Two router cascade conundrum

I have two networks I wish to separate. Both need access to the internet.

Router A is a Linksys wrt54g connected to the internet via a (Alcatel) modem. LAN address 192.168.1.211 LAN IP range 192.168.1.x DHCP enabled. It gets its IP from the server using PPPOE.
Router B is an Alloy IP505DV connected via WAN port to a LAN port on A. WAN IP address is 192.168.1.202 Gateway 192.168.1.211 LAN IP range 192.168.0.x DHCP is disabled. Router is set to 'router' mode rather than 'gateway'. NAT disabled.

I have followed instructions from Alloy's very good telephone support and cross checked with various threads here and elsewhere, I have also rung them back to check that there is no setting on the IP505DV that I have missed. I am not considering ringing Linksys help as it is via a scripted person and has proved next to useless in the past.

This is the situation:
Router B can see the internet, pinging the gateway 192.168.1.211 fine, DNS 202.233.0.3 fine, proxy sever in China 125.247.121.74 fine via network diagnostics in the HTML interface.
PCs (XP PRO) connected to router B with IP addresses in the same range can ping the router 192.168.0.201, but cannot ping anything else. Gateway set to router B IP. DNS 202.233.0.3

** If I connect router B to router A via a LAN port on B, change the IP on the PC to be within the same range as router A and gateway to router A IP then all is fine and internet accessible.**

This is great apart form the fact that:

I want to separate the two networks. Computers connected to router A should not be able to see computers connected to router B.

As an added bonus I want computers connected to router B to be able to see computers connected to router A, if this is possible.

This is probably quite simple for anyone who understands what it is that routers *actually* do, but it has wasted a whole bunch of my time.
phl6halAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MarkDozierCommented:
lets draw a picture
      INTERNET CLOUD
            |
            |
       ISP MODEM(DHCP SERVER)
             |
             |
        ==============
        |                              \
     Rtr A                          Rtr B
 outside interface              outside ineterface
  (DHCP client)                  (DHCP client)
        |                                    |
        |                                    |
    Rtr A(DHCP server)         Rtr B (DHCP server)
        |                                     |
     net A                              net B
192.168.0.x                         192.168.1.x
255.255.255.0                      255.255.255.0
(254 clients on each net)

Now from this picture
Net A client will point to 192.168.0.1 for gateway
Net B client will point to 192.168.1.0 for gatewat
Turn on DHCP serve for the inside interfaces
Set you scope  .1 should be exluded and set that to a static IP of 192.168.1.1 or 0.1
on the correct rtr.

NAT will be automatic between the inside and outside interfaces or should be
0
FrabbleCommented:
Hi phl6hal

The problem is that 192.168.1.X addresses do not have a path back to the 192.168.0.X addresses.
You can fix this by adding a static route on the Linksys for network 192.168.0.0, mask 255.255.255.0 to be gateway 192.168.1.202 (Alloy WAN IP address).
If you don't want computers on Router A to see machines on Router B then you'll need to set up access control on Router B to control the services allowed.

I'm assuming that the Linksys will also source NAT the 192.168.0.X network for internet access (even though its LAN address is 192.168.1.X). Once the static route is in place, if internet access doesn't work for Router B machines then you'll need to change Router B to Gateway mode, with NAT. The static route won't be required then and access from Router A machines will be automatically be restricted.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
phl6halAuthor Commented:
Thanks Frabble that was really helpful.

I managed to get the system to work using the static route feature on router A. Internet access and separate networks.
The networks not being able to see each other happened without any access control rules being set up on router B. I set up a firewall rule to restrict access, then deleted it. The internet remained accessible during this process.

Then I breathed a sign of relief.

I plugged in a second PC to router B, in order to check that PCs on the Lan side of router B could see each other.
Then it stopped working. No internet access. On either machine.

I will be able to have another look at it in a few hours time. I will reset router B to factory defaults and re-configure it completely.
0
FrabbleCommented:
OK. Regarding the networks not seeing each other, this will happen in your case because machine names are resolved to IP addresses using netbios-name broadcasts and these are not passed through the router. You'll still be able to access across the router if you use the IP addresses instead of the name, which is why you may want to have access control rules.
0
phl6halAuthor Commented:
Not sure what you mean by 'You'll still be able to access across the router if you use the IP addresses instead of the name'. All PCs network adapters have discrete IPs.

I used the second part of your suggestion; 'if internet access doesn't work for Router B machines then you'll need to change Router B to Gateway mode, with NAT. The static route won't be required then and access from Router A machines will be automatically be restricted.'

(Which may be the same as what MarkDozier wrote, but I found your explanation much easier to understand)

And all worked, machines access internet and are inaccessible from other network. Would still like them to be able to see network A if possible. The other issue is that if i set router B IP then internet access stops, DHCP from router A and all is fine.

I will be looking at it in about an hours time.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.