- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have a setup involving 3 routers and various workstations as follows
Ont Cat5 -> Actiontec wan port. Actiontec subnet 192.168.1
Actiontec lan port -> Netgear wndr3200 wan port (192.168.1.253). Netgear seubnet 192.168.0
Actiontec lan port -> Dlink dir655 wan port (192.168.1.254). Dlink subnet 192.168.3
Have user devices on all 3 subnets and the can all talk to the internet fine. In addition can access the Actiontec admin from any device on the Netgear or Dlink subnets.
Would like to be able to access the Netgear and Dlink subnets from devices on Actiontec subnet. I know this involes building static routes on all the routers and have done this but still can't access so presume either my static routes are incorrect or more likely there is something I have to in the router firewalls. I lean more to the router firewalls as I am guessing they are blocking the inbound traffic.
Anybody have any hints as to how this is done?
Solved! Go to Correct Answer
Correct answers
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You'd generally have a static route pointed to the (WAN) address of the next router in the chain.
Your outside router (Actiontec) would have
static route 192.168.0.0/24 with the nexthop 192.168.1.253.
static route 192.168.3.0/24 with the nexthop 192.168.1.254.
Your Dlink and netgear shouldn't need any static routes needed (since they are, generally speaking, default routing to the wan port). The problem you're running into is that they're also NATing the address.
So when you receive a packet from 192.168.3.2 (connected to the DLINK) on 192.168.1.2 (connected to the ACTIONTEC) the receiving device sees src:192.168.1.254 dst:192.168.1.2 most likely. When you're sending a packet to 192.168.3.2, with a nexthop of 192.168.1.254, that natting part isn't going to work like you expect (it's expecting a packet to 192.168.1.254 with a specific port, which it will then port-forward to 192.168.3.2 on the port you tell it to, whether it's the same port or not, based on port forwarding rules built on the dlink).
Does that help at all? Unless you can turn natting off, you need to be doing port-based stuff with port forwarding, in the setup you're describing, IMO.
--
Paul
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm guessing you have a valid reason for different subnets but I can't guess what that reason is.
I have a similar setup.
ONT Coax > Actiontec coax port Actiontec subnet 192.168.1.1
Actiontec LAN port > Netgear R6100 static IP 192.168.1.155
Actiontec LAN port > DLink DIR-601 static IP 192.168.1.51
I have the Netgear in AP mode and the DHCP server disabled on the DLink.
With this configuration the Actiontec DHCP server assigns IP's to all devices connected to all 3 routers and all devices can access all other devices on any of the 3 routers.
Might my configuration work for you?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@eljefe wrote:I'm guessing you have a valid reason for different subnets but I can't guess what that reason is.
I have a similar setup.
ONT Coax > Actiontec coax port Actiontec subnet 192.168.1.1
Actiontec LAN port > Netgear R6100 static IP 192.168.1.155
Actiontec LAN port > DLink DIR-601 static IP 192.168.1.51
I have the Netgear in AP mode and the DHCP server disabled on the DLink.
With this configuration the Actiontec DHCP server assigns IP's to all devices connected to all 3 routers and all devices can access all other devices on any of the 3 routers.
Might my configuration work for you?
No, I've known how to do that for years.
I specifically have them set up on different subnets to try and get static routing to work, that why I directed the question to people who understand how static routes work. Ostensibly they do work on soho routers otherwise the manufacturers would not make the effort to implement them in the firmware however I have never yet managed to get them to work neither have I ever found anybody who could explain how to get them to work.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You'd generally have a static route pointed to the (WAN) address of the next router in the chain.
Your outside router (Actiontec) would have
static route 192.168.0.0/24 with the nexthop 192.168.1.253.
static route 192.168.3.0/24 with the nexthop 192.168.1.254.
Your Dlink and netgear shouldn't need any static routes needed (since they are, generally speaking, default routing to the wan port). The problem you're running into is that they're also NATing the address.
So when you receive a packet from 192.168.3.2 (connected to the DLINK) on 192.168.1.2 (connected to the ACTIONTEC) the receiving device sees src:192.168.1.254 dst:192.168.1.2 most likely. When you're sending a packet to 192.168.3.2, with a nexthop of 192.168.1.254, that natting part isn't going to work like you expect (it's expecting a packet to 192.168.1.254 with a specific port, which it will then port-forward to 192.168.3.2 on the port you tell it to, whether it's the same port or not, based on port forwarding rules built on the dlink).
Does that help at all? Unless you can turn natting off, you need to be doing port-based stuff with port forwarding, in the setup you're describing, IMO.
--
Paul