1

So, my goal is to have each one of my devices connected to a double-NAT simple solutions.

I've started my configuration with Router 1:

IP: 192.168.1.254
Mask: 255.255.252.0

DHCP
Ipv4: 192.168.1.10 - 192.168.1.250
Mask: 255.255.252.0
Server: 192.168.1.254
Gateway: 192.168.1.254

So far so good :D

Than, I've tried to configure the second router:

WAN Setup:
Connection Type: Static IP
IP: 192.168.1.11
Mask: 255.255.252.0
Gateway: 192.168.1.254

And now my problem:

Attempt 1

  • Connected the Router 1 LAN port to the Router 2 WAN port

  • Enable DHCP, its already configured by default (192.168.4.100 to 192.168.4.200).

  • Everything connects fine, but they act like different networks, and for example, I cannot see the printer and my shared drive at the same the (they are in different routers)

Result -> FAIL

Attempt 2

  • Connected the Router 1 LAN port to the Router 2 WAN port

  • Enable DHCP, and change the range for 192.168.2.100 to 192.168.2.200

  • Get the message: The IP address is not in the same LAN IP Address.

Result -> FAIL

Attempt 3

  • Connected the Router 1 LAN port to the Router 2 WAN port

  • Enable DHCP

  • Change LAN to 192.168.0.1

  • Get message: WAN IP address and LAN IP address cannot be in a same subnet. Please input another IP Address.

Result -> FAIL

Attempt 4

  • Connected the Router 1 LAN port to the Router 2 LAN port

  • Change LAN to 192.168.0.1

  • Change DHCP range: 192.168.0.50 to 192.168.200

  • No internet in Router 2

Result -> FAIL

Attempt 5

  • Connected the Router 1 LAN port to the Router 2 LAN port

  • Change LAN to 192.168.0.1

  • Disable DHCP on Router 2

  • Too many connections for my ISP Router

Result -> FAIL

Any sugestion? PLEASE... :)

Pedro Amorim
  • 11
  • 1
  • 1
    "_my goal is to have each one of my devices connected to a double-NAT simple solutions._" That is not a worthy goal. A worthy goal is to eliminate NAT unless you have public/private routing or overlapping addressing. NAT is to be avoided if at all possible. Simple routing should be used betwwen networks under your control. NAT is not a substitute for routing. – Ron Maupin Jan 31 '20 at 21:38

2 Answers2

0

It looks like you are placing your R2 into the same network as your R1, and thus not seeing the expected behavior. If you want to design this to be double NAT separate R2 into another network, something like this:

                       LAN NAT 1
     WAN+-----+LAN   192.168.1.0/24  WAN+-----+
.254 <--+     +-------------------------+     |
        | R1  |.1                     .2| R2  |
        +-----+                         +-----+
                                        LAN|.1
                             LAN NAT 2     |
                             192.168.2.0/24|
                                           |
                                           v
                           Devices not leasing from ISP router


(R1)DHCPv4
Range: 192.168.1.10 - 192.168.1.250
Mask: 255.255.255.0
Local IP: 192.168.1.1
Gateway: 192.168.1.254

(R2)DHCPv4
Range: 192.168.2.10 - 192.168.2.250
WAN Connection Type: Static IP
WAN IP: 192.168.1.2
Local IP: 192.168.2.1
Mask: 255.255.255.0
Gateway: 192.168.1.254

Not sure what your R1's WAN setup is (what is Server: 192.168.1.254, if it is also the gateway?)

Yevhen Stasiv
  • 263
  • 2
  • 5
0

The main problem is that the Router 1 subnet mask is too broad. Set it to 255.255.255.0 (not 255.255.252.0).

  • In your attempt 1, the Router 2 DHCP range is consistent with the Router 1 subnet mask. The two are on different networks because Router 2 is routing: Its NAT is working.

  • In your attempt 2, you set the Router 2 DHCP range within the Router 1 subnet. Changing the Router 1 subnet to 255.255.255.0 would allow the DHCP range you specified but you'll still have different networks.

  • In your attempts 3 and 4, you have two DHCP servers active on the same subnet and the conflicts can prevent connections altogether.

  • Your attempt 5 seems to have bridged both routers.

I may be wrong but what I think you want is a single subnet behind at least one of your two routers, with the second router available to provide additional Ethernet jacks. If so, then do this:

  • Router 1: WAN IP = DHCP (plugs into your ISP router/modem). LAN IP = 192.168.1.1. Subnet mask 255.255.255.0. DHCP range 192.168.1.3-192.168.1.254.

  • Router 2: Some routers can be switched to "bridge mode" (which simply turns off NAT) by ticking a box or selecting a configuration option. If so, do that. You may be able to plug its WAN port into a Router 1 LAN port but if that doesn't work, run the cable to a Router 2 LAN port instead.

If Router 2 doesn't have a "bridge mode" or "disable NAT" option, then plug LAN port to LAN port and: WAN IP = DHCP or 192.168.2.1. LAN IP = 192.168.1.2. Subnet mask 255.255.255.0. DHCP range: DISABLE DHCP (to avoid conflicts with the Router 1 DHCP), so no range. These changes should "bridge" Router 2 and allow it to function as a bridge/switch (same thing). DHCP clients connected to Router 2 will get DHCP configuration from the Router 1 DHCP server.

ebsf
  • 288
  • 2
  • 9
  • In this option, there still will be communication between devices connected to Router 1 and 2 ? Thanks – Pedro Amorim Feb 03 '20 at 09:22
  • The configuration I suggest will leave devices connected to either router on a single subnet, and so devices connected to one should be able to connect to devices connected on the other. Bear in mind, too, that buying a simple unmanaged GigE switch and using it instead of the second router may be an easier (and quite inexpensive) way to get additional Ethernet jacks. What this configuration is intended to do, after all, is to effectively convert the second router into a bridge/switch (same thing) by disabling or working around its routing capabilities. – ebsf Feb 05 '20 at 21:06