Incorrect subnet mask value

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)


You have specified an incorrect subnet mask value.

Standard IP address classes are restricted to default formats. For example, in Class B addresses, the first 2 bytes represent the network ID, and the last 2 bytes are used for host IDs. Subnet addressing extends this range by taking bits from the host part of the IP address, to divide the network into subnets.

A subnet mask is a 32-bit number that allows you to specify which bits in the base IP address identify the fixed network ID (set to 1) and which identify the variable host IDs (set to 0).


Define the subnet mask by one of the following methods:

  • In Network mask, specify the mask in a 32-bit format.

  • In Network address, in the dialog box next to the IP address, type the network prefix length in shorthand notation to indicate the number of bits in the subnet mask–the number of high-order (starting at the left end of the mask) bits set to 1. When you enter a value, the mask will display automatically in Network mask.


Example 1

You have a Class B address of with a default subnet mask of, and you want to allocate 8 host bits for subnets. To do this, you would specify the mask (11111111 11111111 11111111 00000000). By using 8 host bits for subnetting, you obtain 256 (that is, 28) subnet network IDs, supporting as many as 254 hosts per subnet. The number of hosts per subnet is 254 because 8 bits (28 minus 2) are reserved for the host ID. You subtract 2 because subnetting rules exclude the host IDs consisting of all ones or all zeros.

Example 2

You have a Class B address of with a default subnet mask of, and anticipate needing only 32 subnets rather than 256. To do this, you would specify the mask (11111111 11111111 11111000 00000000). In this scenario, each of the 32 subnets can support as many as 2,046 hosts (211 minus 2).

Example 3

To allocate 8 host bits for subnets in shorthand notation, set Network address to, indicating that 24 high-order bits will be set to 1 for the subnet mask, and leaving 8 bits (set to 0) for the host IDs.