Gargoyle Forum

A forum to discuss the Gargoyle web interface for Openwrt
https://www.gargoyle-router.com/phpbb/

Hosts unreachable on ping between LAN and WAN

https://www.gargoyle-router.com/phpbb/viewtopic.php?t=11057

Page 1 of 1

Hosts unreachable on ping between LAN and WAN

Posted: Sat Jun 03, 2017 4:04 pm
by Aragorn_Strider
Hi everybody,

I want to communicate between two equipments, the first one on LAN side of the Gargoyle router and the other one on the WAN side.

My configuration :

Code: Select all

Gargoyle router :
   LAN IP Address : 192.168.0.1
   LAN Netmask    : 255.255.255.0
   
   DHCP : no (static IP)
   WAN IP Address : 192.168.1.2
   WAN Netmask    : 255.255.255.0
   WAN Gateway IP : 192.168.1.1
   
   Drop ping from WAN side : not checked

   Active routes :
   default						eth0.2 (WAN)	192.168.1.1		0
   192.168.0.0/255.255.255.0	br-lan (LAN)	*				0
   192.168.1.0/255.255.255.0	eth0.2 (WAN)	*				0

Code: Select all

Host on LAN side (PC_0) :
   DHCP       : yes
   IP Address : 192.168.0.100
   Netmask    : 255.255.255.0
   Gateway IP : 192.168.0.1

Code: Select all

Host on WAN side (PC_1) : 
   DHCP       : no (static IP)
   IP Address : 192.168.1.120
   Netmask    : 255.255.255.0
   Gateway IP : 192.168.1.2
When PC_0 and PC_1 are both connected on the LAN side :
- ping is working from PC_0 to PC_1
- ping is working from PC_1 to PC_0

When PC_0 is on LAN side and PC_1 is on WAN side :
- ping is working from PC_0 to router LAN side (192.168.0.1)
- ping is working from PC_0 to router WAN side (192.168.1.2)

- ping is working from PC_1 to router WAN side (192.168.1.2)
- ping is working from PC_1 to router LAN side (192.168.0.1)

- ping is not working from PC_0 to PC_1 or vice-versa.

On PC_0, the answer is : Request timed out

On PC_1, the answer is : Destination unreachable (port unreachable)

Where is the problem ?

Thanks for your help,
Frederic

Re: Hosts unreachable on ping between LAN and WAN

Posted: Sat Jun 03, 2017 4:15 pm
by ispyisail
You haven't said why?

I think what you have described are the expected results.

possible solutions

* OpenVPN
* Static route (haven't tried this myself)
* Adjust your physical network

Re: Hosts unreachable on ping between LAN and WAN

Posted: Sat Jun 03, 2017 4:35 pm
by Aragorn_Strider
In fact it's not working and the results are the tests realized.

I wanted to know if there is a wrong configuration in the router which explained why it's not working.

Because accordind my knowledges, I can't see where is the problem...

I can try a static route on both side.

Frederic

Re: Hosts unreachable on ping between LAN and WAN

Posted: Sat Jun 03, 2017 4:48 pm
by ispyisail
I wanted to know if there is a wrong configuration in the router which explained why it's not working.
WAN to LAN = Firewall

Firewalls are typically are one direction

Information "in" is Blocked
Information "out" is allowed

Re: Hosts unreachable on ping between LAN and WAN

Posted: Sat Jun 03, 2017 5:23 pm
by Aragorn_Strider
OK, for WAN to LAN side, the reason should be in the Gargoyle Firewall parameters that the ping command is blocked ?

But on the Connection/Basic web page of Gargoyle, the checkbox 'Drop Ping From WAN Side' is not checked, so I thought the ping will pass through the router...

Anyway, it not explains why the ping is not working from LAN to WAN ?
The ADSL modem (box) on WAN side, IP address 192.168.1.1 is reachable from LAN side, but not the host 192.168.1.130 on WAN side.
And I don't understand why...

Re: Hosts unreachable on ping between LAN and WAN

Posted: Sat Jun 03, 2017 6:10 pm
by ispyisail
But on the Connection/Basic web page of Gargoyle, the checkbox 'Drop Ping From WAN Side' is not checked, so I thought the ping will pass through the router...
Tick box is only for the "router" to my understanding
Anyway, it not explains why the ping is not working from LAN to WAN ?
The ADSL modem (box) on WAN side, IP address 192.168.1.1 is reachable from LAN side, but not the host 192.168.1.130 on WAN side.
And I don't understand why...
correct

I wonder if you have a subnet problem

ADSL = 192.168.1.x

Gargoyle = 192.168.?.x (must not be 192.168.1.x)

Re: Hosts unreachable on ping between LAN and WAN

Posted: Sat Jun 03, 2017 9:40 pm
by Aragorn_Strider
The architecture is :

Code: Select all

Internet
	|							LAN
[ip-wan   /  ADSL  /  192.168.1.1]
	WAN							|
									+--- PC_1
	LAN							|
[192.168.0.1/Gargoyle/192.168.1.2]
	|							WAN
	+--- PC_0
	|
other equipments on 192.168.0.x subnet
As I read on the web, with SOHO routers intended to internet access, it's impossible in fact to communicate between the local networks on different subnets (for example x.x.0.0 and x.x.1.0), because on WAN side the firewall blocks the input requests (NAT mode of routing).

On professionals routers (like this one) you can configure the both side of the router to communicate with each other (classical routing mode), like on this picture :
http://www.unadulteratednerdery.com/wp- ... outing.png

Perhaps it's possible to do something by adding static routes or NAT rules to Gargoyle router.
I will try it in the next days...

Good night !
Frederic

Re: Hosts unreachable on ping between LAN and WAN

Posted: Sun Jun 04, 2017 1:33 am
by ispyisail
I don't think you have it quite right

My set up

Code: Select all

Internet
	|							LAN
[ip-wan   /  ADSL  /  192.168.88.1]
	WAN							|
									+--- PC_1
	LAN							|
[192.168.10.1/Gargoyle/192.168.88.123]
	|							WAN
	+--- PC_0
	|
other equipments on 192.168.10.x subnet
From PC_0

Image
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited