wan to lan connection help
andrewjs18
Enthusiast - Level 1

Hi folks,

I'm in need of help with getting my wan to lan connection to work correctly.

I set up a test server environment in my LAN and want to segment that traffic away from my normal LAN environment so any changes made within that network will not have any affect on the other machines and devices outside of the testing network.

to do this, I'm using two routers: the one that verizon supplied to me (actiontec MI424WR-GEN3I) for my normal LAN and then a linksys wrt54g flashed with tomato firmware for my test LAN.

I followed this guide.  while it partially works, it doesn't fully work as it should - at least not for me.

here's my LAN subnet and subnet masks;

Normal LAN:

192.168.1.X

255.255.255.0

Test LAN:

192.168.2.X

255.255.255.0

I assigned a static IP on my 1.X subnet for the router: 192.168.1.35.  I also set up a static route from the 1.X network to the 2.X network.

with the set up mentioned in the guide linked above, the 2nd network works, but there's several things I'm unable to do. 

1: I'm unable to ping from my 1.X network to my 2.X network, but I am able to ping from the 2.X network to my 1.X network.

2: when I change the routing mode on my 2.X network from gateway to router, it'll allow me to ping devices on my 2.X network from within the 1.X network, but only devices with a static IP, like the router and my server...I'm unable to ping 2 other devices that are assigned IPs from the DHCP server.  further, when I set the mode from gateway to router, I'm no longer able to reach the internet from within my 2.X network until I switch the routing method back to gateway.  I had thought setting a static route would of fixed this.  from my understanding, the only way to turn off NAT on my 2.X network is to change the routing method from gateway to router.

what am I doing wrong?  I'm guessing it's something silly in the actiontec router that needs to be changed.

here are a few screenshots of my configs from within the actiontec router;

static IP set for my 2nd router:

image



advanced filtering input/output options:

image

image

static route:

image

network objects I had set up to make the filtering easier:

image

0 Likes
1 Solution

Correct answers
Re: wan to lan connection help
jumpin68ny
Master - Level 2

Actiontec has a Public WAN Address.  The LAN Address is 192.168.1.1

This is pretty standard, default information.

In the Actiontec router under advanced à Routing I add 192.168.2.0 192.168.1.200 255.255.255.0

(192.168.1.200 is the IP address of my Linksys Router)

I have a Linksys Router connected on the Internet (WAN) and gave it IP address of 192.168.1.200 255.255.255.0  The LAN is 192.168.2.1  

I changed the operating mode to router

From the 192.168.2.x network I can ping any device on the 192.168.1.x network

From the 192.168.1.x network I can ping any device on the 192.168.2.x network

However I cannot get to the internet from 192.168.2.x and I believe this is where you are at:

Now what I did next was the following in the Actiontec Router go to:

System Monitoring, Advanced Status, Full Status / System wide Monitoring of connections

Click Network (home/office) then settings

At the bottom of that screen is a section called Additional IP Address

I added 192.168.2.1 255.255.255.0 (192.168.2.1 being the IP address of the Linksys IP address)

And now from 192.168.2.x network I can get on the internet and ping the devices on my 192.168.1.x network.  I sent this to you from that network.

Let me know.

Jim

View solution in original post

Re: wan to lan connection help
viafax999
Community Leader
Community Leader

Did you find the answer yet?

I have to believe that the person who wrote the guide that you followed did something else too as building the static routes the way he sys to do it doesn't apparently work - I tried it too as have several other posters here and I cannot get ping responses..

I think that router/gateway setting is something particular to linksys router as I cannot find any such setting on my dlink or netgear routers.  Discussions on the internet about the router settting appear to indicate that it's some sort of bridge mode.

0 Likes
Re: wan to lan connection help
andrewjs18
Enthusiast - Level 1

@viafax999 wrote:

Did you find the answer yet?

I have to believe that the person who wrote the guide that you followed did something else too as building the static routes the way he sys to do it doesn't apparently work - I tried it too as have several other posters here and I cannot get ping responses..

I think that router/gateway setting is something particular to linksys router as I cannot find any such setting on my dlink or netgear routers.  Discussions on the internet about the router settting appear to indicate that it's some sort of bridge mode.


I have not, no.

like I mentioned in my OP, when I change the router mode on my linksys from 'gateway' to 'router', I can ping from my 1.X subnet to my 2.X subnet, but only ping devices with static IPs, like the router and my test server...I've got 2 other clients on the 2.X network that can't be pinged, a test win7 machine and a test winxp virtual machine.

I've considered posting my question on other networking forums to see if anyone else had any suggestions to help get it working.

0 Likes
Re: wan to lan connection help
andrewjs18
Enthusiast - Level 1

I still haven't gotten this to work properly.

anyone else with any suggestions?

