Enabling routing between two subnets on two Gargoyle routers

lucianor · Post by **lucianor** » Wed Dec 21, 2016 2:28 pm

Hello

I've followed instructions on https://www.gargoyle-router.com/wiki/do ... nt_ap_mode on how to create a client for an existing router, however, I need help on setting up my LAN access between the two routers.

Page says very clearly:

It is very important that your gargoyle router has a different subnet address from the DSL router (see diagram - fig 1)

And so I did, I setup the two routers on two different subnets. However, I did not put on Client+AP mode on the second routers, as I only will connect it to a desktop client (that does not have wireless network card). But I want that desktop client to be accessible from the main router subnet.

My configuration is below:

Router 1 - Gargoyle 1.8.1 - TP-Link TL-WDR4300 v1
No ethernet cable is connected to any LAN port, just my cable modem on the WAN port
WAN - Connected to my cable modem
WAN IP Address:100.68.6.redacted
WAN Netmask:255.255.192.0
LAN
LAN IP Address:192.168.1.1
LAN Netmask:255.255.255.0
Wireless
Wireless Mode:Access Point (AP)
2.4 GHz Access Point SSID:Vorlon
route

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         100.68.0.1      0.0.0.0         UG    0      0        0 eth0.2
100.68.0.0      *               255.255.192.0   U     0      0        0 eth0.2
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan

ifconfig

Code: Select all

br-lan    Link encap:Ethernet  HWaddr redacted (same as eth0)
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:999370 errors:0 dropped:3674 overruns:0 frame:0
          TX packets:1174377 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:393227271 (375.0 MiB)  TX bytes:899848416 (858.1 MiB)

eth0      Link encap:Ethernet  HWaddr redacted
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1208029 errors:0 dropped:1 overruns:0 frame:0
          TX packets:999079 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:898678289 (857.0 MiB)  TX bytes:411364828 (392.3 MiB)
          Interrupt:4

eth0.1    Link encap:Ethernet  HWaddr redacted (same as eth0)
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7334 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:1316724 (1.2 MiB)

eth0.2    Link encap:Ethernet  HWaddr redacted (same as eth0)
          inet addr:100.68.6.139  Bcast:100.68.63.255  Mask:255.255.192.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1208024 errors:0 dropped:18084 overruns:0 frame:0
          TX packets:991746 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:876933264 (836.3 MiB)  TX bytes:406051842 (387.2 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:20 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1540 (1.5 KiB)  TX bytes:1540 (1.5 KiB)

wlan0     Link encap:Ethernet  HWaddr redacted
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1000026 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1164657 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:407260613 (388.3 MiB)  TX bytes:915334997 (872.9 MiB)

wlan1     Link encap:Ethernet  HWaddr redacted (same as eth0)
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7331 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1448492 (1.3 MiB)

Router 2 - Gargoyle 1.9.1 - TP-Link TL-MR3420 v1
Only one LAN port is connected to my desktop computer
WAN - Connected to router 1
WAN IP Address:192.168.1.5 - Reserved DHCP IP Address on Router 1
WAN Netmask:255.255.255.0
LAN
LAN IP Address:192.168.2.1
LAN Netmask:255.255.255.0
Wireless
Wireless Mode:Client
SSID Joined By Client:Vorlon
route

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.1.1     0.0.0.0         UG    0      0        0 br-wan
192.168.1.0     *               255.255.255.0   U     0      0        0 br-wan
192.168.1.1     *               255.255.255.255 UH    0      0        0 br-wan
192.168.2.0     *               255.255.255.0   U     0      0        0 br-lan

ifconfig

Code: Select all

br-lan    Link encap:Ethernet  HWaddr redacted (same as eth0)
          inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:976379 errors:0 dropped:3711 overruns:0 frame:0
          TX packets:909115 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:449039710 (428.2 MiB)  TX bytes:466703183 (445.0 MiB)

br-wan    Link encap:Ethernet  HWaddr redacted (same as wlan0)
          inet addr:192.168.1.5  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:914763 errors:0 dropped:3964 overruns:0 frame:0
          TX packets:966923 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:454563751 (433.5 MiB)  TX bytes:459785193 (438.4 MiB)

eth0      Link encap:Ethernet  HWaddr redacted
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:981191 errors:0 dropped:89 overruns:0 frame:0
          TX packets:909439 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:463953830 (442.4 MiB)  TX bytes:466718087 (445.0 MiB)
          Interrupt:5

eth1      Link encap:Ethernet  HWaddr redacted
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:44 errors:0 dropped:0 overruns:0 frame:0
          TX packets:44 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3342 (3.2 KiB)  TX bytes:3342 (3.2 KiB)

wlan0     Link encap:Ethernet  HWaddr redacted
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:915769 errors:0 dropped:0 overruns:0 frame:0
          TX packets:966990 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:467522620 (445.8 MiB)  TX bytes:486867945 (464.3 MiB)

Problem statement
Any computer connected to Router 2 (192.168.2.0/24) can ping any computer on Router 1 (192.168.1.0/24). However, any computer connected to Router 1 cannot access any of the computers connected on Router 2.
I've tried adding a route for 192.168.2.0/24 with a gateway of 192.168.1.5 (Router 2 client IP), but that only allowed me to access 192.168.2.1 - I could not connect to the RDP clients on 192.168.2.10 for example. So I don't know what else I can do. I want to be able to connect on 192.168.1.0/24 network and contact any computer on 192.168.2.0/24 subnet.

How can I make that happen?

Post by **Lantis** » Wed Dec 21, 2016 5:13 pm

I'm hopeless with static routes, but have you got forwarding set to accept in the firewall config?

lucianor · Post by **lucianor** » Wed Dec 28, 2016 10:00 am

Lantis wrote:I'm hopeless with static routes, but have you got forwarding set to accept in the firewall config?

How so? That would allow any connection from WLAN to reach LAN?

ericwong · Post by **ericwong** » Sat Dec 31, 2016 6:44 pm

lucianor wrote: Problem statement
Any computer connected to Router 2 (192.168.2.0/24) can ping any computer on Router 1 (192.168.1.0/24). However, any computer connected to Router 1 cannot access any of the computers connected on Router 2.

You should not try to get around it. This is meant to happen by design. You are trying to access devices on Router 2 via its WAN. By default, all WAN connections are blocked unless you specifically allow it via firewall. If you do get around it, that means ANYONE on the internet can possibly access your devices on your Gargoyle router in the same way you do.

Unless you are merely using the Gargoyle router as dumb AP, then you should disable its DHCP and you won't run into such problem because you will not have two subnet then.

lucianor · Post by **lucianor** » Wed Jan 10, 2018 5:41 pm

I solved this by using the wireless bridge/repeater mode.
That way, the main router is providing with the DHCP addresses, so there is no subnet problem.

I did connect the routers on wired mode now, but will create a separate thread for it.

Gargoyle Forum

Enabling routing between two subnets on two Gargoyle routers

Enabling routing between two subnets on two Gargoyle routers

Re: Enabling routing between two subnets on two Gargoyle rou

Re: Enabling routing between two subnets on two Gargoyle rou

Re: Enabling routing between two subnets on two Gargoyle routers

Re: Enabling routing between two subnets on two Gargoyle routers