Solved

Connecting two routers

Posted on 2006-07-05
13
448 Views
Last Modified: 2013-11-30
Hi

I struggling to understand what goes on when I connect two routers.

The first router (R1)  is a non-wireless router, connected to a modem, then on to my ISP. It has four LAN connectors, and handles DHCP to whatever plugs into them. I connected one of these LAN ports to the the WAN port of a RangeMax router (R2), which will serve as an access point. The reason I'm using a router and not a switch for this is because this router was the only powerful transceiver I could get my hands on.

R2 will have a few wireless PCs connected to it from time to time.

R2 is getting an "Internet" IP address from the DHCP of R1 (192.168.0.6) Mysteriously, these appeared in the static ip address boxes, and the "Use Static IP address" is checked!
R2 is getting the gateway information from R1 (192.168.0.1). Again, this has appeared in the static ip address boxes.

SO, these two IP addresses, together with the subnet mask, have appeared automatically, even though I opted to use static addresses here. So here begins my confusion.

to go on....

R2 has fixed DNS server names (my ISP's)
R2 also has a fixed LAN IP address, 192.168.2.1, that I put in it.
R2 also has a fixed subnet mask that I put in it.

This I follow.

I requested that R2 does not do any DHCP - is this correct? I thought that R1 would deal out IP addresses to the clients connected to R2, but, when I check those R2 clients, the IP address range is clearly coming from R2! How can this be, and is this correct? (Remember, the R2 is instructed not to do DHCP).

Finally, I set RIP to "Both" and used RIP_1

Some advice / help appreciated. Please don't be too technical.





0
Comment
Question by:Jason210
  • 6
  • 3
  • 2
  • +2
13 Comments
 
LVL 9

Expert Comment

by:NYtechGuy
ID: 17046221
Jason-

Your configuration will not work as described.  R1 is not able to issue DHCP requests to clients behind R2 - it is blocked.  In addition, "double-nat" is not a good thing (going through 2 firewalls that have WAN/LAN basically)

It seems from your statement that you know an access point is what you need, but you purchased the router b/c of its power, etc.  That is fine.

I would suggest instead of using it as a router and plugging the output of R1 into the "Internet" or "WAN" port, that you plug that cable into the "LAN" or "Inside" port (there is probably 4 ports, plus 1 WAN port).

Trust me, this will work.  Your wireless clients will get a DHCP address from the R1.

Please try and let us know.

Thanks,

justin
0
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 17046287
You should configure R2 to do a DHCP on its LAN interface.

And then configure R2 to NAT connections between WAN and LAN interfaces.(Just like R1).

This way everyone on R2 LAN interface can connect to internet.

0
 
LVL 11

Author Comment

by:Jason210
ID: 17046288
NYtechGuy

Thanks - I'll try that later. Presumably, the WAN settings of R2 would be ignored if I use it they way you suggest.

I would  (for my own interest, and if it's not too complicated) like to know the how to set it up the "double-nat" method. I could always turn off the firewall on R2 to minimise that problem. If I do that, I guess I'd need to enable DHCP on R2 and specify a range?

Actually, the way it's set up now, I have got one R2 client working with Internet access.  Perhaps the R2 is foolproof and is issuing ipadresses anyway, despite my ignornace.
0
 
LVL 1

Expert Comment

by:smurfe
ID: 17046305
post ur config, there might be some config problem
0
 
LVL 11

Author Comment

by:Jason210
ID: 17046319
prashsax

Is it possible and (indeed advisable?) to turn off the firewall on R2? How would I do this.
0
 
LVL 11

Author Comment

by:Jason210
ID: 17046326
Actually this client I'm using now is on R2.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 9

Expert Comment

by:NYtechGuy
ID: 17046330
jason-

Prashax seems to have explained how to setup the device doing the double-nat thing.  That can and should work.  I've always just preferred to have one, main router - and anything behind that as an access point.  Just give R2 a static IP address on it's LAN interface, and connect the cable as I have described and that is what you will have.

PS - if you do not get a link/activity light on when you connect, you may need a "crossover" cable, which is available at any comp usa or other computer store.

Thanks,

justin
0
 
LVL 11

Author Comment

by:Jason210
ID: 17046336
That did the trick prashsax. Enabling the DHCP server on R2 works.

It just remains this "double-nat" thing that NYtechGuy mentioned...
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17046368
I think you are still using duoble-nat right now.

What is the IP address on the client machine who is able to access internet using R2.

I you don't want, you do not need to disable firewall on R2.

If your firewall allows all clients from LAN to go to WAN without any restriction and not vice versa.



0
 
LVL 11

Author Comment

by:Jason210
ID: 17046453
>>I you don't want, you do not need to disable firewall on R2.
OK, I'll leave it as it is since it's we won't be using doing much on the wireless clients except browsing the Internet and send mail.

However, I would like to know if there is a way you can just "turn off" the firewall on a router (this is a NETGEAR RangeMax WPN824) Is what I ask possible, or is it a case of regsitering client IPs as DMZs?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17046517
You have a heading of "Content Filtering" in the main menu.

This is where you can use the firewall feature.

But if you have not configured it, by default it will allow all the content and connection.

But if you want(in future) you can block access to some websites based on URL/IP Address.
You can also define Ports which can be access on internet(e.g HTTP,FTP,SMTP,HTTPS etc.)

For now, if it is not configured hence disabled.

I suggest leave it like this.
0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 17048389
"I requested that R2 does not do any DHCP - is this correct?"

YES!!  That is how you should set it up.  There should be only ONE master router delivering DHCP, usually the one hard cabled to the WAN gateway, or it is the gateway.  You can set the other WAP routers as static in the same range as the DHCP, which is probably what you have done, but if you set them all to GET an IP by DHCP from the master router, then they all know the right gateway and inherit all the DNS server settings on the WAN side.  This is the right way to do it.

Then when the computers connect to the WAPS, they too inherit everything, not from the WAP receiver, but from the master router that is delivering DHCP.  So except for the master router, you can set EVERYTHING else to get an IP from DHCP, and it works like a bucket of greased monkeys.

Remember, noting does DHCP but one router, everything else gets it, and along with it, gets the gateway and the DNS for the WAN side, it is automatic.  !!!
0
 
LVL 11

Author Comment

by:Jason210
ID: 17049109
OK, that's interesting.

LAN interface of R1 router is the gateway.

So you're saying with the R2 router - I just give it a static LAN IP address and set everyhthing else to inherit?
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now