Hosts unreachable on ping between LAN and WAN

Report wireless and/or network connectivity problems in this forum.

Moderator: Moderators

Post Reply
Aragorn_Strider
Posts: 16
Joined: Fri Mar 18, 2016 5:47 pm
Location: south of Paris area, France

Hosts unreachable on ping between LAN and WAN

Post by Aragorn_Strider »

Hi everybody,

I want to communicate between two equipments, the first one on LAN side of the Gargoyle router and the other one on the WAN side.

My configuration :

Code: Select all

Gargoyle router :
   LAN IP Address : 192.168.0.1
   LAN Netmask    : 255.255.255.0
   
   DHCP : no (static IP)
   WAN IP Address : 192.168.1.2
   WAN Netmask    : 255.255.255.0
   WAN Gateway IP : 192.168.1.1
   
   Drop ping from WAN side : not checked

   Active routes :
   default						eth0.2 (WAN)	192.168.1.1		0
   192.168.0.0/255.255.255.0	br-lan (LAN)	*				0
   192.168.1.0/255.255.255.0	eth0.2 (WAN)	*				0

Code: Select all

Host on LAN side (PC_0) :
   DHCP       : yes
   IP Address : 192.168.0.100
   Netmask    : 255.255.255.0
   Gateway IP : 192.168.0.1

Code: Select all

Host on WAN side (PC_1) : 
   DHCP       : no (static IP)
   IP Address : 192.168.1.120
   Netmask    : 255.255.255.0
   Gateway IP : 192.168.1.2
When PC_0 and PC_1 are both connected on the LAN side :
- ping is working from PC_0 to PC_1
- ping is working from PC_1 to PC_0

When PC_0 is on LAN side and PC_1 is on WAN side :
- ping is working from PC_0 to router LAN side (192.168.0.1)
- ping is working from PC_0 to router WAN side (192.168.1.2)

- ping is working from PC_1 to router WAN side (192.168.1.2)
- ping is working from PC_1 to router LAN side (192.168.0.1)

- ping is not working from PC_0 to PC_1 or vice-versa.

On PC_0, the answer is : Request timed out

On PC_1, the answer is : Destination unreachable (port unreachable)

Where is the problem ?

Thanks for your help,
Frederic
Last edited by Aragorn_Strider on Sat Jun 03, 2017 9:44 pm, edited 2 times in total.
Netgear WNDR4300v1 with Gargoyle v1.9.2 (formerly 1.8.1)

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Hosts unreachable on ping between LAN and WAN

Post by ispyisail »

You haven't said why?

I think what you have described are the expected results.

possible solutions

* OpenVPN
* Static route (haven't tried this myself)
* Adjust your physical network

Aragorn_Strider
Posts: 16
Joined: Fri Mar 18, 2016 5:47 pm
Location: south of Paris area, France

Re: Hosts unreachable on ping between LAN and WAN

Post by Aragorn_Strider »

In fact it's not working and the results are the tests realized.

I wanted to know if there is a wrong configuration in the router which explained why it's not working.

Because accordind my knowledges, I can't see where is the problem...

I can try a static route on both side.

Frederic
Netgear WNDR4300v1 with Gargoyle v1.9.2 (formerly 1.8.1)

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Hosts unreachable on ping between LAN and WAN

Post by ispyisail »

I wanted to know if there is a wrong configuration in the router which explained why it's not working.
WAN to LAN = Firewall

Firewalls are typically are one direction

Information "in" is Blocked
Information "out" is allowed

Aragorn_Strider
Posts: 16
Joined: Fri Mar 18, 2016 5:47 pm
Location: south of Paris area, France

Re: Hosts unreachable on ping between LAN and WAN

Post by Aragorn_Strider »

OK, for WAN to LAN side, the reason should be in the Gargoyle Firewall parameters that the ping command is blocked ?

But on the Connection/Basic web page of Gargoyle, the checkbox 'Drop Ping From WAN Side' is not checked, so I thought the ping will pass through the router...

Anyway, it not explains why the ping is not working from LAN to WAN ?
The ADSL modem (box) on WAN side, IP address 192.168.1.1 is reachable from LAN side, but not the host 192.168.1.130 on WAN side.
And I don't understand why...
Netgear WNDR4300v1 with Gargoyle v1.9.2 (formerly 1.8.1)

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Hosts unreachable on ping between LAN and WAN

Post by ispyisail »

But on the Connection/Basic web page of Gargoyle, the checkbox 'Drop Ping From WAN Side' is not checked, so I thought the ping will pass through the router...
Tick box is only for the "router" to my understanding
Anyway, it not explains why the ping is not working from LAN to WAN ?
The ADSL modem (box) on WAN side, IP address 192.168.1.1 is reachable from LAN side, but not the host 192.168.1.130 on WAN side.
And I don't understand why...
correct

I wonder if you have a subnet problem

ADSL = 192.168.1.x

Gargoyle = 192.168.?.x (must not be 192.168.1.x)

Aragorn_Strider
Posts: 16
Joined: Fri Mar 18, 2016 5:47 pm
Location: south of Paris area, France

Re: Hosts unreachable on ping between LAN and WAN

Post by Aragorn_Strider »

The architecture is :

Code: Select all

Internet
	|							LAN
[ip-wan   /  ADSL  /  192.168.1.1]
	WAN							|
									+--- PC_1
	LAN							|
[192.168.0.1/Gargoyle/192.168.1.2]
	|							WAN
	+--- PC_0
	|
other equipments on 192.168.0.x subnet
As I read on the web, with SOHO routers intended to internet access, it's impossible in fact to communicate between the local networks on different subnets (for example x.x.0.0 and x.x.1.0), because on WAN side the firewall blocks the input requests (NAT mode of routing).

On professionals routers (like this one) you can configure the both side of the router to communicate with each other (classical routing mode), like on this picture :
http://www.unadulteratednerdery.com/wp- ... outing.png

Perhaps it's possible to do something by adding static routes or NAT rules to Gargoyle router.
I will try it in the next days...

Good night !
Frederic
Netgear WNDR4300v1 with Gargoyle v1.9.2 (formerly 1.8.1)

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Hosts unreachable on ping between LAN and WAN

Post by ispyisail »

I don't think you have it quite right

My set up

Code: Select all

Internet
	|							LAN
[ip-wan   /  ADSL  /  192.168.88.1]
	WAN							|
									+--- PC_1
	LAN							|
[192.168.10.1/Gargoyle/192.168.88.123]
	|							WAN
	+--- PC_0
	|
other equipments on 192.168.10.x subnet
From PC_0

Image

Post Reply