Separating two networks

1

I have two routers, R1 and R2.

  • R1 (a stock linksys router running dd-wrt) is connected to internet and is serving internet to a network of 5 devices/PCs running a DHCP server, with a network of 192.168.1.0/24. R1 also serves internet services to R2.

  • R2 (a ubuntu server 12.04) gets internet from R1. R2 has 3 PCs attached to it, runs a DHCP server with a network of 172.22.22.0/24.

My requirement is that the clients on both sides should not talk to each other at all – with the exception that R1 clients may access the R2 router through its IP of 192.168.1.x.

At the moment, R2 clients are able to ping R1 clients, which is unacceptable, whereas R1 clients cannot ping R2 clients, which is OK.

I believe iptables could be set up but I don't know how.

Farhan Ali

Posted 2012-09-23T08:57:51.917

Reputation: 13

Answers

1

This should work:

Router R1

iptables -t filter -A FORWARD -s 192.168.1.0/24 -d 172.2.22.0/24 -j DROP

Router R2

iptables -t filter -A FORWARD -d 192.168.1.0/24 -j DROP

For reference, see the iptables flowchart.

artistoex

Posted 2012-09-23T08:57:51.917

Reputation: 3 353

thanks... i am away from my network now... i will try it once i get there. but i understand the logic behind this and this looks promising. thanks once again. – Farhan Ali – 2012-09-23T09:46:59.740

You're welcome. If you like this answer you may also give it an upvote. – artistoex – 2012-09-23T21:53:56.603

Asked: 2012-09-23T08:57:51.917

Viewed: 162 times

Active: 2012-09-23T09:22:11.047