Posted: Fri Dec 04, 2020 10:32 Post subject: question about connecing 2 routers to create separate lans
Hi, I've connected to routers (router 1 lan --> router 2 wan) in order to create 2 separate networks.
My problem is that I can still ping from devices on lan2 to devices on lan1
my setup is:
router 1 : connected to the internet. ip 192.168.0.1, mask 255.255.255.0
router 2 : connected to router 1 via cable lan->wan
dhcp enabled. ip 192.168.1.1, dns & gateway: 192.168.0.1, mask 255.255.255.0
How can I prevent devices on router2 to see devices on router1?
I thought the default behavior was that each subnet is isolated :/
The router doesn't prevent access between subnets (networks) that are behind the same WAN. Not unless you enable Net Isolation on the network interface(s), or define your own firewall rules.
When it comes to anything over the WAN, it's fair game. The router doesn't know the difference between being the primary router and needing to access the internet over its WAN, vs. being daisy-chained behind the primary router and having similar upstream access. It's up to YOU to make that distinction and apply appropriate firewall rules.