What's new

Comms between different networks help

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Borolo

New Around Here
Hi, I.ve read many threads on how to achieve this and had partial success. Please guide me in the correct direction. Many thanks in advance.

I have a Router/Modem/IPTV thing that my ISP installed me, which has the internet connection. It has a network of 192.168.1.0. This will be router 1 and Network 1 to simplify things. IP address 192.168.1.1

Attached to it is an Asus Router RT-AC3200 running Merlin 384.13_4 firmware its WAN input and LAN output of the "modem". It has a Wan Address of 192.168.1.2 in the Network 1. For the network2 it has an IP address of 192.168.2.1.
as2-jpg.21773


I have it setup as a Router because:
- Bridge mode is not available in router one, blocked by ISP.
- It has a physical location different from router 1
- I don't want to use it as AP because I have many settings that I use.

So, the problem is that I have a Home Assistant server running on a Pi3modelB+ in network2 with address 192.168.2.55. It has SSH and mqtt server. All IOT components live inside this network without issue. However, I have to connect more devices to network1. I can, of course, ping all devices in network1 from Network2 but my devices connected in Network1 can't see the HASSio server in network2.

I have done the following:
1. I have DMZ in router 1 the lan address of router2: 192.168.1.2

1. created a static route in Router1 as destination 192.168.2.0 - gateway 192.168.1.2 - subnet mask255.255.255.0 - metric 1

2. I DMz in router two to test 192.168.2.55. I can get a laptop in network2 to ping it but nothing else connects not mqtt or ssh or to other pcs.

3. I tried doing these steps to add a rule but it knocked the internet connection in Router 2: created a file in /jffs/scripts named nat-start
with
#!/bin/sh

iptables -I FORWARD -s 192.168.1.0/24 -j ACCEPT

then chmod a+rx /jffs/scripts/*
and sh /jffs/scripts/nat-start

it shows running in the logs but as I said, it knocked down the connection.

4. also tried turning off the firewall

Don't know what else to do, please your appreciated advice.

thanks

Emilio
 

Attachments

  • as2.JPG
    as2.JPG
    33.4 KB · Views: 476
Remove the DMZ changes from both routers and delete the nat-start script.

Leave the static route set on Router 1.

Leave the firewall turned off on Router 2.

Turn off NAT (WAN - Internet Connection > Basic Config > Enable NAT = No) on Router 2.

Reboot both routers to ensure the changes are in effect.

You should now be able to ping any IP address in Network 2 from Network 1 (and vice versa).
 
Pretty sure the only two things you need are
1) disable firewall on router 2
2) static route you already listed, try without setting any metric
 
Remove the DMZ changes from both routers and delete the nat-start script.

Leave the static route set on Router 1.

Leave the firewall turned off on Router 2.

Turn off NAT (WAN - Internet Connection > Basic Config > Enable NAT = No) on Router 2.

Reboot both routers to ensure the changes are in effect.

You should now be able to ping any IP address in Network 2 from Network 1 (and vice versa).
Thanks very much for your help, didn't need to remove the DMZ from router 1.
 
Thanks, that did it. this can be frustrating. Turned nat off tho. ;)
Credit goes to Colin. He posted first ;) and I forgot about disabling nat

Id definitely remove the DMZ though
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top