Two routers

F

Flickspeed

This topic seems close to my problem. If anyone with sufficient knowledge can help I would be grateful.

My problem is the following.

Router A is the main VDSL router/gateway for TV and Internet. It has limited options. Wi-Fi disabled.

Router B is a DD-WRT Device. Wi-Fi enabled.

A and B are connected via a LAN cable

Here is the task:

A. One of the computers must be directly connected (wired) to main router A.
B. Rest of the computers must be connected via wireless to router B (dd-wrt) in order for me to be able to make certain access restrictions on them.
C. Computer connected to A must be able to access all the other devices on B.
D. All Devices must have internet access.

Here is what I have tried so far, for all settings router A was a DHCP Server with a range of 192.168.2.10 - 192.168.2.100 and internal ip of 192.168.2.1. Subnet mask on all devices was 255.255.255.0

1) I had router B in DHCP forwarder mode, but in this mode, the router was unable to enforce the access restrictions for the devices connected to it. Even if the router mode was set to gateway. all other tasks A) C) D) were achieved.

2) I had router B in DHCP Server mode connected through WAN port with DHCP pool from 192.168.1.100 - 192.168.1.150. Internal IP of router B was 192.168.1.1. In this case the devices on B had internet, I was able to apply restrictions. Devices on B saw Router A but my device on A was unable to see router B or any of the devices on B.

3) I had router B in DHCP Server mode again through WAN port but this time with DHCP pool from 192.168.2.100 - 192.168.2.150 to match the ip adresses of A but in a different range. Internal IP of router B was 192.168.2.2. In this case the devices on B had NO internet access. which is weird.

Is there any way I can achieve my goal? I know the easy way is to put all the devices on B including the other computer, but I rather have that computer on router A without having to pass router B. Can a certain subnet mask combination make (3) work?

Moderator note: This post moved from this thread: https://www.techspot.com/community/...use-the-same-subnet-mask.196920/#post-1378127
 
Last edited:
What kind of restrictions? It seems like you got everything worked out, apart from this. We need to know more to help.
 
Well the restriction which you can find on the access restrictions page in dd-wrt. For example blocking of ports at a certain time. This definitely works when the router is in DHCP server and gateway mode.

When B is in DHCP forwarder mode router A works as the gateway for the clients on B. I am guessing that is why I cannot apply the access restrictions from router B to the clients on it.
 
To confirm, in scenario 1) above, you connected a cable between RouterA_LANport and RouterB_LANport1 ?

I don't see why wifi devices connected to routerB cannot be restricted via the dd-wrt firmware on routerB, before the traffic goes through the gateway (routerA).

@jobeard, do you see anything?
 
2) I had router B in DHCP Server mode connected through WAN port with DHCP pool from 192.168.1.100 - 192.168.1.150. Internal IP of router B was 192.168.1.1. In this case the devices on B had internet, I was able to apply restrictions. Devices on B saw Router A but my device on A was unable to see router B or any of the devices on B.
Click to expand...
Go back to this setup. You need to cause both routers to have static addresses (ie NOT DHCP assigned and usually outside the dhcp range).
On the router closest to the Modem, you need to add a route to the downstream ip address range.

If the upstream router has the address 192.168.1.1 and the downstream has 192.168.2.1, you need to then force how 1.1 sees the downstream
{ie: it is an address reservation using its MAC association (eg xx:yy:zz -> 192.168.1.254)}

Thus far it would look like:
modem ==(wan) Upstream (192.168.1.1)--(lan)(192.168.1.254) ----(wan)downstream(192.168.2.1)
Notice that the upstream path to the downstream is via 1.254.

SO, now add the route in the upstream like
Code: 
       dest          mask          gateway    interface  metric

    192.168.2.0  255.255.255.0  192.168.2.1  192.168.1.254  1

devices on 1.1 should now be able to ping devices on 2.1 and conversely
[edit:- oops mask should be 255.255.255.0 - - ALL addresses on the 192.168.2.* subnet -:edit]
 
Last edited by a moderator:
  • Like
Reactions: St1ckM4n
You must log in or register to reply here.

Similar threads

Marcin2023
Connecting printer via RJ45 to wireless network
Replies
1
Views
1K
Gabriel Pike
Gabriel Pike
Z
Banana Pi's new $30 router delivers Wi-Fi 6 speeds, OpenWrt flexibility
Replies
7
Views
193
ZedRM
ZedRM
midian182
Mystery of LG washing machine using 3.6GB of data daily could have a simple explanation
2
Replies
37
Views
731
ZedRM
ZedRM

Latest posts

Back