1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Two routers on different subnets

Discussion in 'Networking' started by Curly, May 9, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. Curly

    Curly Thread Starter

    Joined:
    Apr 1, 2002
    Messages:
    1,249
    I have two routers that I need to have on different subnets. The secondary router can see everything on the primary, but the primary router cannot ping the secondary or access machines on it. My setup is as follows.

    Primary router: 192.168.168.0/24
    local address: 192.168.168.1
    gateway 192.168.168.1
    DHCP: 192.168.168.100-102
    static IP for secondary router: 192.168.168.150


    Secondary: 10.13.37.0/24
    Local address: 10.13.37.1
    gateway 192.168.168.1
    DHCP: 10.13.37.100-102


    The WAN port of secondary is connected to LAN port on primary.

    I suspect that I need to set up a static route somewhere for machines on primary to see machines on secondary. But where? And how should it be configured? I have tried numerous possiblities, but nothing has worked.

    Any help is greatly appreciated!
     
  2. SmallNetBuilder

    SmallNetBuilder

    Joined:
    May 8, 2008
    Messages:
    36
    Are these two NAT-based routers? If so, the secondary's firewall is blocking traffic.

    What are you trying to do with the two subnets?
     
  3. Curly

    Curly Thread Starter

    Joined:
    Apr 1, 2002
    Messages:
    1,249
    Yes, they are two NAT-based routers.

    I have a VPN server on the 192.168.168.0 subnet, and the only way that I can test it (without needing a separate ISP access) is to have the client on a separate subnet.
     
  4. SmallNetBuilder

    SmallNetBuilder

    Joined:
    May 8, 2008
    Messages:
    36
    You should be able to at least ping the secondary router's WAN IP. Make sure that the second router isn't set to block WAN pings.
    Since you're testing VPN (IPsec or PPTP?), you don't want to forward ports or put the test client in DMZ.
     
  5. Curly

    Curly Thread Starter

    Joined:
    Apr 1, 2002
    Messages:
    1,249
    I cannot ping the WAN IP on the secondary, and I do not see a setting for ping reponse on it.

    I am not forwarding any ports, nor is anything in DMZ.
     
  6. SmallNetBuilder

    SmallNetBuilder

    Joined:
    May 8, 2008
    Messages:
    36
    What make and model are the two routers?
     
  7. Curly

    Curly Thread Starter

    Joined:
    Apr 1, 2002
    Messages:
    1,249
    WRT54GL using DD-WRT v23 SP2
     
  8. TerryNet

    TerryNet Terry Moderator

    Joined:
    Mar 23, 2005
    Messages:
    69,556
    "... primary router cannot ping the secondary or access machines on it."

    I'm pretty sure that the ping feature some routers have is for pinging on the WAN connection. Other computers connected to the primary should be able to ping the secondary router's WAN address.

    One of the things that makes a router a router is its NAT layer, which acts as a natural firewall. From the WAN side you cannot initiate access to devices on the LAN except by using the DMZ or port forwarding.
     
  9. Courtneyc

    Courtneyc

    Joined:
    Dec 6, 2003
    Messages:
    1,906
    How is the secondary router getting to the primary? The gateway address of a network must actually be on that network. The secondary router has an invalid gateway address (unlike the first one). The inside address is on the 10.13.37.0/24 network. The outside appears to be on the 192.168.168.0/24 network. Is this the case?

    If it is, as I said, the inside gateway of the secondary router is incorrect.

    Courtney
     
  10. Curly

    Curly Thread Starter

    Joined:
    Apr 1, 2002
    Messages:
    1,249
    I have multiple machines on the secondary router, not to mention ones that will occasionally use it and are assigned IPs through DHCP. So, I will need to forward all traffic for the entire subnet. Port forwarding cannot accomplish this.

    This is why I believe that I must set up a route in the routing table. I believe it should be on the primary router, routing 10.13.37.0/24 over to the secondary router. But I can't get it to work.
     
  11. Curly

    Curly Thread Starter

    Joined:
    Apr 1, 2002
    Messages:
    1,249
    If the secondary shouldn't have a gateway of 192.168.168.1 (the primary router's IP), what should it have?

    I am not sure what you mean by 'inside' and 'outside'.
     
  12. SmallNetBuilder

    SmallNetBuilder

    Joined:
    May 8, 2008
    Messages:
    36
    Static routes are not going to work through a NAT firewall. If you are setting up a VPN tunnel, won't the machines connect via it?
     
  13. Curly

    Curly Thread Starter

    Joined:
    Apr 1, 2002
    Messages:
    1,249
    Actually, I was finally able to set up a static route to the subnet on the secondary router, and now both the router and all machines respond to ping. But I'm still not able to perform file sharing from primary to secondary. I think it may have something to do with NetBIOS and needing a WINS server to redirect through routers. . I don't have a server OS, so if it is true, I won't be able to do it. I'm not clear about this, though, so I need to continue researching it

    Yes, the machines of the secondary could tunnel to the primary through the VPN - if they are configured as a client. But not all will be clients.
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/710985