Reach network on the wan port

peterfarge · June 30, 2018, 5:42am

tl;dr
https://i.imgur.com/n9ABVUo.jpg

Hello Forum,

I have updated my two routers from Barrier Breaker to Lede 17.01.4 and now I want to restore my old functionality. In the cellar I have a plain cable router (192.168.0.1) from the internet provider. This router is closed for me, I only have very little settings available in the web interface. Several other IP devices are connected via cat5 cable to this router. They have addresses in the 192.168.0.0/24 network.

In the ground floor is my main Lede wlan router (192.168.1.1) with several computers in the 192.168.1.0/24 network. On the wan interface is a cable directed to the cellar router. Default route is set to the cellar router and the internet is reachable. My problem is that I cant reach the devices in the 0 network from the computers in the 1 network anymore. It worked before the update! If I do a traceroute on 192.168.0.55, I can see that the lede router sends the packets to the cellar router and from there to another router in the internet!? I thought private addresses won't be routed in the internet? But that's a problem of the internet provider. So how can I configure the lede router that I can reach the 0 network devices from the computers in the 1 network?

In my opinion I have to add a source nat entry in the luci->network->firewall menu:
"Any traffic" "From any host in lan" "To IP range 192.168.0.0/24 in wan" "Rewrite to source IP 192.168.0.2". Where 192.168.0.2 is the static IP on the lede router wan port. But it does not work! If I do a traceroute on 192.168.0.55, the first hop is the lede router and then 192.168.0.2 says "Destination host unreachable.".
Picture: https://i.imgur.com/Rk6ilYy.jpg

If I change the IP of my laptop from 192.168.1.123 to 192.168.0.123, then I can connected through the lede router to the devices in the cellar. But I want to have the networks separated.

Thanks a lot

Peter

mbo2o · June 30, 2018, 8:46am

From Luci goto Network=>Static Routes and add a route for the 192.168.0.0/24 network with the gateway set to 192.168.0.1

You may also have to setup a static route on your cable modem to route 192.168.1.0/24 to whatever the wan address of your lede router is.

If you haven't already a setup a static ip address for lede wan interface (preferable from the DHCP settings of the cable modem)

peterfarge · June 30, 2018, 9:12am

Edit: It worked, I made an error in the routing table of my laptop. I tried a local solution with a OpenWRT VM as a translator between the 0 and the 1 net. There were still routes for the 0 net through the VM.

Thank you

juppin · June 30, 2018, 11:13am

Are your really want double nat? Why not disabling dhcp on lede/openwrt router and plug the cable from the main router in a lan port of your secondary router?
If you run out of ports on your secondary router, you could also add the wan port to the lan...

peterfarge · June 30, 2018, 11:24am

You mean only one network where all devices are included. I have full control over my lede router, I can see the firewall rules, make log entries for specific events, etc.
The router from the internet provider consists only of a simple web interface, where I can only enable/disable a firewall, modem reset, frequency settings, etc.
I would like to stay with my solution