WRT1900AC want to use on a secondary subnet - help please

Post new topic   Reply to topic    DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Author Message
marklyn
DD-WRT Novice


Joined: 13 Oct 2016
Posts: 27

PostPosted: Thu Nov 17, 2022 16:45    Post subject: WRT1900AC want to use on a secondary subnet - help please Reply with quote
I have a WRT1900AC v2 laying around and just updated to DD-WRT v3.0-r44715 std (11/03/20).
I'd like to make this router a secondary subnet of 192.168.1.x for all of my IP cameras to keep their traffic off of my home network 192.168.0.x network.
Can someone give me some basic steps to accomplish this?
Also, will I able to manage a camera on the 192.168.1.x network from my 192.168.0.x network in order to make changes to the camera, view clips directly from the camera, etc?
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Thu Nov 17, 2022 17:00    Post subject: Reply with quote
Build 44715 is old and outdated.

Upgrading to a current build e.g. 50841 is highly recommended.

*After* upgrade reset to defaults, put settings in manually do not restore from a backup (to a different build)

See the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087

But it is certainly possible to use a router on its own subnet to shield your IoT devices from the main subnet.
Be aware that you can administer your IoT devices from the main subnet but there is no network discovery between subnets (exception is if mDNs is used, the router has mDNS reflector available) so you have to administer by IP address.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
marklyn
DD-WRT Novice


Joined: 13 Oct 2016
Posts: 27

PostPosted: Thu Nov 17, 2022 17:49    Post subject: Reply with quote
egc wrote:
Build 44715 is old and outdated.

Upgrading to a current build e.g. 50841 is highly recommended.

*After* upgrade reset to defaults, put settings in manually do not restore from a backup (to a different build)

See the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087

But it is certainly possible to use a router on its own subnet to shield your IoT devices from the main subnet.
Be aware that you can administer your IoT devices from the main subnet but there is no network discovery between subnets (exception is if mDNs is used, the router has mDNS reflector available) so you have to administer by IP address.


Ahh, I did use the router database but now know, after reading the wiki, I shouldn't. I did find the 50841 and flashed it, reset the modem.
Now, after some more research it appears I need to further investigate using the static IP routes on both routers as part of the setup for what I want to accomplish.
I would still welcome further advice on how get further down this path if anyone has additional suggestions or steps they'd be willing to share. Thanks.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Fri Nov 18, 2022 12:06    Post subject: Reply with quote
To link both routers see my attached notes.

You also have to isolate the IoT router from the main subnet with something like:
Code:
iptables -I FORWARD -d $(nvram get wan_ipaddr)/$(nvram get wan_netmask) -m state --state NEW -j REJECT
Make sure this rule is the last rule in your firewall rules so that it will be on top if you check (from CLI) with: iptables -vnL FORWARD

First test from command line and if it works Administration/Commands Save Firewall

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum