10T07:08:45.330
Reputation: 49
1Possible root causes: routing, DHCP or firewall policy. For routing, can you verify that the Routing table shows the /22 network on the LAN interface? All static host addresses need to use /22 as well. For DHCP, you should exempt the GW's address from the DHCP scope (.1.254) which is now part of the DHCP scope. In policies, check that you define the addresses accordingly as /22. – user1016274 – 2016-01-16T11:47:01.560