Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Setting up 2nd Home LAN

Go to solution Solved by LIGISTX,
21 minutes ago, kbdavis said:

I am currently building a house and I've moved in with family for the time being. I want to keep our networks separate and I am running into some issues.

 

I have 2 routers. Router 1 (R1), which is what is connected directly to the ISP, is working fine. I am trying to connect R2's WAN to R1's LAN, and here is what I currently have configured:

 

Router 1

Gateway: 192.168.0.1
Subnet: 255.255.255.0

Set up static IP to R2 as: 192.168.0.253

 

---------------------------------

 

Router 2 

image.png.fb8274d35e0d6873a6800a43a593867f.png

image.png.0077388ad3a5f0723ad890649bed765a.png

 

I guess for some reason I thought that on the LAN TCP/IP settings that the IP (which is the 10.0.0.1) should have matched the first image of 192.168.1.1, but when I use this the router resets it to the 10.0.0.1 after I update it.

 

With it being it's own network, I am keeping DHCP active on R2.

 

Can someone tell me what I'm not doing properly here? I've also tried using a subnet of 255.255.255.128 on R2 without much success. I can connect to R2's admin page but it has no internet.

So…. This isn’t really a “preferred” config since you are inducing a double NAT situation in the R2 domain. But if you want to get it working, you should set R2 to use DHCP on the WAN side since it’s getting an IP from R1 (or you can set it static, but it has to reside within R1’s subnet, which you have as 192.168.0.x, but in the screenshot you set it to 192.168.1.1, try 192.168.0.254 (254 is the highest number that can be used in R1’s subnet, likely it hasn’t tried to hand out that IP yet so you won’t try and assign an IP that has already been assigned by R1’s DHCP server)).

 

Back to the issue of double NAT… it’s not the most fun situation. It does work, but it can cause fun problems (not fun problems…). What is the purpose of this? What is the concern your trying to mitigate? The correct way to do this is with multiple subnets and 1 single firewall. But that isn’t something a standard consumer router can do. 

I am currently building a house and I've moved in with family for the time being. I want to keep our networks separate and I am running into some issues.

 

I have 2 routers. Router 1 (R1), which is what is connected directly to the ISP, is working fine. I am trying to connect R2's WAN to R1's LAN, and here is what I currently have configured:

 

Router 1

Gateway: 192.168.0.1
Subnet: 255.255.255.0

Set up static IP to R2 as: 192.168.0.253

 

---------------------------------

 

Router 2 

image.png.fb8274d35e0d6873a6800a43a593867f.png

image.png.0077388ad3a5f0723ad890649bed765a.png

 

I guess for some reason I thought that on the LAN TCP/IP settings that the IP (which is the 10.0.0.1) should have matched the first image of 192.168.1.1, but when I use this the router resets it to the 10.0.0.1 after I update it.

 

With it being it's own network, I am keeping DHCP active on R2.

 

Can someone tell me what I'm not doing properly here? I've also tried using a subnet of 255.255.255.128 on R2 without much success. I can connect to R2's admin page but it has no internet.

Link to post
Share on other sites
21 minutes ago, kbdavis said:

I am currently building a house and I've moved in with family for the time being. I want to keep our networks separate and I am running into some issues.

 

I have 2 routers. Router 1 (R1), which is what is connected directly to the ISP, is working fine. I am trying to connect R2's WAN to R1's LAN, and here is what I currently have configured:

 

Router 1

Gateway: 192.168.0.1
Subnet: 255.255.255.0

Set up static IP to R2 as: 192.168.0.253

 

---------------------------------

 

Router 2 

image.png.fb8274d35e0d6873a6800a43a593867f.png

image.png.0077388ad3a5f0723ad890649bed765a.png

 

I guess for some reason I thought that on the LAN TCP/IP settings that the IP (which is the 10.0.0.1) should have matched the first image of 192.168.1.1, but when I use this the router resets it to the 10.0.0.1 after I update it.

 

With it being it's own network, I am keeping DHCP active on R2.

 

Can someone tell me what I'm not doing properly here? I've also tried using a subnet of 255.255.255.128 on R2 without much success. I can connect to R2's admin page but it has no internet.

