Any static routing experts here?
viafax
Contributor - Level 1

Have a setup involving 3 routers and various workstations as follows

Ont Cat5 -> Actiontec wan port.  Actiontec subnet 192.168.1

Actiontec lan port -> Netgear wndr3200 wan port (192.168.1.253).  Netgear seubnet 192.168.0

Actiontec lan port -> Dlink dir655             wan port (192.168.1.254). Dlink subnet 192.168.3

Have user devices on all 3 subnets and the can all talk to the internet fine.  In addition can access the Actiontec admin from any device on the Netgear or Dlink subnets.

Would like to be able to access the Netgear and Dlink subnets from devices on Actiontec subnet.  I know this involes building static routes on all the routers and have done this but still can't access so presume either my static routes are incorrect or more likely there is something I have to in the router firewalls.  I lean more to the router firewalls as I am guessing they are blocking the inbound traffic.

Anybody have any hints as to how this is done?

0 Likes
1 Solution

Correct answers
Re: Any static routing experts here?
bensel3
Enthusiast - Level 3

You'd generally have a static route pointed to the (WAN) address of the next router in the chain.

Your outside router (Actiontec) would have

static route 192.168.0.0/24 with the nexthop 192.168.1.253.

static route 192.168.3.0/24 with the nexthop 192.168.1.254.

Your Dlink and netgear shouldn't need any static routes needed (since they are, generally speaking, default routing to the wan port). The problem you're running into is that they're also NATing the address.

So when you receive a packet from 192.168.3.2 (connected to the DLINK) on 192.168.1.2 (connected to the ACTIONTEC) the receiving device sees src:192.168.1.254 dst:192.168.1.2 most likely. When you're sending a packet to 192.168.3.2, with a nexthop of 192.168.1.254, that natting part isn't going to work like you expect (it's expecting a packet to 192.168.1.254 with a specific port, which it will then port-forward to 192.168.3.2 on the port you tell it to, whether it's the same port or not, based on port forwarding rules built on the dlink).

Does that help at all? Unless you can turn natting off, you need to be doing port-based stuff with port forwarding, in the setup you're describing, IMO.

--

Paul

View solution in original post

0 Likes
Re: Any static routing experts here?
eljefe2
Master - Level 1

I'm guessing you have a valid reason for different subnets but I can't guess what that reason is.

I have a similar setup.

ONT Coax > Actiontec coax port Actiontec subnet 192.168.1.1

Actiontec LAN port > Netgear R6100 static IP 192.168.1.155

Actiontec LAN port > DLink DIR-601 static IP 192.168.1.51

I have the Netgear in AP mode and the DHCP server disabled on the DLink. 

With this configuration the Actiontec DHCP server assigns IP's to all devices connected to all 3 routers and all devices can access all other devices on any of the 3 routers.

Might my configuration work for you?

0 Likes
Re: Any static routing experts here?
viafax
Contributor - Level 1

@eljefe wrote:

I'm guessing you have a valid reason for different subnets but I can't guess what that reason is.

I have a similar setup.

ONT Coax > Actiontec coax port Actiontec subnet 192.168.1.1

Actiontec LAN port > Netgear R6100 static IP 192.168.1.155

Actiontec LAN port > DLink DIR-601 static IP 192.168.1.51

I have the Netgear in AP mode and the DHCP server disabled on the DLink. 

With this configuration the Actiontec DHCP server assigns IP's to all devices connected to all 3 routers and all devices can access all other devices on any of the 3 routers.

Might my configuration work for you?


No, I've known how to do that for years.

I specifically have them set up on different subnets to try and get static routing to work, that why I directed the question to people who understand how static routes work. Ostensibly they do work on soho routers otherwise the manufacturers would not make the effort to implement them in the firmware however I have never yet managed to get them to work neither have I ever found anybody who could explain how to get them to work.

0 Likes
Re: Any static routing experts here?
bensel3
Enthusiast - Level 3

You'd generally have a static route pointed to the (WAN) address of the next router in the chain.

Your outside router (Actiontec) would have

static route 192.168.0.0/24 with the nexthop 192.168.1.253.

static route 192.168.3.0/24 with the nexthop 192.168.1.254.

Your Dlink and netgear shouldn't need any static routes needed (since they are, generally speaking, default routing to the wan port). The problem you're running into is that they're also NATing the address.

So when you receive a packet from 192.168.3.2 (connected to the DLINK) on 192.168.1.2 (connected to the ACTIONTEC) the receiving device sees src:192.168.1.254 dst:192.168.1.2 most likely. When you're sending a packet to 192.168.3.2, with a nexthop of 192.168.1.254, that natting part isn't going to work like you expect (it's expecting a packet to 192.168.1.254 with a specific port, which it will then port-forward to 192.168.3.2 on the port you tell it to, whether it's the same port or not, based on port forwarding rules built on the dlink).

Does that help at all? Unless you can turn natting off, you need to be doing port-based stuff with port forwarding, in the setup you're describing, IMO.

--

Paul

0 Likes