3 routers supporting 2 subnets that can see each other
Hi I have 2 TL-WR841N routers and an AX6000 router configured as in the image below. I am aiming to have 2 subnets that can talk to each other and both can see the internet. I have setup the static routes to all the ping to work across networks but they seem to be being ignored.
From a machine on the main network (192.168.0.111) I have been using ping to test things out and I am drawing a blank. I have tried with the firewall switched off (on all routers and 0.111) as well to avoid any ICMP interference from it.
so
- Ping 192.168.0.1 - works
- Ping 192.168.2.64 - works
- Ping 192.168.2.1 - work
- Ping 192.168.2.70 - Timeout (so is seeing it no return path)
- Ping 192.168.4.1 - Timeout
When tried from the 4.0/24 side I have the same problems going from 2.70 -> 2.64
Both sides have no issue getting to 1.254 and beyond!
Many thanks for any assistance.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Check the routing tables of the 3 routers to see if everything is correct for different paths.
For 841N:
For AX6000:
For 841N make sure you set:
For AX6000 make sure you set:
I believe that ping tests from 1 to 4 should be successful if everything is configured correctly.
Ping test 5 (pinging behind NAT) would not be possible.
- Copy Link
- Report Inappropriate Content
Thanks for this response. I finally read your last sentence so this post if probably not required and I have posted another question below this one.
Okay, so had sometime this morning to look at this. All the ping settings have been worked on all 3 routers. IP addresses have slightly changed from the the original diagram. 192.68.0.0/24 is now linked to 192.168.2.100 and 102 for the 192.168.4.0/24. They are again static IP's using the DHCP reserved addressing.
Some good news I have now got a setup where I can ping 192.168.4.1 from 192.168.0.111 however I cannot see the http site for the 4.1 router!! Below are the routing tables from the 3 routers. I cannot ping beyond 192.168.4.1 (say 192.168.4.10) and get request timed out. If connected to the 4.0/24 network then I can ping that IP address. Also while connected to 4.1 I can ping down to 192.168.2.100 but not beyond (i.e. 192.168.0.1).
I must be missing something on 192.168.2.1 but I can see it!
192.168.2.1
192.168.0.1 (AX6000)
192.168.4.1
Just pinged from 192.168.4.16 to
192.168.4.1 - good
192.168.2.1 - good
192.168.2.102 - good
192.168.2.100 - good
192.168.0.1 - Request timed out
from 192.168.0.111
192.168.0.1 - good
192.168.2.100 - good
192.168.2.102 - good
192.168.4.1 - good
192.168.4.10 - Request Timed Out
- Copy Link
- Report Inappropriate Content
Just read the final sentence under the images. So you are saying that no matter what I do with routing I will not be able to get beyond 4.1 as NAT kicks in and on the 841N routers that cannot be switched off?
So without going to 'industrial' style routers this network config is just not possible. Could you please share the cheapest device(s) you believe would let me get this setup?
Thanks
- Copy Link
- Report Inappropriate Content
Yes, that's what I've meant. For the discussion purposes posting an updated topology diagram would be helpful.
There are cheep models on which NAT can be disabled, like Archer C6/A6. But keep in mind that I haven't tested this scenario, so I can't guarantee even with NAT disabled it will work.
As for other brands a custom HW with pfSense image should not have any problems with that topology or maybe devices with Open-WRT / DD-WRT images could do the job - you have to check that in related community.
- Copy Link
- Report Inappropriate Content
Thanks for the quick response. 1 question, are only talking About the 192.168.2.0 router or all 3?. I know the ax6000 has a Nat enabled setting and I assume has the desired effect?
Ian
- Copy Link
- Report Inappropriate Content
Yes, that's correct, AX6000 has NAT disable option implemented so it's a perfect candidate to test that. As for which router or all 3, if you provide the updated diagram I can say that for sure - definitely where you are trying to ping behind NAT.
- Copy Link
- Report Inappropriate Content
So updated diagram below. However I have switched off NAT on the AX6000 and I can now ping 192.168.0.81 or others from 192.168.4.0/24. So my naive brain is saying that it is NAT and only the 'Y' end routers need to be able to switch off NAT. Interestingly I can ping 192.168.2.1 from 192.168.0.0/24 but I cannot see the web page for th erouter. Getting 403 forbidden.
- Copy Link
- Report Inappropriate Content
The 403 error is probably due to the fact that you're trying to access the 192.168.2.1 WebGUI from another subnet (not from its LAN subnet).
Try accessing WebGUI on 192.168.1.50 (configuring remote management for the top 841N).
- Copy Link
- Report Inappropriate Content
Okay this is not working as I expected and probably down to the choice of hardware. With AX6000 NAT disabled I was able to ping the nas (192.168.0.81) server but, only the nas server. If I tried to hit the 192.168.0.1 web page (remote management switched off) I actually got redirected to the NAS web interface as if it was 19.168.0.1 not 192.168.0.81. So I suspect that for now I will have to run them as 2 distinct networks and connect to each I need to.
I Would like to thank you for all your assistance and my understanding has been significantly improved.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 3478
Replies: 9
Voters 0
No one has voted for it yet.