Posted: Sun Dec 15, 2019 17:39 Post subject: help connect netgear vpn r8000 behnd netgear stock r6700
Hi,
I'm running dd-wrt v3.0-r41379 std(10/24/19) using IpVanish V3 router setup on netgear R8000. I originally had this unit as my only router running everything through the VPN. The router ran good in this position and I had no issues with the setup. Others may have this problem where Amazon and Netflix won't let you connect thru a VPN. So I am attempting to place the R8000 in the 2nd position behind a netgear R6700 running its stock firmware. The R6700 is running fine and I can run any device thru it except the R8000. I can't find the proper settings to get this to happen. The r6700 can see the r8000 which I have statically set to 192.168.8.3. The r6700 is set to 8.2. All devices can get internet connection except the r8000. I have the r8000 operating mode set to router and all my wireless SSID's are present and I can connect to the r8000 wirelessly thru the SSID's. But it connects saying "No Internet, Secured" I have the R8000 WAN Port connected to the R6700 LAN port, and of course the R6700 WAN is connected to my provider, Spectrum. I have tried a number of variations of setup on the R8000 with no success. The R6700 shows good connection to the R8000 and allows me to select it and look at its properties but will not provide internet service. The R8000 OpenVPN log shows "Reconnecting_init" and doesn't ever show "Client Success" . That must be because the r8000 can't get to the internet but I can't figure out why.
Has anyone else struggled with this problem? I would welcome any assistance or pointers to help me thru this. I have not saved the R8000 logs to copy to this machine as I am connected thru the R6700. But I can copy and add them to my post if that would aide anyone in figuring out my problem. Thanks in advance...johnnyboyq
Try setting the R8000 to AP mode and plug into a LAN port on both the R6700 and R8000. Also, make sure you set your default gateway to 192.168.8.2 in your config on the R8000. This should allow your internet traffic to work as you are intending. If that does not work, then the easiest way would be to have separate subnets as @egc has posted above. _________________ ASUS RT-AC3100 AP Merlin 386.12_4
ASUS RT-AC68U Media Bridge/Merlin 386.12_4 (x2)
ASUS RT-AC68U AP r54604
ASUS RT-AC68U Gateway/AP r54604
Edgerouter-4, v2.0.9-hotfix7
Thank you to MysticGold04 and egc for taking the time to reply. I could not get either of your suggestions to work and I know that I must have some other setting in my setup wrong. Could you please be more detailed in what all my pertinent router settings should be? And also what the reboot sequence should be? Do I need to reboot both routers and the modem when I make a change? I always reboot the r8000 last. Here are my last settings for the routers.
R8000
Setup>AdvancedRouting
Operating Mode: Gateway
Dynamic Routing:Disable
Static Routing
>SetNumber:1(r8000-VPN)
>Detination LAN NET: 8.2
>subnet:255.255.255.0
>Gateway:8.2
>Interface: LAN & WLAN
Setup>BasicSetup
Connection Type:Static
WAN IP: 7.3
SubnetMask:255.255.255.0
Gateway:8.2
StaticDNS1,2,3:0.0.0.0
When I try to setup this subnet to 8.3 and the DHCP to server, I can't get the 7.3 ip addresses to remain at 7.X. I am forced to have the r8000 ip addresses at 8.X. Is there a way to have the subnets different but still have the DHCP issue a different set of IP's, ie 7.X? I was trying to have the r8000 issues ip's between 7.0 thru-75 and the r6700 between 7.100 thru 175.
So this is why I was trying to set up the subnet of the r8000 to 7.3 and the r6700 to 7.2.
I know I am probably stepping all over my setup because I don't totally understand all the intricacies. That is why I am asking that you humor my slowness and specify exactly what ALL the pertinent settings are for BOTH of the Routers. I understand that I should be using the LAN to LAN ether connection. Its just baffling to me that I thought this should be a simple move by changing the position of the VPN routher to the 2nd position. Everything SEEMS to be working, the SSID's and the connection is being made but I just keep getting the "No Internet", Secured connection when I connect to the SSID.
Again, thanks in advance for any assistance you can provide for me.
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Tue Dec 17, 2019 17:07 Post subject:
I see static routing, static gateway and more stuff which is really complicating things.
Two routers which are reset to default can be daisy chained (connected LAN<>WAN) with only one thing to which you have to pay attention to and that is the "Local IP address" on the Setup page.
DDWRT (and Netgear) defaults the Local IP address" to 192.168.1.1 and both routers cannot have the same Local IP address.
So on one of the routers change the Local IP address.
But and this is the important part, you have to change the third part of the address!
So change one router e.g. in 192.168.2.1
That is all that is needed.
Of course there are other possibilities with regard to linking routers like a Wireless Access Point (https://wiki.dd-wrt.com/wiki/index.php/Linking_Routers ), but as you want to run a VPN client on your secondary (downstream) router, daisy chaining is the easiest.
So my advice reset both routers and change one Local IP address and Bob is your uncle.
[SOLVED] Thank you egc for your on point and helpful suggestions. Yes, I was stomping on myself by not just making it simple as you suggested. A hard reset and paying attention to the subnet addresses did the trick for me. I now have both the routers connecting to the internet, but they are not able to talk between devices. I will search for the info on how to do this. Again I appreciate your help!
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Sat Dec 21, 2019 16:53 Post subject:
Search no longer see attachment
The other options is to setup your secondary router as a WAP, you then have one subnet but the use of a VPN client on a WAP is more complicated as your clients can only use the VPN if you set their default gateway to that WAP either manually or by using DNSMasq
Posted: Thu Jan 02, 2020 17:40 Post subject: Still having issues getting everything to work...
HI, I followed the "Multiple subnets" guide you provided and almost all works except for these issues:
1.I can get internet access on both routers but can't always talk to the routers from my pc using their lan addresses. I can get espn.com but not the router. I get the error "Can't reach this page." I can reach both Routers using my cell phone when connected to the different SSID.
2. I have a separate switch on each router lan connections. I thought that by connecting to the appropriate switch that I would connect to that routers subnet. I'm getting inconsistent results, either switch gives both subnets DHCP addresses at different times.
3.It seems like the router gives the proper DHCP results over the wireless but not the lan.
4.I'm using WPA2-PSK/WPA-PSK AND TKIP+CCMP(AES)as my security options. Could there be a problem there?
5.I didn't add the firewall rule on my pc. Can you shed some light on how to do that?
6.I also don't think I have a WINS server nor a NAS connected. What can I do to get around that?
7. I would like to set up a shared USB connection. Is that part of the SAMBA server setup?