two routers DMZ and private networks help
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: two routers DMZ and private networks help
two routers DMZ and private networks help
03-10-2013 12:57 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I have two Thomson TG585v8s, set up per the attached pic (phone to router 1, cat5 from router 1 to router 2, router 2 to switch). Goal is to have guests use the wireless from router 1, and have my private wired network securely behind router 2. Problem is, I can't get internet to the network served by router 2. Router config screen shots attached.
Any ideas how to get this setup working very much appreciated.
Re: two routers DMZ and private networks help
03-10-2013 6:50 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
ip rtadd dst x.x.x.x dstmsk x.x.x.x gateway x.x.x.x metric 0
Re: two routers DMZ and private networks help
03-10-2013 8:01 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The routing advice above is only relevant if you want to access resources on the 'public' LAN from your 'private' one.
Re: two routers DMZ and private networks help
03-10-2013 8:55 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
Re: two routers DMZ and private networks help
03-10-2013 7:23 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I am unsure of my options!
Can I just add routing instructions?
Do I need a different or flashed router than the Thomson tg585 v8 ?
To clarify my aims, I would like a DMZ for guests to easily connect to wifi, and possibly also my music player, and for me to RDP to some files. I would like my private network to reside behind the second router's firewall and be invisible from the DMZ. At the same time, I would like to be able to reach out from the private lan in to the DMZ, and of course access the Internet.
Many thanks again.
Re: two routers DMZ and private networks help
03-10-2013 8:35 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
Re: two routers DMZ and private networks help
03-10-2013 9:16 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
http://community.plus.net/forum/?topic=117397.msg1016124
Not entirely sure what you mean by 'RDP to some files' but you would be best served by a router with a Guest SSID. As I said earlier, the second router you have is not suitable for this application and needs to be replaced with a 'cable router' rather than an 'ADSL router'.
Re: two routers DMZ and private networks help
04-10-2013 10:19 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It seems that an ADSL router is not the same thing as a cable router, and rarely shall the twain meet. Although Paulmh5's initial suggestion is still interesting to me...
Many thanks
Re: two routers DMZ and private networks help
04-10-2013 10:39 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: LFNfan Although Paulmh5's initial suggestion is still interesting to me...
Feel free to try it, it wont cost you anything
Re: two routers DMZ and private networks help
04-10-2013 11:09 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
should I add static routing to both boxes or only the 'private' one? could you give me a bit more detail on the 'x.x.x.x's in telnet commands.
will the static routing bypass the firewall in the 'private' box? In which case I will loose the benefit I'm looking for.
cheers
Re: two routers DMZ and private networks help
05-10-2013 4:43 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: LFNfan should I add static routing to both boxes or only the 'private' one? could you give me a bit more detail on the 'x.x.x.x's in telnet commands.
will the static routing bypass the firewall in the 'private' box? In which case I will loose the benefit I'm looking for.
I can't promise this will work but I am doing something loosely similar with a Thompson at home.
Yes you will need static routes on both boxes I suspect.
Its difficult for me to give you exact IPs without knowing the ones you have picked for your routers and LAN subnets.
No, static routes don't bypass firewalls it just helps the box move traffic in the right direction
On your internet facing router you will need something like this:
ip rtadd dst 192.168.1.0 dstmsk 255.255.255.0 gateway 172.16.0.254 metric 0
On your 'private' router you will need something like:
ip rtadd dst 0.0.0.0 dstmsk 0.0.0.0 gateway 172.16.0.1 metric 0
I suspect the problem you will have is that the second box (192) wont be able to route between two different networks on its 4 switch ports (as its a switch not a router across those 4). You may be able to do something with the wireless and different DHCP pools but I've not really explored the CLI that deeply on them. There are a lot of CLI help guides out there for Thompsons which may assist.
Re: two routers DMZ and private networks help
05-10-2013 6:12 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Set up router 1:
- with (gateway/interface) address 192.168.x.y and netmask 255.255.255.0 *
- with (gateway/interface) address 10.a.b.c and netmask 255.255.255.0 *
- dhcp pool 1 with a range in subnet 192.168.x.0 , netmask 255.255.255.0 and gateway 192.168.x.y
- dhcp pool 2 with a range in subnet 10.a.b..0 , netmask 255.255.255.0 and gateway 10.a.b.c; with static addresses for the complete pool (use dummy MAC addresses for "spare" entries)
- wireless MAC filtering denying pool 2 wireless device MAC addresses **
Set up router 2:
- with an address 192.168.z.y and netmask 255.255.255.0 ***
- with an address 10.a.b.d and netmask 255.255.255.0 ****
- disable dhcp
- wireless MAC filtering allowing pool 2 wireless device MAC addresses
This effectively turns router 2 into a 4 port wireless access point
* the 585 has 192.168.1.254 and 10.0.0.138 as defaults - most (semi-knowledgeable users) would expect 192.168 series addresses to be issued
** you can turn off filtering for test/setup purposes
*** this prevents access from pool 1 devices
**** use this address for router 2 configuration
Using a TP-Link Archer VR600 modem-router.
Re: two routers DMZ and private networks help
07-10-2013 10:48 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Given my limited technical abilities, I think I will abandon the adsl and adsl setup, and go for an adsl and cable router solution. If anyone is able to confirm I am on the right track with the cable router I linked to in post 7 above, that'd be great.
Re: two routers DMZ and private networks help
08-10-2013 8:23 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Using a TP-Link Archer VR600 modem-router.
Re: two routers DMZ and private networks help
08-10-2013 5:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: LFNfan
Given my limited technical abilities, I think I will abandon the adsl and adsl setup, and go for an adsl and cable router solution.
If you are going to buy a new router you could get a modem/router with "Guest Access" e.g. Netgear DGN1000.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: two routers DMZ and private networks help