Do I need static route?

Hello,
I recently got a second router - NanoPi R2S with OpenWrt 19.07.1 and now my network looks something like this:
ISP---->Huawei optical router(provided from ISP, no access to it)---->NanoPi R2S(no wifi)---->PC
The two routers are not bridged. I use the Huawei router for WIFI but I can't ping my PC from the devices on the WIFI network. I can ping them from my PC though. So, I thought it was a firewall issue and tried different combinations but none of them worked. Do I need to setup a static route on the Huawei router?

Either set up a static route on Huawei, or put Huawei into a bridge mode, turn off it's wifi, and add an access point to your OpenWrt network (more secure, generally better)

2 Likes

What role does the NanoPi plays?

2 Likes

firewall, adblock and mostly educational

The most secure way to do this is to treat the ISP modem/router as part of the Internet, meaning that it is untrustworthy. Turn off its wifi and don't have any wired connections to it other than the WAN port of your router. Place all of your endpoint devices on your side of your router.

2 Likes

I guess you are running a double-NAT setup, then. In that case, the answer is yes, you need to add a route on the main router to the network behind the NanoPi, using it as a gateway.

1 Like

On the Nano, they will have to turn off nat but keep routing on, as well as adding the route to the Huawei. But the best solution is as @mk24 says.

Thank you all for the great suggestions I didn't expect so many answers!!! I asked my ISP to add a static route(they didn't know what that was????) for my NanoPi network but that didn't solve the issue. My devices on the WIFI network are still not able to ping my PC(with firewall rule on the NanoPi to accept). The problem with the NanoPi is that it has only 1 LAN. Maybe I should add a switch and AP after that as you guys suggested but I can't afford that at the moment. :frowning: Any other suggestions on how I can fix/debug this problem?

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.