ER605 Router Wired LAN Subnet Setup
I have purchased a tp-link ER605 Dual WAN Router to replace my RPi Home Lab Gateway.
I have setup the WAN interfaces:
- WAN Wired Broadband 192.168.20.2 (Gateway 192.168.20.1 - ISP 1 Modem / Router)
- WAN/LAN1 Mobile Broadband 192.168.1.2 (Gateway 192.168.1.1 - ISP 2 Modem / Router)
In Admin Setup -> Remote Management I enabled the 192.168.20.0/24 subnet.
In Firewall -> Attach Defense I unchecked 'Block Ping from WAN'.
I can navigate to the web ui and i can ping the WAN IP (192.168.20.2) from a terminal session on my MacBook Pro (on the same subnet 192.168.20.0/24).
I have setup the LAN interfaces for wired devices:
- LAN1 vlan1 (5 UNTAG) 192.168.101.1 -> Switch -> Synology NAS (eth0) and RPi devices
- LAN2 vlan2 (4 UNTAG) 192.168.102.1 -> Switch -> Synology NAS (eth1) and RPi devices
I have setup static routes in the ISP 1 Modem / Router to the two subnets:
- 192.168.101.0/24 -> 192.168.20.2
- 192.168.102.0/24 -> 192.168.20.2
I cannot ping the LAN IPs (192.168.101.1, 192.168.102.) nor can I use nmap to determine the IP addresses of the devices in each subnet.
And, I'm not sure how to enable this using the web ui?
An iptables example:
sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT sudo iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE