Two router cascade conundrum

Posted on 2006-04-09
Last Modified: 2013-11-30
I have two networks I wish to separate. Both need access to the internet.

Router A is a Linksys wrt54g connected to the internet via a (Alcatel) modem. LAN address LAN IP range 192.168.1.x DHCP enabled. It gets its IP from the server using PPPOE.
Router B is an Alloy IP505DV connected via WAN port to a LAN port on A. WAN IP address is Gateway LAN IP range 192.168.0.x DHCP is disabled. Router is set to 'router' mode rather than 'gateway'. NAT disabled.

I have followed instructions from Alloy's very good telephone support and cross checked with various threads here and elsewhere, I have also rung them back to check that there is no setting on the IP505DV that I have missed. I am not considering ringing Linksys help as it is via a scripted person and has proved next to useless in the past.

This is the situation:
Router B can see the internet, pinging the gateway fine, DNS fine, proxy sever in China fine via network diagnostics in the HTML interface.
PCs (XP PRO) connected to router B with IP addresses in the same range can ping the router, but cannot ping anything else. Gateway set to router B IP. DNS

** If I connect router B to router A via a LAN port on B, change the IP on the PC to be within the same range as router A and gateway to router A IP then all is fine and internet accessible.**

This is great apart form the fact that:

I want to separate the two networks. Computers connected to router A should not be able to see computers connected to router B.

As an added bonus I want computers connected to router B to be able to see computers connected to router A, if this is possible.

This is probably quite simple for anyone who understands what it is that routers *actually* do, but it has wasted a whole bunch of my time.
Question by:phl6hal
    LVL 8

    Expert Comment

    lets draw a picture
            |                              \
         Rtr A                          Rtr B
     outside interface              outside ineterface
      (DHCP client)                  (DHCP client)
            |                                    |
            |                                    |
        Rtr A(DHCP server)         Rtr B (DHCP server)
            |                                     |
         net A                              net B
    192.168.0.x                         192.168.1.x            
    (254 clients on each net)

    Now from this picture
    Net A client will point to for gateway
    Net B client will point to for gatewat
    Turn on DHCP serve for the inside interfaces
    Set you scope  .1 should be exluded and set that to a static IP of or 0.1
    on the correct rtr.

    NAT will be automatic between the inside and outside interfaces or should be
    LVL 15

    Accepted Solution

    Hi phl6hal

    The problem is that 192.168.1.X addresses do not have a path back to the 192.168.0.X addresses.
    You can fix this by adding a static route on the Linksys for network, mask to be gateway (Alloy WAN IP address).
    If you don't want computers on Router A to see machines on Router B then you'll need to set up access control on Router B to control the services allowed.

    I'm assuming that the Linksys will also source NAT the 192.168.0.X network for internet access (even though its LAN address is 192.168.1.X). Once the static route is in place, if internet access doesn't work for Router B machines then you'll need to change Router B to Gateway mode, with NAT. The static route won't be required then and access from Router A machines will be automatically be restricted.

    Author Comment

    Thanks Frabble that was really helpful.

    I managed to get the system to work using the static route feature on router A. Internet access and separate networks.
    The networks not being able to see each other happened without any access control rules being set up on router B. I set up a firewall rule to restrict access, then deleted it. The internet remained accessible during this process.

    Then I breathed a sign of relief.

    I plugged in a second PC to router B, in order to check that PCs on the Lan side of router B could see each other.
    Then it stopped working. No internet access. On either machine.

    I will be able to have another look at it in a few hours time. I will reset router B to factory defaults and re-configure it completely.
    LVL 15

    Expert Comment

    OK. Regarding the networks not seeing each other, this will happen in your case because machine names are resolved to IP addresses using netbios-name broadcasts and these are not passed through the router. You'll still be able to access across the router if you use the IP addresses instead of the name, which is why you may want to have access control rules.

    Author Comment

    Not sure what you mean by 'You'll still be able to access across the router if you use the IP addresses instead of the name'. All PCs network adapters have discrete IPs.

    I used the second part of your suggestion; 'if internet access doesn't work for Router B machines then you'll need to change Router B to Gateway mode, with NAT. The static route won't be required then and access from Router A machines will be automatically be restricted.'

    (Which may be the same as what MarkDozier wrote, but I found your explanation much easier to understand)

    And all worked, machines access internet and are inaccessible from other network. Would still like them to be able to see network A if possible. The other issue is that if i set router B IP then internet access stops, DHCP from router A and all is fine.

    I will be looking at it in about an hours time.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Give your grad a cloud of their own!

    With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

    We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
    Let’s list some of the technologies that enable smooth teleworking. 
    Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now