0

I got a second modem to use with a second internet provider for my small business. To install that second modem on my network, I purchased a Dual Wan Router to take care of the load balancing.

Here is my setup (in yellow are my 2 new pieces of equipment):

Network Infrastructure

Previously, all was on subnet 3, no worries, but now it's 3 different subnets. DHCP is enabled on both Modems now, they provide an IP to the Router Wan ports, right? I want to know if this is correct, I am worried that the DHCP from both modems (subnet 1 and 2) will interfere with my DHCP server on subnet 3?

Thanks

Philippe
  • 155
  • 1
  • 7

2 Answers2

1

Your setup is not OK as both modems are enabled in routing mode, you need them in bridge mode to prevent a double NAT issue. Call your ISP to make them work in the correct mode.

It should be:

[Public IP 1] ---- [Dual WAN ROUTER] ---- [Public IP 2]

and below it should be 192.168.3.X for your LAN

Make sure the router got the public IP, as in your schema I see 192.168.1.1 and 192.168.2.1, it should be your public IP there, not NATTed IP.

The fact you double NAT block you on some routing issue.

How you do a port forward or a DMZ ? How you do a VPN Tunnel ? How your dual WAN router will detect a failed ISP link ? as both WAN uplink gateway, that are NATed from your router will still ping (192.168.1.1 & 192.168.2.1). etc..

yagmoth555
  • 16,300
  • 4
  • 26
  • 48
  • I do have a different public IP for both modems, but they are still accessible from my subnet 3 (for instance, on my computer 192.168.3.x I can connect to both modems on 192.168.1.1 and 192.168.2.1. I will update my image to reflect that. – Philippe Feb 20 '19 at 14:47
  • @Philippe I understand what you mean, but what **I** mean is that your public IP is managed by the ISP modem, that act as a router too at the moment, and your own router got a NATed IP. this is a wrong setup in a business. How you do a port forward or a DMZ ? you can't. You can't do a VPN tunnel too, etc.. so are limited, as how your dual wan router will detect a fail ? it can't as the gateway, 192.168.1.x or 192.168.2.x will always reply – yagmoth555 Feb 20 '19 at 15:05
  • To be clear, bridge mode consists in disabling the DHCP on both modems, and provide a static IP to Wan1 and Wan2 ? Then on both Wan settings, I change the Wan Connection Type from "Obtain IP automatically" to "Transaprent bridge". Ist that it? My ISP will not configure this for me... – Philippe Feb 20 '19 at 15:44
  • @Philippe You are right for your router, you put both WAN interface on DHCP inside your router. For the transparent bridge, yes, that part your ISP are the only one that can do it. Bridge mode just make the ISP modem forward all WAN traffic to the router in big – yagmoth555 Feb 20 '19 at 17:03
0

Each WAN interface on the router as well as the LAN interface are different Layer 2/3 networks. DHCP traffic, by default, will not cross those boundaries.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171