Posted: Sun May 09, 2021 2:48 Post subject: Gateway and Router mode setup to create multiple networks
I have ISP modem connected to WAN port of Router 1 with IP address of 192.168.2.1. Routers A, B, C WAN ports are connected to LANs of Router 1. The IPs of these routers are 192.168.10.1, 192.168.11.1, 192.168.12. I'm trying to set this up so I can have 3 separate networks that can't see each other so I can experiment with 2 of them and not affect the third network and inconvenience the family. To avoid double NAT and other issues, should I set Router 1 to Gateway mode and the rest to Router mode in advanced setup or vice versa. Or am I off course and should be doing something different altogether? Thank you for taking a look at this.
IMO, the concern over being double NAT'd is usually overrated. In some specific cases, it can be a problem, mostly involving the need for NAT traversal (e.g., VOIP).
Router mode does disable NAT, but it also disables connection tracking. And that can cause other problems, esp. given the router is typically used as an applications platform, and NOT just as a pure router. It also assumes you can add static routes to the primary router to establish the routing back to the local network behind the secondary router. Many ISP provided devices do NOT offer that option.
I do have VOIP, Plex does not like the double NAT and some of my Echo and smart home devices are not working either. Why some of them and why they were working fine for several days, I don't know. So if I'm understanding correctly, I should put Router 1 in Router mode and routers A-C in Gateway while setting static routes on Router 1 to routers A-C?
Router A (Buffalo WZR-600DHP 22084 Idexx v1.0 (02/13/14))
Basic Setup > WAN Connection Type
Connection Type: Static IP
WAN IP Address 192.168.1.111
Subnet Mask: 255.255.255.0
Gateway: 192.168.1.1
Static DNS 1-3 are all blank.
Setting the default gateway on client on Router 1 to 192.168.1.111 could not ping client on Router A and now client on Router 1 could no longer connect to the internet.
The following firewall command is on both routers.
iptables -I FORWARD -s 192.168.1.0/24 -j ACCEPT
If i got you correctly...you want 3 separate networks...behind your router 1 ???
Your best bet is...if your router allows it,do a x3 separate Vlans...related to the router 1 LAN ports and than, all those routers will be on a different Vlan, either with net isolation or not, depends what do you need them for....
You may need to update to a newer build, as this build you have is old...sadly there is a lots of WIP on the newer builds especially Brodacom Vlans and ect. _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913