Posted: Wed May 29, 2019 14:18 Post subject: ASUS 68U DD-WRT - behind router for LAN isolation
I can't figure out how to proceed.
I'm trying to connect my ASUS 68U/ DD-WRT behind my main router (not DD-WRT firmware)
I would like to have a another subnet and isolate the network from the main router.
I tried to setup the router, with different IP / subnet, DHCP enable, I can connect the the router while using manual IP settings on my MAC but I have no access to the internet and unable to ping the main router.
my main router need a VLAN + PPPoE to connect to the internet but I don't expect to have this settings required on my second router right?
PS, it's working fine when I'm on the same subnet, but the speed is limited to 700Mb/s instead of 1000Mb/s if I bypass the second router.
Daisy-chaining routers is incredibly easy. All you have to do is reset the secondary router to factory defaults, assign it a different IP network from the primary router, and connect its WAN to a LAN port on the primary router.
Most ppl get into trouble because they take extra steps, like disabling NAT on the secondary router by changing the Operating Mode to Router, instead of leaving it as Gateway (recommended).
Note that in most cases, this only provides one direction of isolation, The devices behind your Asus probably *will* be able to reach devices behind your other router (depending on if the service can traverse the Asus NAT).
So if you wanted to use the Asus to host an untrusted guest network, this setup isn't enough. You might be able to use your other router's settings to isolate the LAN port that the Asus is plugged into into its own VLAN that only has WAN access but isn't bridged to the other ports.