So…. This isn’t really a “preferred” config since you are inducing a double NAT situation in the R2 domain. But if you want to get it working, you should set R2 to use DHCP on the WAN side since it’s getting an IP from R1 (or you can set it static, but it has to reside within R1’s subnet, which you have as 192.168.0.x, but in the screenshot you set it to 192.168.1.1, try 192.168.0.254 (254 is the highest number that can be used in R1’s subnet, likely it hasn’t tried to hand out that IP yet so you won’t try and assign an IP that has already been assigned by R1’s DHCP server)).

 

Back to the issue of double NAT… it’s not the most fun situation. It does work, but it can cause fun problems (not fun problems…). What is the purpose of this? What is the concern your trying to mitigate? The correct way to do this is with multiple subnets and 1 single firewall. But that isn’t something a standard consumer router can do. 

Rig: i7 10700k @ 5.1Ghz, 4.8 Ring - - Z490 Vision G - - EVGA RTX 2080 XC Ultra @ 2025Mhz - - 4x8GB Vengeance Pro 3000Mhz 15-17-17-34 @ 3500MHz 16-19-19-38 - - Samsung 950 Pro 512 NVMe Boot + Main Programs - - Samsung 830 Pro 256 RAID 0 Lightroom + Photo work - - WD Blue 1 TB SSD for Games - - Corsair RM850x - - Sound BlasterX EA-5 - - EK Supremacy Evo - - XT45 X-Flow 420 + UT60 280 rads - - EK Full Cover GPU Block - - EK XRES RGB PWM - - Fractal Define S2 - - Acer Predator X34 -- Logitech G502 - - Logitech G710+ - - Logitech Z5500 - - Steel Series QcK XXL

 

Headphones/amp/dac: Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/ Media Server: ESXi 6.5 - - 250 GB SSD for VM's/ESXi boot - - FreeNAS - - HPE Proliant ML10 Gen 9 backbone - - i3 6100 - - 28 GB ECC - - 10x4 TB WD Red RAID Z2 - - 10TB WD Red for expendable data - - Corsair 750D - - Corsair RM650i - - Dell H310 6Gbps SAS HBA - - Intel RES2SC240 SAS Expander

 

White Lightning (original full watercooled build) - Homelab / Media Server - The Blue Beast (my car and other expensive hobby...) - iPhone Xs - 2018 MacBook Air

Link to post
Share on other sites

Thanks for the response. I was just able to get it working with these settings:

 

image.png.9b96163e7bbcc97e8ec99cfaa02d6829.png

image.png.85bf3a86b3c735bc02112e1cf43a5e37.png

 

Guess I needed to keep the gateway the same for R2 as it is for R1, and set R2's WAN IP to the static IP from R1.

 

19 minutes ago, LIGISTX said:

Back to the issue of double NAT… 

Wouldn't each network have control over its own NAT? I suppose if I really needed to I can go LAN to LAN and disable DHCP on R2.

 

The major intent is to use R2's WiFi to keep the family's devices connected to the same SSID and my devices connected to R1's SSID without having to change everyone's devices. The reason I preferred to have separate networks is just simply because I don't want to see all of their devices. Not a huge deal, but if I could make it work then it would be nice.

 

And I know someone out there will say that this is a selfish approach by taking up more WiFi channel real estate from my neighbors - but I've disabled the 5G radio on R2 and the 2.4GHz radio on R1, essentially not taking any more channels than a single dual router would.

Link to post
Share on other sites
4 minutes ago, kbdavis said:

Thanks for the response. I was just able to get it working with these settings:

 

image.png.9b96163e7bbcc97e8ec99cfaa02d6829.png

image.png.85bf3a86b3c735bc02112e1cf43a5e37.png

 

Guess I needed to keep the gateway the same for R2 as it is for R1, and set R2's WAN IP to the static IP from R1.

 

Wouldn't each network have control over its own NAT?

Yup, had to get R2 on an IP that can talk to R1 (.0.x, .0.253 works fine, clearly). 


Yes, things will get internet and it’ll work. But devices will not know they are in a double nat, and UPNP for instance will not work since devices will open a port in R2 but that won’t translate up to R1, and other services won’t/may not work either. Google double NAT, plenty of articles will pop up 🙂

 

But, again, what are you trying to accomplish by this? Can’t offer proper advice without understanding the need. I run a pfsense router with multiple subnets… I understand why folks may want this, but without your specific use case all I can really say is “just don’t do this”. If you have a specific reason to do it, that’s fair, but what is it? Maybe there are other ways to do what your looking to accomplish. 

Rig: i7 10700k @ 5.1Ghz, 4.8 Ring - - Z490 Vision G - - EVGA RTX 2080 XC Ultra @ 2025Mhz - - 4x8GB Vengeance Pro 3000Mhz 15-17-17-34 @ 3500MHz 16-19-19-38 - - Samsung 950 Pro 512 NVMe Boot + Main Programs - - Samsung 830 Pro 256 RAID 0 Lightroom + Photo work - - WD Blue 1 TB SSD for Games - - Corsair RM850x - - Sound BlasterX EA-5 - - EK Supremacy Evo - - XT45 X-Flow 420 + UT60 280 rads - - EK Full Cover GPU Block - - EK XRES RGB PWM - - Fractal Define S2 - - Acer Predator X34 -- Logitech G502 - - Logitech G710+ - - Logitech Z5500 - - Steel Series QcK XXL

 

Headphones/amp/dac: Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/ Media Server: ESXi 6.5 - - 250 GB SSD for VM's/ESXi boot - - FreeNAS - - HPE Proliant ML10 Gen 9 backbone - - i3 6100 - - 28 GB ECC - - 10x4 TB WD Red RAID Z2 - - 10TB WD Red for expendable data - - Corsair 750D - - Corsair RM650i - - Dell H310 6Gbps SAS HBA - - Intel RES2SC240 SAS Expander

 

White Lightning (original full watercooled build) - Homelab / Media Server - The Blue Beast (my car and other expensive hobby...) - iPhone Xs - 2018 MacBook Air

Link to post
Share on other sites
2 minutes ago, LIGISTX said:

But, again, what are you trying to accomplish by this? Can’t offer proper advice without understanding the need. I run a pfsense router with multiple subnets… I understand why folks may want this, but without your specific use case all I can really say is “just don’t do this”. If you have a specific reason to do it, that’s fair, but what is it? Maybe there are other ways to do what your looking to accomplish. 

Sorry I updated my post while you were in the process of responding, so you probably didn't see it.

 

Quote

The major intent is to use R2's WiFi to keep the family's devices connected to the same SSID and my devices connected to R1's SSID without having to change everyone's devices. The reason I preferred to have separate networks is just simply because I don't want to see all of their devices. Not a huge deal, but if I could make it work then it would be nice.

 

And I know someone out there will say that this is a selfish approach by taking up more WiFi channel real estate from my neighbors - but I've disabled the 5G radio on R2 and the 2.4GHz radio on R1, essentially not taking any more channels than a single dual router would.

 

Link to post
Share on other sites
16 minutes ago, kbdavis said:

The major intent is to use R2's WiFi to keep the family's devices connected to the same SSID and my devices connected to R1's SSID without having to change everyone's devices. The reason I preferred to have separate networks is just simply because I don't want to see all of their devices. Not a huge deal, but if I could make it work then it would be nice.

 

And I know someone out there will say that this is a selfish approach by taking up more WiFi channel real estate from my neighbors - but I've disabled the 5G radio on R2 and the 2.4GHz radio on R1, essentially not taking any more channels than a single dual router would.

Ok, understood. While I do think this is a strange and funny use case, to each their own 🙂

 

What I would recommend here is to not set up multiple firewalls which is what you are effectively doing here. Each router has a firewall between WAN and LAN, and that is what causes the double nat situation. If all you want is separate Wifi, you should be able to turn the router into effectively just a wifi AP (access point).

 

To do this, every router is a bit diff, but you will want to put R2 in bridge mode, or DMZ mode, just depends what they call it. This will effectively turn off the firewall and basically just act as a switch. Then you can still set your secondary SSID for things to connect to via wifi, and it all should be happy, think. I have only ever done this with using the same SSID and same subnet. I know enough about networking to be dangerous, but I am no outright expert...

Rig: i7 10700k @ 5.1Ghz, 4.8 Ring - - Z490 Vision G - - EVGA RTX 2080 XC Ultra @ 2025Mhz - - 4x8GB Vengeance Pro 3000Mhz 15-17-17-34 @ 3500MHz 16-19-19-38 - - Samsung 950 Pro 512 NVMe Boot + Main Programs - - Samsung 830 Pro 256 RAID 0 Lightroom + Photo work - - WD Blue 1 TB SSD for Games - - Corsair RM850x - - Sound BlasterX EA-5 - - EK Supremacy Evo - - XT45 X-Flow 420 + UT60 280 rads - - EK Full Cover GPU Block - - EK XRES RGB PWM - - Fractal Define S2 - - Acer Predator X34 -- Logitech G502 - - Logitech G710+ - - Logitech Z5500 - - Steel Series QcK XXL

 

Headphones/amp/dac: Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/ Media Server: ESXi 6.5 - - 250 GB SSD for VM's/ESXi boot - - FreeNAS - - HPE Proliant ML10 Gen 9 backbone - - i3 6100 - - 28 GB ECC - - 10x4 TB WD Red RAID Z2 - - 10TB WD Red for expendable data - - Corsair 750D - - Corsair RM650i - - Dell H310 6Gbps SAS HBA - - Intel RES2SC240 SAS Expander

 

White Lightning (original full watercooled build) - Homelab / Media Server - The Blue Beast (my car and other expensive hobby...) - iPhone Xs - 2018 MacBook Air

Link to post
Share on other sites
13 minutes ago, LIGISTX said:

Ok, understood. While I do think this is a strange and funny use case, to each their own 🙂

Here's a practical example. My wife works from home and does a bit of printing for work. Instead of using the family's injet printer, we brought our home office laser printer that is more economical for a work environment. Windows 10 has the nasty habit of adding printers it doesn't even have the drivers for - simply because it sees it on the network. This was essentially my reasoning to go this way.

 

Again, not a big deal. But if it was avoidable then I figured why not. However if it would cause NAT issues then it's not a big issue to just do a LAN-to-LAN and run a single network, I was just wanting to prevent random devices showing up on everyone's PCs from both sides of household

Link to post
Share on other sites
11 minutes ago, kbdavis said:

Here's a practical example. My wife works from home and does a bit of printing for work. Instead of using the family's injet printer, we brought our home office laser printer that is more economical for a work environment. Windows 10 has the nasty habit of adding printers it doesn't even have the drivers for - simply because it sees it on the network. This was essentially my reasoning to go this way.

If you put R2 on bridge mode, you plug it’s WAN into R1 lan as before, and theoretically you are just creating a new subnet and things should be happy.

 

That said, in this setup, I am not fully sure if all things will be totally happy. They will be more happy then if R2 is not in bridge mode, but I just don’t know quite enough to say beyond that.

Rig: i7 10700k @ 5.1Ghz, 4.8 Ring - - Z490 Vision G - - EVGA RTX 2080 XC Ultra @ 2025Mhz - - 4x8GB Vengeance Pro 3000Mhz 15-17-17-34 @ 3500MHz 16-19-19-38 - - Samsung 950 Pro 512 NVMe Boot + Main Programs - - Samsung 830 Pro 256 RAID 0 Lightroom + Photo work - - WD Blue 1 TB SSD for Games - - Corsair RM850x - - Sound BlasterX EA-5 - - EK Supremacy Evo - - XT45 X-Flow 420 + UT60 280 rads - - EK Full Cover GPU Block - - EK XRES RGB PWM - - Fractal Define S2 - - Acer Predator X34 -- Logitech G502 - - Logitech G710+ - - Logitech Z5500 - - Steel Series QcK XXL

 

Headphones/amp/dac: Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/ Media Server: ESXi 6.5 - - 250 GB SSD for VM's/ESXi boot - - FreeNAS - - HPE Proliant ML10 Gen 9 backbone - - i3 6100 - - 28 GB ECC - - 10x4 TB WD Red RAID Z2 - - 10TB WD Red for expendable data - - Corsair 750D - - Corsair RM650i - - Dell H310 6Gbps SAS HBA - - Intel RES2SC240 SAS Expander

 

White Lightning (original full watercooled build) - Homelab / Media Server - The Blue Beast (my car and other expensive hobby...) - iPhone Xs - 2018 MacBook Air

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Newegg

×