What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Use RT-N66W as a main AP but not in AP mode?

F

Fireradier

Occasional Visitor
I want to use my RT-N66W as the main access point for my wireless and all of my kids gaming/steaming connections, but still use my Actiontec Q1000 DSL modem/router as the main hardwire connection for several on my important computers.
I currently have the WiFi turned off on the Q1000 and am running the RT-N66W in AP mode. But in AP mode it wont show the filtering and throttling options anymore. Is it possible to use the RT-N66W as a second router on my system while still maintaining the other 3 lan ports on the back of the Q1000?
Is there a name for what I am trying to accomplish, so that I can research it? Repeater mode and Media Bridge don't seem to be what I am after. The Q1000 doesnt have a lot of options but I am stuck with it as my first router since I am on CenturyLink.

Thanks for any help.
 
What you want to do is called double NATing.

Discussed numerous times on this forum.
 
Fireradier said:
I want to use my RT-N66W as the main access point for my wireless and all of my kids gaming/steaming connections, but still use my Actiontec Q1000 DSL modem/router as the main hardwire connection for several on my important computers.
I currently have the WiFi turned off on the Q1000 and am running the RT-N66W in AP mode. But in AP mode it wont show the filtering and throttling options anymore. Is it possible to use the RT-N66W as a second router on my system while still maintaining the other 3 lan ports on the back of the Q1000?
Is there a name for what I am trying to accomplish, so that I can research it? Repeater mode and Media Bridge don't seem to be what I am after. The Q1000 doesnt have a lot of options but I am stuck with it as my first router since I am on CenturyLink.

Thanks for any help.
Click to expand...

as a fellow CL customer, i say send that crap back and get a bridgeable modem. i've had two from them so far that could, currently using the westell 7500
 
You can use the Asus in a double NAT. Just put the Asus in router mode and change the LAN IP address of the Asus to something like 192.168.8.1.

Or you can probably put the actiontec in bridge mode and then put Asus in router mode and use it as your lone router. Google search for instructions. Here's instructions for a different ISP.


http://foxsys.blogspot.com/2011/10/qwest-actiontec-q1000-in-rfc-1483.html

I agree with Sinshiva about the 7500. I have the AT&T equivalent which is the westell/netgear 7550 and it's easy to put in bridge mode.

Running a double NAT like you want to do can be tricky if you do any file or printer sharing.....

But you can experiment and see whatever works best for your situation.

If you're not real router savvy or tech savvy, you might want to leave things the way you have them.

Edit: the name for what you're wanting to do is a "LAN to WAN cascade"
 
Last edited:
So what I am hearing is that if I want to use the three remaining ports on the Q1000 for my main computers I will need to use a 'Double NAT' setup by simply plugging the WAN port on the RT-N66W into one of the ports on the Q1000?

But if I want to be able to use such features as the ddns and accessing the usb hard drive on the RT-N66W from the road I will need to put the Q1000 in RFC 1483 Transparent Bridging Mode and then run the RT-N66W as my main router, using it to hand out IP addresses and such?

Is the RT-N66W capable enough for that? Is it at least as secure as the Q1000 was?
A quick glance at my IP scanner shows 29 different devices connected right now, with about 50 having been connected in the last week. (security cameras, printers, phones, tablets, servers, laptops, game consoles, APs, etc)
 
Yes, to continue using the actiontech as your main router, you just plug the Ethernet cable coming from one of the actiontecs LAN ports in to the asus WAN port. But you'll need to also give the Asus a LAN IP like 192.168.8.1 so it doesn't conflict with your actiontec router. You can't have both routers on 192.168.1.1 (that would cause you all sorts of problems).

There's lots of security experts on the forum, so I'm sure they can give you a better answer on that.

But in general, I wouldn't use FTP or AiCloud for sensitive stuff on your USB drive. I just use the USB drive for local LAN access......not remote access.

You can explore Open VPN if you need enhanced security.

Make sure you check the asus website frequently for firmware updates. Or if you use Merlin's firmware, make sure you check his website frequently for updates.

Edit. The link below describes how to forward ports with a double NAT if you ever had to. I used to run an FTP server on a double NAT, but I don't even bother doing that anymore. You almost have to run a secure FTP server because most of the consumer routers don't have secure FTP. Even though you need a user name and password, you're sending your username and password without encryption over the internet....which poses some FTP snooping risk.

http://portforward.com/help/doublerouterportforwarding.htm
 
Last edited:
These replies have been very helpful. thank you all. I started researching the Double NAT that CaptainSTX mentioned, which led me to look at Bridging, which coincidentally led me to the exact same site that jlake linked me to.

Back to my project though....
Generally speaking, the RT-N66W should be at least as good, if not better, than the Actiontec Q1000 as my main router as far as protecting me from outside snooping and attack? Or is the Q1000 a better first line as it was intended to be connected directly to the internet?

I am leaning now towards using the RT-N66W as my main router and using the Q1000 as a transparent bridge. The Q1000 is rather locked down by Qwest/CenturyLink as far as making very many changes and mine needs rebooting whenever I try to get in to the advanced settings. I am hoping the RT-N66W will provide a better experience and offer more options for me.
 
Thanks!

Well Gentlemen, I am successfully sending this post through the RT-N66W with the Q1000 set in transparent bridge mode.
Thanks for all the help. I am going to need to buy a larger switch now. :)

Would there be any settings that I need to tweak on the RT-N66 now that I am using it exposed to the big bad world like this?
 
as jlake said, you're better off not exposing directly attached storage to the outside. after setting up a new router, you should at least run a full service ports scan at GRC ShieldsUp. by default, i believe the router disables ALL ICMP access from the outside, which prevents the internet from pinging your router.


if you're feeling a little adventerous;

myself, i enabled the 'Respond to Ping requests from WAN' or whatever, but added

Code: 
iptables -I INPUT -i `nvram get wan0_ifname` -p icmp --icmp-type echo-request -j DROP

to /jffs/scripts/firewall-start. this keeps the useful ICMP features while blocking ping requests.

(thanks to RMerlin for clarifying the nvram var, i actually had just set it to eth0, but this way is more universal for any PPPoE users that might come across this)

[edit/] This is of course via ASUSWRT-MERLIN, with JFFS enabled and the file firewall-start created in /jffs/scripts. would look like thus;

Code: 
#!/bin/sh
#
iptables -I INPUT -i `nvram get wan0_ifname` -p icmp --icmp-type echo-request -j DROP

then run;

chmod a+rx /jffs/scripts/*
 
Last edited:
You must log in or register to reply here.

Similar threads

T
WAN or LAN in AP mode
Replies
5
Views
600
bennor
B
J
RT-AC68U vlans in AP mode?
Replies
2
Views
735
JimS
J
M
Another WiFi network as a source of internet
Replies
6
Views
726
Tech9
Tech9
G
Asus AX86U Pro - Guest Network Pro in AP Mode - no internet
Replies
6
Views
723
gabzprime
G
C
BT10 as an AP / switch with VLAN and MLO
Replies
2
Views
921
cputoaster
C

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 713 (members: 21, guests: 692)
Back
Top