11-08-2021 08:35 AM - edited 11-08-2021 10:44 AM
Hi, I have the following scenario:
Internet/ISP-----Modem/Router R1-----Router R2-----PC/Server
|
|
|
Mobiles, NAS, Printer, etc...
Local network of R1: 192.168.2.0/25.
Local network of R2: 192.168.1.0/28.
ISP is providing a public IP address x.x.x.x.
Now, here's what's happening:
And here's what I tried:
Is there anything missing?
Any suggestion is highly appreciated...
11-08-2021 10:31 AM
Hello.
does R1 have a route to the local network (192.168.1.0/30) of R2 ? Can you post the configs of both routers ?
11-08-2021 10:41 AM - edited 11-08-2021 10:46 AM
Yes, R1 has a static route to the local network of R2 (192.168.1.0/28). These are commercial routers, one ADSL/VDSL modem/router and another is the open-source DD-WRT.
11-08-2021 10:52 AM
Hello,
Local network of R1: 192.168.2.0/25.
Local network of R2: 192.168.1.0/28.
What network is the link between R1 and R2 using ?
11-08-2021 11:13 AM
Hello Georg, well yes actually the link in between R1 and R2 is the local network of R1, which is 192.168.2.0/25. R1 is connected to the ISP via a PPPoE connection, R1 and R2 are interconnected via a LAN-to-WAN configuration. DHCP is configured on R1 only.
WAN IP address on R1: x.x.x.x.
LAN IP address on R1:192.168.2.1.
WAN IP address on R2: 192.168.2.2.
LAN IP address on R2: 192.168.1.1.
IP address on PC/Server: 192.168.1.5.
11-08-2021 11:49 AM
Hello,
which one of the two routers is the DD-WRT, and what brand/model is the other router ? I would post a schematic drawing of that topology including IP addresses and connections, because it is kind of hard to understand your setup, and hence, to answer your question...
11-08-2021 12:52 PM
Ok, here's the basic drawing.
11-08-2021 11:17 PM
Hello,
--> Disabling SPI, unchecking Block WAN ping requests, etc... did not solve the issue.
I assume with that you mean the equivalent of:
"Filter anonymous Internet requests."
which is the default on Linksys devices (set under 'Security') ?
"Block Anonymous WAN Requests (ping)" <-- that would be the DD-WRT 'version' I guess ?
Which firmware version are you using for the DD-WRT ?
Also, can you post the output of 'ipconfig /all' from the PC ?
11-09-2021 06:25 AM
Georg, sorry for missing replying on you. Here's the output of the DD-WRT:
And here's the output of ipconfig /all:
11-08-2021 03:19 PM
Hello
@Rolitto wrote:
Now, here's what's happening:
- PC/Server on the local network of R2 can access the Internet and ping other devices on the remote network.
- Devices on the local network of R1 can access the Internet, but cannot ping PC/Server. However, they can ping the local (internal) interface of R2.
And here's what I tried:
Disable the software firewall on pc so to allow icmp echo-reply ?
11-08-2021 06:27 PM
Hi Paul, I previously turned off the firewall on the device, but that didn't solve the issue. And before that, the NAS was on the local network of R2 and I couldn't ping it from outside.
11-09-2021 01:12 AM - edited 11-09-2021 01:13 AM
Hello
@Rolitto wrote:
Hi Paul, I previously turned off the firewall on the device, but that didn't solve the issue. And before that, the NAS was on the local network of R2 and I couldn't ping it from outside.
If R1-R2 are on 192.168.2.0/x subnet then what subnet are the printer and laptop connecting to R1on?
And does rtr 2 have a route to that subnet ?
11-09-2021 04:18 AM
The printer, laptops, NAS, and mobiles are all on network 192.168.2.0/25. The PC/Server is on network 192.168.1.0/28.
As for the 2nd question, I tried assigning a default static route on R2 having the WAN interface (IP address 192.168.2.2) as the gateway and network 0.0.0.0/0.0.0.0 as the remote network/subnet, but I was in doubt that something was either missing or incomplete.
P.S. The NAS was previously on network 192.168.1.0/28 to protect it against malicious activity, but then I had to assign it to network 192.168.2.0/25 so that devices can access it.
11-09-2021 05:52 AM
@Rolitto wrote:
The printer, laptops, NAS, and mobiles are all on network 192.168.2.0/25. The PC/Server is on network 192.168.1.0/28.
LAN IP address on R1:192.168.2.1.
WAN IP address on R2: 192.168.2.2.
Printer, laptops, NAS, and mobiles are all on network 192.168.2.0/25
So if all the above share the same subnet that would indicate the Printer, laptops, NAS are assgined and connected to access ports on R1 related to the R1(lan) R2(wan) interface network.
Now if the above setup is correct then your routing looks okay between r1-r2, otherwise your the problem stems from trying to have two routed interfaces in the same subnet which can be obtained via IRB something I am assuming you dont have enabled?
11-09-2021 06:37 AM - edited 11-09-2021 06:46 AM
Paul, yes the mobiles, laptops, NAS, printer, and the WAN interface of R2 are all attached to the LAN interfaces of R1, hence assigned to the same network: 192.168.2.0/25.
I'm not sure what you exactly mean by routing looks okay between R1 and R2 since devices on R1's LAN cannot access to or ping devices on R2's LAN. However, devices on R2's LAN can access other devices on R1's LAN. At the same time, devices on R1's LAN and devices on R2's LAN can connect smoothly to the Internet as well.
As for IRB, I'm not sure there's any option on the WAN interface setup of R2.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide