Need router guru???

[zone97]

I have a router issue.... Here is what I have.

cable mode, linksys wireless g router, adtran router, 24port netgear switch. here is how its wired.

cable modem -> linksys wan port -> lan port on linksys to wan port on adtran -> lan port on adtran to 24 port switch.

linksys : 192.168.50.5 (no dhcp) (DMZ points to 192.168.50.100 wan port on adtran)
adtran : 192.168.75.1 (dhcp enabled) (routing done here!)

here is the issue.

computers plugged into the 24 port switch get ip address via dhcp in the 192.168.75.xxx range. can surf, and see all ip address in 192.168.75.xxx AND 192.168.50.xxx..

computers that connect to the linksys wirelessly have to be set to an ip address of 192.168.50.xxx because they can not see the 192.168.75.xxx address nor the adtrans dhcp server. They can surf if you specify an address. If you try and set an address of 192.168.75.xxx it will tell you the ip address is already in use? even though its not.

My question is what kind of static route do i need to setup between the adtran and the linksys so that the wireless users see the samething the 24port wired users do?

I can not rearange the routers. They must stay in this configuration. Because when the adtran is placed first, servers behind it can not be accessed via their wan addresses. The linksys doesnt have this limitation. But i can not NAT with the linksys because of its limit of port forwarding.

i have tried somethings in the advanced routing ont he linksys, but don't know if i need to something similar on the adtran to complete the tunnel.

 

[Kyoji]

I think my mind blew up?

I'm no expert, and I'm not pretending to be, but I cant identify exactly what your problem is here. Are you saying computers connected to the adtran cannot see computers connected to the linksys router? So 192.168.75.xxx users cannot see 192.168.50.xxx ip's on the network?

 

[Strider]

Expert here

You must tell the adtran that the 192.168.50.0 (/24 I assume) goes out to its WAN port.

However, why the complicated setup

(just curious, I'm using at least the same amount of devices, but a bit differently set up - e.g. dedicated AP which gets dhpc for the clients from the same dhcp as the wired ones).
Edit: reread why you're doing this. Strange. Use a device which can do it all

or a linux router

(I know I get carried away

)

 

[moshii]

cable mode, linksys wireless g router, adtran router, 24port netgear switch. here is how its wired.

cable modem -> linksys wan port -> lan port on linksys to wan port on adtran -> lan port on adtran to 24 port switch.

Networking people call that sort of setup.. a fucking mess.

First off, you're cable modem most probably has NAT and DNS caching built into it.. and thus should be connected to the switch and configured in your DHCP server to be used as a gateway and DNS. You didn't give us netmasks so I don't know what your subnets really look like.

I guess you want the Linksys unit to act as a wireless AP opposed to a router? otherwise you're going to have piles of NAT on NAT. Set it up as an AP and connect it to the switch and leave it at that.

You're topology is screwed ... decide what you want to do and rearrange everything using the switch as the common connection point.

This is how my setup looks (Edit.. looked ok in preview.. let's try again);
CODE Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â
Wireless Clients Â
     |
     |
    ÂAP
     |
     |
   Switch
     Â|_________
    /      Â|   Â\
Wired clients  Â|   ÂDebian box with ipmasq, dnscache and squid
          Â|    |
          Â|   ÂSomeone else's AP
          Â|   Â|
          Â|   ÂSomeone else's Cable modem
          Â|
??Dedicated machines in Germany via OpenVPN

The only routes I need are those for outbound traffic and for the machines on the network via VPN.

 

[zone97]

ok let me clearify some points.. 1st the why?...

lets look at each piece of the pie... the linksys.. it is a wireless broadband router, as such it can connect wired and wireless users. the downside is it only gives you like 10 port forward slots. I prefer to setup a rule for each port and not group.. IE: open port 21, not port 21-80 ect... thats where the adtran comes in. It has basicly an unlimited configuration because it is considered a business class router. Downside here is that from the lan side you can not access wan side items..

let me explain.. lets say i run a web server. www.mysite.com on ip 24.24.24.24 (internet address) on the router I point port 80 to lan address 192.168.75.10... with the adtran, if Im sitting at my desk and go to the web and type www.mysite.com i get nothing.. I can type http://192.168.75.10 and see the site.. You could type www.mysite.com and see it as well. The linksys does not have this limitation. Setting this up on the linksys works great. But I need more port forwarding... (not to mention better logging and ability to spy on traffic to see whats going on.) so how to get around this.. simple put the linksys first in the cascade and feed traffice to the adtran, now the adtran can do port forwarding and i can still access web addresses that point back to my network from within my network.

Let me draw a diagram.

[ Cable Modem ]---+
                  |
                  +---[ Linksys ]---+---[ Wireless clients ] (192.168.50.xxx)
                                    |
                                    +---[ Adtran ]---+
                                                     |
                                                     +---[ 24 port switch]---+---[ Wired Clients ] (192.168.75.xxx)

cable modem connects to wan port on linksys, lan port on linksys connects to wan port on adtran, lan port of adtran connect to 24 port switch. linksys has DMZ set for 192.168.50.100, which is the adtrans wan port.

Ip address and ranges.

linksys: 192.168.50.5 / 255.255.255.0 / gateway: some internet address.
adtran: wan port 192.168.50.100 / 255.255.255.0 / gateway: 192.168.50.5
adtran: lan port 192.168.75.1 / 255.255.255.0
adtran dhcp: 192.168.75.199 - 192.168.75.254

wired computers can see 192.168.75.1 & 192.168.50.5 and address of wireless computers like 192.168.50.200
wireless computers can only see 192.168.50.5 and other wireless computers.
address such as 192.168.75.1 return from ping, request timed out.

I have tried setting up multi gateways and ips on a wireless unit. But no luck. I think that the linksys needs a static route somewhere so it can tell wireless computers how to get to that side of the network. I tried some settings in the advanced routing area but nothing seemed to work, was still unable to ping.

Any other Ideas? Hope i clearified this mud.

@moshii

I could hook my cable modem to the switch and then the others to the switch, but the modem will only link to one unit? how could I conviece the modem to talk to both routers at the same time?

 

[friedchicken]

not an expert either but if you want to increase the linksys port forwarding number i recommend you visit http://linksysinfo.org.
Im currently on Firmware Version : v4.30.1, HyperWRT 2.1b1 +tofu12 for my wrt56g and it gives me 20 port forwarding.

 

[moshii]

[ Cable Modem ]---+
                  |
                  +---[ Linksys ]---+---[ Wireless clients ] (192.168.50.xxx)
                                    |
                                    +---[ Adtran ]---+
                                                     |
                                                     +---[ 24 port switch]---+---[ Wired Clients ] (192.168.75.xxx)

The problem is that your Wireless clients are coming in at the wrong point.. with that setup you need a route to take your traffic from the wireless clients through the adtran. The thing is, connecting the linksys to the adtran's WAN port is telling it that traffic coming in is from the outside and not the inside subnet... the wan port is exactly the same as the lan ports just the routing rules are different. You might be able to get around this by putting the wireless clients on a different subnet and putting rules on either side to brige the two subnets... but this means all your wired-wireless communication is going through the adtran and it'll become a bottleneck.

[ Cable Modem ]---+
             Â|
             Â+---[ Adtran ]---+
                         Â|
                         Â|
                         Â+---[ 24 port switch]---+---[ Wired Clients ] (192.168.75.xxx)
                                          +---[ Linksys ]--

That's a better solution... making sure the Adtran is getting the public IP address from the cable modem and you aren't double nat'ing is a good idea. Other than that... if your linksys is an older WRT you can install OpenWRT on it (busybox based linux for routers) and bin the adtran, and simply connect the switch with a cross over to the WRT.. another bonus is that you could also run a netflow collector on the WRT and have proper monitoring ala Cisco kit.



Basically, You need to layer your traffic.

 

[moshii]

Expert hereÂ

You must tell the adtran that the 192.168.50.0 (/24 I assume) goes out to its WAN port.

You're an expert and you think that's a good solution? The whole point of a WAN port is that internal traffic doesn't go through it. pfft

 

[zone97]

That's a better solution... making sure the Adtran is getting the public IP address from the cable modem and you aren't double nat'ing is a good idea. Other than that... if your linksys is an older WRT you can install OpenWRT on it (busybox based linux for routers) and bin the adtran, and simply connect the switch with a cross over to the WRT.. another bonus is that you could also run a netflow collector on the WRT and have proper monitoring ala Cisco kit.

as i mentioned earlyer i cant do it that way because of the limit of the adtran... What i would like is information on how to brige both routers. I have upgraded my firmware on the WRT to DDWRT open source. Pretty nice.. Lots of new features. Now if i can figure out how to open a tunnle between the 2 routers id be happy.

 

[Strokemouth]

That's a better solution... making sure the Adtran is getting the public IP address from the cable modem and you aren't double nat'ing is a good idea. Other than that... if your linksys is an older WRT you can install OpenWRT on it (busybox based linux for routers) and bin the adtran, and simply connect the switch with a cross over to the WRT.. another bonus is that you could also run a netflow collector on the WRT and have proper monitoring ala Cisco kit.

as i mentioned earlyer i cant do it that way because of the limit of the adtran... What i would like is information on how to brige both routers. I have upgraded my firmware on the WRT to DDWRT open source. Pretty nice.. Lots of new features. Now if i can figure out how to open a tunnle between the 2 routers id be happy.

But if you were only using the adtran to allow for more port forwarding options, you can ditch it now that you have more flexibility with DDWRT.

 

[Strider]

Expert hereÂ

You must tell the adtran that the 192.168.50.0 (/24 I assume) goes out to its WAN port.

You're an expert and you think that's a good solution? The whole point of a WAN port is that internal traffic doesn't go through it. pfft

Jesus, did you even read my or his post?

Go pfft yourself

He asked for a specific solution to a specific problem, which I gave him. Look at this thread, now it's a mess. Many think they know a lot better, which might be, but it's not what he asked.

On the technical side, what the port is called is totally irrelevant. Did you understand that the traffic would flow out of the adtran router's WAN port as it usually would in the direction of the internet?? Only that it's directed toward 192.168.50.0? That there's a LAN behind that interface?

 

[zone97]

But if you were only using the adtran to allow for more port forwarding options, you can ditch it now that you have more flexibility with DDWRT.

You are right sir...

The DD-WRT is uter AWSOMNESS. It removed the limits on the port forwading, added some robust features. Lots of "at a glance stats" Yea, I kicked that adtran to the curb!

Thanks to all for the help.