[SOLVED] 2 networks, 2 ISPs, share NASs

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
B85S5DSG
DD-WRT Novice


Joined: 07 Jul 2022
Posts: 5

PostPosted: Thu Jul 07, 2022 15:07    Post subject: [SOLVED] 2 networks, 2 ISPs, share NASs Reply with quote
I'm trying to setup a bridge (not sure that is the correct term here) between 2 networks, each with its own ISP. I want each network to access the internet through its own ISP, but would like access from each network's LAN to the other one's LAN.

I'll refer to the attached image of the network topology to hopefully clear things up.

Network A with ISP A, NAS A, Router A (192.168.0.1) has a DD-WRT router attached via ethernet to Router A. The DD-WRT LAN IP is 192.168.0.254. It is also connected as a client (station these days) to Network B's router (192.168.1.1). The DD-WRT WAN IP is 192.168.1.254. So far so good.

On Router A, static routes are set to access 192.168.1.x via 192.168.0.254, and vice versa on Router B.

Here's the problem: I can access Network B from Network A, but not the other way around. I can ping the DD-WRT WAN from Network B, but that's it. No other connectivity from there. The firewall is disabled on the DD-WRT device. Where did I go wrong?

DD-WRT Device is an ASUS RT-AC3100 with firmware v3.0-r49418 (07/04/22).
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 9157

PostPosted: Thu Jul 07, 2022 16:19    Post subject: Reply with quote
Try adding the following to the dd-wrt router's firewall script.

Code:
iptables -I INPUT -j ACCEPT
iptables -I FORWARD -j ACCEPT

_________________
ddwrt-ovpn-split-basic.sh (UPDATED!) * ddwrt-ovpn-split-advanced.sh (UPDATED!) * ddwrt-ovpn-client-killswitch.sh * ddwrt-ovpn-client-watchdog.sh * ddwrt-ovpn-remote-access.sh * ddwrt-ovpn-client-backup.sh * ddwrt-mount-usb-drives.sh * ddwrt-blacklist-domains.sh * ddwrt-wol-port-forward.sh * ddwrt-dns-monitor.sh (NEW!)
B85S5DSG
DD-WRT Novice


Joined: 07 Jul 2022
Posts: 5

PostPosted: Thu Jul 07, 2022 17:35    Post subject: Reply with quote
Progress. I am able to connect from the B network to the DD-WRT router's WAN and get to its web page, but nothing beyond that. I guess I need to check the static routes of Router B.
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Fri Jul 08, 2022 4:13    Post subject: Reply with quote
Put static routes on both router A and B.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Fri Jul 08, 2022 5:45    Post subject: Reply with quote
A NAS (and other LAN clients) usually have their own firewall which does not allow traffic from other subnets.

So you have to tweak the firewall of the NAS on side A to allow traffic from the other subnet.

If that is a problem you can NAT traffic coming out of the DDWRT router on br0 so side A sees that as local traffic

Provide you have not been tampering with Operating mode, the traffic from A to B should already be NATted because that is a WAN interface

(It is early and I did not have my morning coffee so I could be talking rubbish)

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
B85S5DSG
DD-WRT Novice


Joined: 07 Jul 2022
Posts: 5

PostPosted: Fri Jul 08, 2022 15:08    Post subject: Reply with quote
Per Yngve Berg wrote:
Put static routes on both router A and B.


Yes, that was the plan. However, it turns out that my neighbor's router doesn't support static routes, therefore they have to be put on every device that is going to access the other network. All is working now.
B85S5DSG
DD-WRT Novice


Joined: 07 Jul 2022
Posts: 5

PostPosted: Fri Jul 08, 2022 15:09    Post subject: Reply with quote
egc wrote:
A NAS (and other LAN clients) usually have their own firewall which does not allow traffic from other subnets.

So you have to tweak the firewall of the NAS on side A to allow traffic from the other subnet.

If that is a problem you can NAT traffic coming out of the DDWRT router on br0 so side A sees that as local traffic

Provide you have not been tampering with Operating mode, the traffic from A to B should already be NATted because that is a WAN interface

(It is early and I did not have my morning coffee so I could be talking rubbish)


The firewalls on the NASs are properly configured. It was the lack of support for static routes on my neighbor's router that was still causing problems after allowing the WAN-LAN traffic with the DD-WRT IP tables.
B85S5DSG
DD-WRT Novice


Joined: 07 Jul 2022
Posts: 5

PostPosted: Fri Jul 08, 2022 15:12    Post subject: Reply with quote
eibgrad wrote:
Try adding the following to the dd-wrt router's firewall script.

Code:
iptables -I INPUT -j ACCEPT
iptables -I FORWARD -j ACCEPT


Thanks, this worked. The DD-WRT router wasn't allowing WAN->LAN traffic from the WAN side. And network B's router does not support static routes therefore they had to be configured per device.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum