LAN TO WAN - ISSUE

[MaxiMax07]

Hi,

 

It used to be a LAN-LAN and it was working great but I decided to switch to LAN-WAN so I can isolate myself from the neighboor. We are sharing the internet bill.

So far I'm stuck with the second router having access to internet (I can ping google and facebook from the router 2 gateway) however the computers connected on lan and wifi of the router 2 can't access the internet.
I guess the issue is some kind of firewall or the DHCP configuration?

I disabled the NAT and SPI firewall on router 2 and it's still not working.

My DHCP setting from router 1 are: 192.168.0.100 to 192.168.0.199 with a gateway 192.168.0.1. and DNS 8.8.8.8 and 8.8.4.4

My DHCP setting from router 2 are: 192.168.1.100 to 192.168.1.199 with gateway 192.168.1.1 and DNS 192.168.0.1 now 8.8.8.8 and 8.8.4.4

 

 

Thanks for the help guys

 

[jared404]

Change the DNS for router 2 to 8.8.8.8 and 8.8.4.4. Reboot and watch it magically start working

[Just.Oblivious]

So you're essentially running a NAT-router behind another NAT-router? That's not ideal.

 

If you're in control of the main router I suggest setting up two isolated and firewalled subnets for you and your neighbor.

[Oshino Shinobu]

DNS on the second router is on a different local subnet, so it can't access it. Have you tried just setting it to Google's DNS as well? (8.8.8.8, 8.8.4.4)

[Oshino Shinobu]

Just now, Just.Oblivious said:

So you're essentially running a NAT-router behind another NAT-router? That's not ideal.

 

If you're in control of the main router I suggest setting up two isolated and firewalled subnets for you and your neighbor.

Second router has NAT disabled, though still, running two routers is basically never ideal. 

 

A single NAT router and VLANs would work better if wanting to simply separate the network. It could really be done with a single switch. 

[MaxiMax07]

I tried to switch the second router dns to google's and it's sill not working.

Yeah if you guys have a cleaner solution I'm open! I tried something with the little knowledge I have

[jared404]

1 minute ago, MaxiMax07 said:

I tried to switch the second router dns to google's and it's sill not working.

Yeah if you guys have a cleaner solution I'm open! I tried something with the little knowledge I have

Refresh your browsers a few times sometimes it takes a while for the clients to change dns servers

[jared404]

1 minute ago, MaxiMax07 said:

I tried to switch the second router dns to google's and it's sill not working.

Yeah if you guys have a cleaner solution I'm open! I tried something with the little knowledge I have

You might want to delete the wireless connection and re-add it. If it is wired unplug and replug

[Oshino Shinobu]

4 minutes ago, MaxiMax07 said:

I tried to switch the second router dns to google's and it's sill not working.

Yeah if you guys have a cleaner solution I'm open! I tried something with the little knowledge I have

Best solution IMO is to get a managed switch, then assign one port to one network and the other to the other network and set them to different VLANs. Connect the switch to a single router and you should be good to go. That way, you should be able to have access to the internet on both networks but the separate VLANs can't talk to each other. If you set it up that way and consider the switch with VLANs configured to be the last point of the network, you can expand both networks without changing anything else. 

 

You may need to set the router to be on both VLANs, or have two connections to the router, one for VLAN 1 and the other for VLAN 2. 

[MaxiMax07]

2 minutes ago, crashahotrod said:

You might want to delete the wireless connection and re-add it. If it is wired unplug and replug

I restarted the computer and it didn't work  Also I tried to ping the router 1 or 8.8.8.8 and it doesn't work from the computer but it work from the router 2

[MaxiMax07]

1 minute ago, Oshino Shinobu said:

Best solution IMO is to get a managed switch, then assign one port to one network and the other to the other network and set them to different VLANs. Connect the switch to a single router and you should be good to go. That way, you should be able to have access to the internet on both networks but the separate VLANs can't talk to each other. 

 

You may need to set the router to be on both VLANs, or have two connections to the router, one for VLAN 1 and the other for VLAN 2. 

The thing is that I also have a modem on bridge mode PPPoE. If i split this cable in two, I would have two PPPoE connection on my dsl network and it would be also a mess I guess?

[Oshino Shinobu]

1 minute ago, MaxiMax07 said:

The thing is that I also have a modem on bridge mode PPPoE. If i split this cable in two, I would have two PPPoE connection on my dsl network and it would be also a mess I guess?

You don't need to do that. Modem goes to router, router performs NAT, router goes to VLAN switch, then everything else. Only one cable will come from the modem, which will have to go to the router to perform NAT. 

 

As you only have one internet connection, you have to split the network locally, VLANs is the best way to do that really. If you use the router as the DHCP server, you'll have to share an address space, but you could setup a DHCP server for both VLANs to separate them by IP address too. You'd still need them to be on the same subnet as the router in order to have internet access though. 

[MaxiMax07]

1 minute ago, Oshino Shinobu said:

You don't need to do that. Modem goes to router, router performs NAT, router goes to VLAN switch, then everything else. Only one cable will come from the modem, which will have to go to the router to perform NAT. 

Now I have modem to router 1, router 1 to router 2.

I don't get what adding the VLAN switch after router 1 will do. modem to router 1, router 1 to vlan, vlan to router 2.

I could just skip the vlan right?

[Oshino Shinobu]

2 minutes ago, MaxiMax07 said:

Now I have modem to router 1, router 1 to router 2.

I don't get what adding the VLAN switch after router 1 will do. modem to router 1, router 1 to vlan, vlan to router 2.