0 Likes
Re: wan to lan connection help
viafax999
Community Leader
Community Leader

Did you try posting the question on any other networking forums? as the lack of responses here would seem to bear out both our findings that static routes do not appear to work.

0 Likes
Re: wan to lan connection help
jumpin68ny
Master - Level 2

It's important that the 2.x router is NOT doing NAT.   The 2.x network needs to have a static route to 192.168.1.1

It looks like you have a static route from 1.x to 2.x. which is correct.

 

What device is the 2.x network?

 

 

Re: wan to lan connection help
viafax999
Community Leader
Community Leader

@jumpin68ny wrote:

It's important that the 2.x router is NOT doing NAT.   The 2.x network needs to have a static route to 192.168.1.1

It looks like you have a static route from 1.x to 2.x. which is correct.

 

What device is the 2.x network?

 

 


Why does it matter whether the 2.x router is doing NAT? and how is that done.  Op appears to say he accomplished that on the linksys by changing from gateway to router, a setting I don't appear to have on my wndr3700

I assume the 2.x router needing a static route to 192.168.1.1 is because you've turned off NAT in step 1? else the devices would all know their gateway address?

Op says the 2.x device is a linksys wrt54g flashed with tomato firmware for my test LAN.

0 Likes
Re: wan to lan connection help
jumpin68ny
Master - Level 2

Why does it matter whether the 2.x router is doing NAT?

 

NAT is Network Address Translation. When NAT is enabled on a network, the source IP and MAC assume the router IP and MAC and that info is hidden from anyone not on that network.  If NAT is disabled, then the source will show the MAC of the source and IP of the router.  Traffic will flow and route normally assuming routing tables are correct.  

 

So, if a 2.x device pings a 1.x device, no problem since the 1.x device will see the source be from the router. However If a 1.x device pings a 2.x device, when NAT is enabled,  the destination device is unknown since the 2.x network will not forward traffic to a specific device due to NAT.  The only way around that is to enable a rule to allow that traffic.

Op appears to say he accomplished that on the linksys by changing from gateway to router


Are we certain changing from gateway to router disables NAT?  I don't have a linksys router to confirm but I thought that was an option within the router

I assume the 2.x router needing a static route to 192.168.1.1 is because you've turned off NAT in step 1? else the devices would all know their gateway address?

 


Assuming NAT is turned off, Network 1.x needs to know how to get to 2.x

In a routing table, it will show the local LAN (192.168.1.x) and then will show 0.0.0.0 0.0.0.0 WAN IP Address.  This says we know about our local LAN, any other network traffic send out to WAN (Internet)

.  

Now if Network 1.x doesn't know 2.x exists it will attempt to send it to the Internet.  Since 192.168.2.x is a private network, the packets will be discarded.  So, it's important that the 1.x router knows how to get to 192.168.2.x network.

 

Op says the 2.x device is a linksys wrt54g flashed with tomato firmware for my test LAN.

 

ok

Re: wan to lan connection help
viafax999
Community Leader
Community Leader
OK
I understand the problem for point 1 so guess I'm **bleep** just out of luck as there is no way that I can find to turn NAT off on my Netgear router  I have a couple of old Linksys routers laying around so maybe I'll try changing the setting on one of them from gateway to router and see if that works.  I'm assuming that's what made the OP setup to work as subsequent to that he could ping static addresses.  I would assume that at some point he should be able to ping the dhcp addresses too but possibly would have to enable RIP on the VZ or Linksys router for that to happen?
In your original post you said there would be a need for a static route on the 2.x router pointing to 192.168.1.1  You didn't mention that again on your 2nd post.  Is it in fact needed?
0 Likes
Re: wan to lan connection help
jumpin68ny
Master - Level 2

I would assume that at some point he should be able to ping the dhcp addresses too but possibly would have to enable RIP on the VZ or Linksys router for that to happen?

 

In your original post you said there would be a need for a static route on the 2.x router pointing to 192.168.1.1  You didn't mention that again on your 2nd post.  Is it in fact needed?

 


Assuming NAT is disabled and routing tables are set up properly then yes, the users on both networks should be able to ping devices on both networks.

 

 

By default Network 2.x router will know about the 2.x network since it's a local network.  In a typical linksys switch there will be a default gateway of last resort or what I referred to as 0.0.0.0 0.0.0.0 192.168.1 so the router running 2.x network should NOT need any additional static routes.  One thing for the orignal poster is to confirm that when they set up the Linksys router with a 192.168.1.35 address he needs to configure the default gateway of 192.168.1.1.  Maybe that was not done.  

 

Now, in the VZ Router (1.x network), RIP is not needed but a static route is needed to point 192.168.2.0 255.255.255.0 to 192.168.1.35.  I assume in the OP's example 192.168.1.35 is pointing to the WAN IP address of the Network 2.x router.