#1 How are these two routers connected to each other?

a) WAN to LAN

b) LAN to LAN

#2 Is the second router, setup to use DHCP?

#3 Is the second router's LAN IP, in the same subnet as the primary router?

For example the GT784WNV at 192.168.1.1 at the other router at 192.168.1.2

#4 As need be, please tell the brand and model of the second router.

Let me give a more detailed picture and see if I can answer your questions along the way.

Al the PCs on the home network are plugged into a D-Link gibabit ethernet switch. The Linksys router has a single connection to the switched ethernet segment, and the wireless AP is bridged to the LAN segment (so that wireless devices are on the lan side). Meanwhile, the linksys also provides internet routing/firewall functions by talking to the (old) westel modem over PPPoE on a separate WAN link. The linksys is running DD-WRT firmware for all this.

My office gear is on a separate HP switch. I have an additional Juniper router/firewall that plugs into the HP router on one port, and plugs into the home D-Link switch on another port. The home and office networks are on completely different IP ranges (work network uses work subnet allocation). The juniper between the two networks has an IP address for each network that it is connected to. The devices on the office network have a default route for the juniper, and it has a default route for the linksys. The linksys has a subnet route for my office network that points to the juniper, and a default route for the PPP connection.

With this setup, I can do everything perfectly fine. I can access files and printers on each network from any PC, can access the Internet through the remote router, and so forth. I can even host a COD game on my work computer and the Linksys will handle the NAT mapping and forwarding perfectly.

Alright. Now we got this new GT784WNV device, which was sent to us in an effort to correct a problem with the DSL service (unrelated, that was resolved with infrastructure changes, by moving us to another port on the card at the neighborhood switch). Having the modem in the same box simplifies some things, so even though I dont need it I would like to see if I can make it work.

So I unplugged the linksys and westell, plugged the GT784WNV into the D-Link, gave it the IP address from the old Linksys, and added a route statement for my office network pointing to the juniper. Basically I just replaced the linksys and modem with the verizon box. I am able to ping the GT784WNV from my office PCs, and I can open a TELNET session to the device from that network as well. However I am not able to communicate with any Internet resources; I cannot ping anything or talk to any remote web servers or anything at all.

My observation is that the GT784WNV is not forwarding packets from my office network. My assumption is that this is because it thinks the source IP addresses are not "local" and so the firewall rules in the device are preventing them from being serviced by the NAT module. I am basing this assumption on a couple of things, one is that some other people with other models have run into similar problems and have corrected it by unblocking the NAT module in the firewall rules (no such option in the GT784WNV), also I noticed that the routing table in the GT784WNV does not have options for "local" or "remote" so there is no way to explicitly flag that the office subnet is actually "local" (the routing works because the interface matches the LAN link, not because it knows the destination is "local").

What I am looking for is a way to get at the firewall rules from the TELNET CLI and see if I can study and/or override the NAT restriction. Or, if there are some other alternatives that might solve the issue, that would be good too.

Frankly, after examining some of the other features on this device, I do not believe it is going to be useful anyway. I do some other things with the DD-WRT firmware that I cannot replicate on this router, and so I suspect at this point that it is not going to be a viable replacement anyway. However I am still interested in trying to get over this hurdle, and will take it from there. Otherwise its going in the trash.

.

Ok.

You may or may not like my advise.

#1 I point to and quote from http://www.dslreports.com/forum/r28666153-

---

There are some good reasons to have a modem bridge rather than route. I can't speak for all modems, but generally speaking:

1. Modems don't have much memory compared to a good router, so open a few sessions from the LAN and watch as connections get dropped, or worse, the modem/router just locks.

2. Modems tend to lack features compared to a good router. Things like QoS, DHCP reservation, VPN, uPNP, static routes, etc get left out. You can provide your own router behind the modem, as you did, but this can lead to other complications, such as

3. Double NAT. Most things can be made to work with double NAT, just as it's entirely possible to assemble a jigsaw puzzle while wearing oven mitts. It takes longer and the probability of making a mistake while setting it up or troubleshooting goes up. Simplicity is a good rule to live by when setting up networks.

.

---

#2 As how to get the modem combo not to handle the public IP (bridge mode)

I point to and quote from http://forums.verizon.com/t5/High-Speed-Internet-DSL-and-Dial/Actiontec-GT784WNV-Bridging-support-no...

---

To bridge your router, do the following:

Visit http://192.168.1.1/ . You will be prompted for a username and password. Try the following if you have not changed the password:

admin/password

admin/admin

admin/admin1

admin/password1

admin/verizon

admin/verizon1

Once in the modem, click on "Advanced Setup" in the navigation. In the left hand side navigation, click on "WAN IP Settings." From here, click on the option for RFC 1483 Transparent Bridging and then leave all other settings to their defaults. Click Save.

From here, connect your router and set up your ASUS router for PPPoE with your Verizon username and password.

*NOTE* If your modem does not use PPPoE as the connection type, you will need to have Verizon break the DHCP lease on your connection, and then you will need to connect your ASUS up via DHCP. Alternatively, leaving your modem powered down for two hours will break the DHCP lease so the ASUS can pull a connection.

When bridging, you must disable DHCP in the ActionTec and also shut off other serivces such as Wireless, UPnP and the Firewall. Otherwise, you will have problems.

---

#3 Then setup the Internal Network as you want to.