What's new

Placing a 2nd router behind main router to add wifi+openvpn.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

ceromus

Occasional Visitor
I recently purchased a wired only business router that does not have wifi or openvpn. I wanted to add both to the network so I disabled DHCP on the 2nd router and connected an ethernet cable from the main routers lan4 to the second router (an asus rt-n16 currently running tomato). Once I did that I successfully added wifi to the network.

I managed to also get the VPN working but to do that I ran another ethernet cable from the main routers lan3 port to the second routers WAN and setup a port forward on the main router to the asus WAN IP. Everything appears to be working fine but I don't know if this is really the proper way of doing this.

What do you guys think? Is this going to cause performance issues for me?
 
I recently purchased a wired only business router that does not have wifi or openvpn. I wanted to add both to the network so I disabled DHCP on the 2nd router and connected an ethernet cable from the main routers lan4 to the second router (an asus rt-n16 currently running tomato). Once I did that I successfully added wifi to the network.

I managed to also get the VPN working but to do that I ran another ethernet cable from the main routers lan3 port to the second routers WAN and setup a port forward on the main router to the asus WAN IP. Everything appears to be working fine but I don't know if this is really the proper way of doing this.

What do you guys think? Is this going to cause performance issues for me?

Over time I think that having both a WAN and a LAN connection to your N16 is going to cause problems. Any chance that when you were doing the first setup of the N16 you repurposed the WAN port as a LAN port? It is an option.

Also what type of VPN are you using? Are you running a VPN on your network so remote devices can connect securely to your LAN or are you using your N16 to provide an encrypted connection for you to connect all your local devices connected to your LAN by either WiFi or Ethernet to the Internet?

If you are doing the latter I would recommend that you use the following setup:

1. Turn the DHCP server on the N16 back on.

2. Assign the N16 a static WAN IP in the subnet of the primary router.

3. Set up the N16 in its own subnet. If the primary router is using 192.168.1 -254 you could set the N16 up as 192.168.2-254.

4. Connect a cable from a LAN port on your primary router to the WAN port on your N16. This will be a standard double NATed connection. Depending on what you want to do you may not need any port forwards, DMZ, etc.

With a double NATed setup it will be difficult without custom routing and scripts for devices connected on the primary router to share resources with devices connected to the N16 or vice versa. Also the N16 is not a high powered router so at best you should expect no more than 50% of what your download/ upload speeds are when connected to the primary router.
 
Sorry I wanted the openvpn on the asus just to connect a single device remotely to my network from outside of my network.

edit: no didnt repurpose lan port as a wan port
 
In a big networks this is done all the time. Everything is not run on one box at the front door of your network. I do this kind of stuff just so I can run a second firewall and have the wireless devices also run through the second firewall behind my router. It sure is nice to be able to work on your VPN and not take your internet down on the network while you are doing it. These kind of things can be done when it ia not all in one box.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top