LAN to WAN router cascade

Discussion in 'Tomato Firmware' started by Dan Lindfield, Feb 3, 2018.

  1. Dan Lindfield

    Dan Lindfield Network Newbie Member

    I am trying to set up a LAN to WAN router cascade using ethernet cable between a Belcom (Router 1) and a Linksys WRT54G running Tomato 1.28 (router 2). I am wanting to do this to improve parental access control by using the great functionality offered by Tomato. Unfortunatelly I can't simply use the Linksys for my DSL modem as it does not support PPPoA.

    Configuartion:

    Router 1 - Belkin acting as DSL connection to WWW
    IP Address: 192.168.2.1
    Net Mask: 255.255.255.0
    DHCP: Enabled
    DHCP range: 192.168.2.2 - 192.168.2.50
    Wireless: Disabled
    WAN DNS (ISP): 212.19.xx.xx and 212.19.xx.xx


    ROUTER 2- Linksys wireless Access Point
    IP Address: 192.168.1.1
    Net Mask: 255.255.255.0
    DHCP: Enabled
    DHCP range: 192.168.1.12 - 192.168.1.100
    WAN IP Address: 192.168.2.51
    Gateway: 192.168.2.1
    Mode: Gateway

    With this configuration I can ping from inside the second secure network (192.168.1.x) to the primary interface network (192.168.2.x) and to the WWW (212.159.xx.xx) but I cannot get a browser from any device connected to the internal (192.168.1.x) network to connect to the WWW.

    This configuration will allow me to access the WWW from any device connected to the primary interface network (192.168.2.x).

    What have I missed out? Been at this for a few days and can't see what I'm doing wrong.
     
  2. eibgrad

    eibgrad Network Guru Member

    Can you ping an internet access from 192.168.1.x (by IP, not by name)? If so, then it's probably a DNS problem on the second router.
     
  3. Dan Lindfield

    Dan Lindfield Network Newbie Member

    Yes, I Ping by IP. E.g. ping 8.8.8.8

    The second router is running Tomato, what settings (there are many!) should I be exploring that would have an impact on the DNSs?
     
  4. eibgrad

    eibgrad Network Guru Member

    If you configure the second router using its default settings, it should just work. DHCP is the default setting on the WAN, and it should pull the DNS server(s) from the upstream router, just as it does its IP, gateway IP, etc.

    If some other client (PC/Mac/laptop) on the primary router uses DHCP, does it get configured properly? Does it work w/ a browser?
     
  5. Dan Lindfield

    Dan Lindfield Network Newbie Member

    Thank you Eibgard,

    Yes I also suspected that I may have inadvertently changed some default settings so Yesterday I reset the second router to default settings and only changed the configuration items listed above. The result was the same.

    Your DNS statement rings true as I have noted that If I do not set the ISP DNS servers (WAN DNS) to my ISP primary and secondary DNS servers in my upstream router then I cannot ping across the router cascade into the WWW, so when the DNS servers are prescribed I think I can confirm that something in the secondary router is pulling in the DNS servers. How can I check it is pulling the correct Gateway?

    I have a mixture of PC/Linux/iphone/android devices connecting by DHCP to the primary router and finding the WWW with no issues (although a bit slow at times as if sometimes trying to find a path).
     
  6. eibgrad

    eibgrad Network Guru Member

    On the second router, under Advanced->DHCP/DNS, add the following to Dnsmasq Custom Configuration, then save it.

    Code:
    no-resolv
    server=8.8.8.8
    server=8.8.4.4
    Does it now work?
     
  7. Dan Lindfield

    Dan Lindfield Network Newbie Member

    Thank you - It worked! The browser is now connecting to the WWW from within the router cascade.

    For my education, would you mind explaining why this worked and what it is doing?
     
  8. eibgrad

    eibgrad Network Guru Member

    By default, all clients use the local DNS server (DNSMasq), which acts as a DNS proxy. Normally DNSMasq gathers the DNS servers it's expected to use from either the ISP (via the WAN DHCP request), and/or static DNS servers specified on the Setup page.

    Since I had no idea why it wasn't working, I decided to sidestep the process and configure DNSMasq directly.

    The no-resolv directive tells DNSMasq to *ignore* every other source of DNS servers, wherever they may come from. The only DNS servers we want used are those listed herein, as specified in the server directives. So I added a couple of Google DNS servers, and voila! And you can add as many DNS servers as you wish.

    Now that still doesn't answer why you couldn't pull the proper DNS servers in the normal fashion, over the WAN. It might be an indication of deeper issues, but again, just to get around the immediate problem, I thought this might do the trick.
     
    Last edited: Feb 5, 2018
  9. Dan Lindfield

    Dan Lindfield Network Newbie Member

    I understand and it makes sense. Thank you for the work around. Sounds like I might have to post again if something else stops working! But at least I've learnt something new. Thank you.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice