Router cascade w/o double NAT

Report wireless and/or network connectivity problems in this forum.

Moderator: Moderators

Post Reply
Posts: 6
Joined: Fri May 06, 2022 2:46 am

Router cascade w/o double NAT

Post by cmonty14 »

based on this tutorial I started a setup of router cascade w/o double NAT.

This means primary router is setup with disabled NAT and additional routing rules.
The visualization would look like this:
clients ↔ Gargoyle router (no NAT) ↔ routing rules ↔ ISP router with NAT ↔ Internet

Actually the clients are represented in a LAN subnet ( and DMZ subnet (

This works as expected.

Now I want to connect a secondary router to a free NIC of the primary router. This secondary router provides multiple subnets, e.g. Office, Guest, IoT.
The secondary router's LAN subnet is identical to primary router's LAN:
This subnet is only for router access (SSH and HTTPS).

As a result the following IPs are assigned:
primary router:

secondary router:
Office: (VLAN)
Guest: (VLAN)

The current issue is:
No internet access from secondary router, means I cannot upgrade software packages.
DNS on secondary router works, though.

I assume the issue is related to the configuration of the primary router.
eth1 is not assigned to a firewall zone, this means there are now firewall rules etc. related to this NIC and subnet
But I don't understand how network traffic on this subnet would be routed to WAN interface of primary router.

Can you please advise how to troubleshoot this issue?

Posts: 5018
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Router cascade w/o double NAT

Post by ispyisail »

It appears that your configuring via command line?

Question: If this is the case why not use openwrt instead of Gargoyle?

Gargoyle is all about the GUI

Posts: 6351
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Router cascade w/o double NAT

Post by Lantis »

This setup sounds incredibly convoluted and I’m not sure what the end goal is.
Maybe a picture would help?

Either way, you’re way out of my expertise and I expect most other people on the forum. You might have more luck in the openwrt forum as the question is purely a routing one. for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

Post Reply