Cisco Support Community
Community Member

Class C Subnetting

I know this is probably pretty basic for most of you, but I am a bit new to this and in need of assistance. I have a Cisco 2851 Router with a pair of Cisco 3560 Switches connected to it. It is a small LAN with a network address of A customer (big customer) wants me to subnet my network to a /28 network to make it easier for them to configure VPN connection from our network into their system. All IPs are statically asssigned (cannot use DHCP due to an application we use). Is establishing this /28 scheme simply a matter of reassigning IPs and changing the SN Mask to Is it true the that first and last subnets are unusable( - & - Are there any changes I need to make in the Router and/or Switches to facilitate this? By subnetting, will this result in communications between subnets being forced through the router or will communications still be handled at the switch level? Any asssitance is greatly appreciated.

Hall of Fame Super Blue

Re: Class C Subnetting


1) Yes you will need to modify the subnet masks and change the default gateway on each of your machines.

2) You can use first and last subnets. Your 2800 will have ip subnet zero on by default.

3) On the switch you will have to create the extra vlans needed.

On the router you will need to create the extra layer 3 interfaces unless one of your switches could run as a layer 3 switch.

4) Yes communication between subnets will now have to through the router.

An example might help

You have at the moment. You create

... etc

A machine that has an ip address of will now need changing ie.

but it's default gateway will also need changing - this would become (ie use the first available address out of each subnet for the routed interface on the 2811).

This is a lot of work. Could you explain exactly what the customer requirements are as there may be an easier way.

Also could you list what switches you have with what version of software and what interfaces you have available in the 2800.


Community Member

Re: Class C Subnetting

Switches: WS-3560-48PS & WS-3560-24PS

Version: C3560-IPBASE-M, Version 12.2(25)SEB4

Router: Cisco 2851

2 Gigabit Ethernet Interfaces (one unused)

12 Serial Interfaces

1 Terminal Line

3 Channelized T1/PRI Ports

8 Voice FXS Interfaces

1 Cisco Service Engine(s)

Our customer stated that the Internal IP network address of is too wide. I assume he is wanting to setup some sort of access list on his router allowing us to VPN from our network to his system. He asked for the specific static IPs assigned to the users in my network that will be accessing his system.

Hall of Fame Super Blue

Re: Class C Subnetting


You could use one of your 3560's to do the inter-vlan routing which would make more sense than using subinterfaces on your 2800.

However i'm not sure you need to. Surely if the customer just needs a list of static IP addresses that can VPN to his system this does not require you readdress you entire network.

As you don't use DHCP anyway could you not just supply the customer with a list of the PC IP addresses that will need access.

I am struggling to see how the above requirement converts into you having to readdress your network.

Have i misunderstood ?


Community Member

Re: Class C Subnetting


Sorry for delay in response...troublesome afternoon. I too was perplexed as to why they require I subnet my network if I am providing them static IPs. The customer is a major DOD contractor (big big beast of a company) and I think they're just used to bullying little companies like us into doing what they want whether it makes sense or not.

I will inquire with our customer if the static IPs will suffice to meet their needs, and upon receiving their response, post it here. Thanks a ton for your assistance and recommendations thus far...very much appreciated.

Community Member

Re: Class C Subnetting

The fact that you are going to be using a /28 does need to be configured on the router and the switch. It is true that the first and last subnets should not be used. I believe this is debatable but it is very god practice not to use them.

CreatePlease to create content