I could just skip the vlan right?

If you're wanting to split the network in two, VLANs is how you do it. It's literally designed to create multiple virtual local networks using a single WAN connection. The modem and router server both local networks. The VLAN switch is where you split into two separate local networks and where the networks converge to access the internet. It's all technically in the same network (it will have to be, you only have one internet connection), but it's separated virtually to act as two different networks. 

 

I'm a little confused as to why you're using two routers, you only need one to perform NAT, having two trying to do it causes issues. 

[bcguru9384]

3 minutes ago, MaxiMax07 said:

The thing is that I also have a modem on bridge mode PPPoE. If i split this cable in two, I would have two PPPoE connection on my dsl network and it would be also a mess I guess?

what are the router models?

try this portforward 192.168.1.*:1-65535 to 192.168.0.1:1-65535

repeat this on router 1 but change the from and to(they switch spots)

 

[MaxiMax07]

Just now, Oshino Shinobu said:

If you're wanting to split the network in two, VLANs is how you do it. It's literally designed to create multiple virtual local networks using a single WAN connection. 

 

I'm a little confused as to why you're using two routers, you only need one to perform NAT, having two trying to do it causes issues. 

I'm using router 2 to isolate the neighboor. He'll use this one. I disabled the NAT on it so only the router 1 who provides the internet directly from the modem will have the NAT enabled.
It's just so we don't cross our chromecasts.

[MaxiMax07]

1 minute ago, bcguru9384 said:

what are the router models?

try this portforward 192.168.1.*:1-65535 to 192.168.0.1:1-65535

repeat this on router 1 but change the from and to(they switch spots)

 

TP-WR1043N V5 as router 1 and WDR4300 V1 as router 1.

I'll try what you said now

[bcguru9384]

1 minute ago, MaxiMax07 said:

I'm using router 2 to isolate the neighboor. He'll use this one. I disabled the NAT on it so only the router 1 who provides the internet directly from the modem will have the NAT enabled.
It's just so we don't cross our chromecasts.

years ago i would put 2nd router in my room just to have firewall enabled on router as network owner hated firewalls

but all i ever had to do was plug lan port of router 1 to wan port router 2

does your 2nd router have wan port?

[jared404]

Setup your network as shown in the image. You will want NAT enabled and bridging disabled on both routers.

[bcguru9384]

3 minutes ago, MaxiMax07 said:

TP-WR1043N V5 as router 1 and WDR4300 V1 as router 1.

I'll try what you said now

cancel what i said

reset router 2 to factory

plug router 1 eth port 1 to router2 internet

everything. should be plug n play minus wifi setup on router 2

but do goto router1 and set dhcp range to .3 to .50

router 2 set dhcp range .51 to .100

note you may need to static set router 2 gateway to 192 168 0 2 first

[Oshino Shinobu]

23 minutes ago, MaxiMax07 said:

I'm using router 2 to isolate the neighboor. He'll use this one. I disabled the NAT on it so only the router 1 who provides the internet directly from the modem will have the NAT enabled.
It's just so we don't cross our chromecasts.

Have you connected router 2 to router 1 using the WAN port? If so, it won't work without NAT and if you use NAT, it's likely to struggle because it's expecting a WAN connection but is getting a local connection using double NAT. You'd need to set the WAN settings on router 2 to use router 1 as its default gateway if it will let you. I'd have both set to use Google's Public DNS.

 

This is how I'd have it set up personally. From my experience with double NAT and to some extent, just multiple routers in general, they're a pain to work with. While it would need new hardware, it's the better solution to me. It splits the network into two so they can't interact with each other. You could set a computer as a DHCP server on each if you wanted, but I would really just use the router for DHCP, for the most part it doesn't matter if they use the same IP address range as they still can't interact. 

 

 

 

 

 

[bcguru9384]

ya i forgot

subnet router1 is 255 255 255 128(now router 1 knows theres a 2nd router)

router2 still be 255 255 255 0

best if dhcp range router 2 was 129 to 254

wwhich means i also messed up on router2 gateway 192 168 0 128

router 1 dhcp .2 to 127 

sorry been 7 years since i did this

[MaxiMax07]

14 minutes ago, bcguru9384 said:

cancel what i said

reset router 2 to factory

plug router 1 eth port 1 to router2 internet

everything. should be plug n play minus wifi setup on router 2

but do goto router1 and set dhcp range to .3 to .50

router 2 set dhcp range .51 to .100

note you may need to static set router 2 gateway to 192 168 0 2 first

Is it okay if I keep my old setting? router 1 dhcp to 192.168.0.* and router 2 dhcp 192.168.1.*

It works now that I enabled the double NAT

[MaxiMax07]

3 minutes ago, bcguru9384 said:

ya i forgot

subnet router1 is 255 255 255 128(now router 1 knows theres a 2nd router)

router2 still be 255 255 255 0

best if dhcp range router 2 was 129 to 254

wwhich means i also messed up on router2 gateway 192 168 0 128

router 1 dhcp .2 to 127 

sorry been 7 years since i did this

Will this give me the possibility to disable the double NAT? Because it's working now that I enabled it

[bcguru9384]

Just now, MaxiMax07 said:

Is it okay if I keep my old setting? router 1 dhcp to 192.168.0.* and router 2 dhcp 192.168.1.*

It works now that I enabled the double NAT

you can but the newest way eliminates NAT at hardware level as 255 255 255 0 is a 1 router subnet

255 255 255 128 is 2 routers with 127 clients each(255 255 255 0 is 254 clients)