Recently I decided that for my company I wanted to remove the terrible Remote Desktop system that was in place for home workers and replace it with a VPN.
The problem with this, is our company network was on the 192.168.1.x subnet, which was certainly going to cause problems with routing as most home networks are also on 1.x.
The first thing we did, was temporarily put all of the night staff on to mobile hotpots, and enabled our BCP plan to re route all of our landline calls to the 6 mobiles we have in the office.
The next step was reconfiguring the routers (we have 2, one is a primary and the other a failover) on to the new subnet, with new IP addresses. I felt doing this via serial would be safer. However HSRP also needs configuring via the serial cable. So I fired up PuTTY and configured HSRP as follows on the primary router:
ip address 192.168.200.251 255.255.252.0
standby 1 ip 192.168.200.254
Doing the same to the secondary router got them both connected. Awesome, that’s the internet back.
The next step is getting our switches on to the new IP range, connecting one by one to each switches web interface (they’re Cisco small business switches with no OOB connection), we changed the IP address to the 200.x range, keeping the last octet the same to make things easier for ourselves.
In order to get the night staff back online as soon as possible, I quickly threw my laptop on to the old subnet with static IPs and put our primary DC on the 200.x range, and reconfigured DHCP to hand out 200.x IPs. Now we can flip everyone back to the main network.
Tidy up time!
Now that people can work on the main internet, we need to move everything on static configs over to 200.x. Starting with the Access Points, we configured them individually (we have no controller), to 200.x and then started moving the other servers over, making sure that we can ping them and they can ping each other along the way.
Doing the same with the printers and other peripherals, all that was left was Group Policy references and DHCP reservations.
I did DHCP while having my colleague go through GPO’s and making sure file references were updated. Once that was down, we did a quick run round of all the machines, doing
to make sure that the machines picked up the new links.
One thing we did notice though, is that the shared drives didn’t automatically pick up the new IP address. We had to disconnect the drive and run gpupdate in order for them to map correctly.
Thankfully this was a success overall, and only took us about 5 hours!