Out network is 192.168.x.x with a mask of 255.255.0.0. I created another vlan. But when I try to assign an IP to this vlan, err report said it overlaps vlan1. Is it not possible to have multiple vlans with only 1 subnet?
Doesn't make any sense just leave it as one subnet or you have to break up your addressing scheme with vlsm into smaller subnets for the different vlans. There really is no good reason to have a subnet space that big anyway. I would just break it down into /24's if that subnet size meets your requirements. The way it is now the range it is 192.168.0 - 192.168.255.0 which is all is all in the same subnet thus the router will not let you duplicate anything in that range on 2 different interfaces so thus the reason for breaking it down into smaller chunks.
Required: we are installing wireless, internet access for patients and their families. We want to keep all that traffic away from our network yet still use
Glen: This subnet range just kind of happened. When we first when to client/server for our hospital HCIS, the Data General (remember them?) set us up with private class C. However, a few years later things just ballooned and now we're up to around 300 nodes. Hence, changing mast to 16.
You can have multiple vlans per subnet but you will only be able to address one interface for that vlan on the same L3 device.
As Glen suggested you may be better off looking to break down your addressing. If you have 300 hosts you could change the subnet mask to
192.168.0.0/17 which will still allow the 300 nodes to be in the same subnet but you can then use some of the remaining 192.168.0.0/16 address range.
Of course depending on how many of the nodes have DHCP addressing vs static addressing this may not be practical.
Alternatively just use another address range that isn't part of 192.168.0.0/16 and do inter-vlan routing on your L3 device.
However with more details there may be a better solution.
We faced a similar situation with our HCIS system. With a non-segmented network carrying traffic for around 100 or more hosts when I started.
I recommend making a few VLANs, depending on your situation. We kept our HCIS system on its own VLAN but moved most of the clients to their own based on geographic location. Also we kept our PACS VLAN seperate as well. With Inter-VLAN routing configured on your core switch you can route between them, or not depending on configuration. We plan to segment with a seperate VLAN for guest Wi-Fi but to ensure security of it we will likely implement a WCS controller to ensure it stays segmented properly.
Anyway, good luck.
One of the most basic rules of IP addressing is that each network (broadcast domain) must have a unique NETID. Since each vlan is a separate network (broadcast domain) each vlan must have a unique NETID.
Simply put all the wireless internet access for patients and their families in one vlan and the other traffic in separate vlan(s), then use ACLs on the router to prevent hosts in one vlan from accessing the other vlan.
Thanks, guys. You've all been a big help and rated each very helpful. I have a few months before "go-live" on the w/less so I'll be able to do some testing before rolling out a solution.