1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRT54G Gateway/Router mode?

Discussion in 'Networking Issues' started by heisesgade, Aug 10, 2008.

  1. heisesgade

    heisesgade Addicted to LI Member

    Hi

    I have a WRT54G Ver. 1.1 - firmware 4.21.1
    It´s behind a Zyxel Prestige 660R-61 provided by my ISP.

    This setup has worked OK for 7 years or so with a single computer connected via wi-fi.

    Now, for the first time, we got a 2nd computer also connected via wi-fi. Internet connection is still working fine, but my own network (between the 2 computers) turned out to be somewhat slow.

    Now, the WRT54G is and has always been in "Gateway" operating mode. After reading up a bit I guess this is not entirely correct when there is another router acting as gateway (the Zyxel)

    Through some trial-and-error I discovered that transfer speeds seem to improve when I change the operating mode to "Router" but then the internet connection is lost on both connected computers.

    With my setup is there any way to run the WRT54G in "Router" mode and still be connected to the internet?

    My setup is as follows:

    Zyxel Prestige 660R-61:
    - DHCP on
    - IP adress 10.0.0.1
    - IP pool starting adress 10.0.0.2
    - IPP subnet 255.255.255.0

    WRT54G (Internet setup):
    - Static IP
    - Internet IP 10.0.0.2
    - Subnet 255.255.255.0
    - Gateway 10.0.0.1

    WRT54G (Network setup)
    - DHCP off
    - Local IP 192.168.1.1
    - Subnet 255.255.255.0

    Operating mode "Gateway"

    Thanks
     
  2. HennieM

    HennieM Network Guru Member

    On your WRT, assuming that you have firewalling, etc. on the Zyxel:
    1) Turn off the WAN/internet (if possible). If not possible, leave it on PPPoE.
    2) Set the LAN setup to be
    - IP 10.0.0.2
    - Subnet 255.255.255.0
    - Gateway 10.0.0.1
    - DHCP off
    3) Connect from one of the WRT's LAN ports to the Zyxel
    4) Gateway mode or router mode does not matter, as you are not using the WAN connection

    On the Zyxel, make the DHCP range start at 10.0.0.3, so you don't accidentally assign .2 to one of your PCs.
     
  3. heisesgade

    heisesgade Addicted to LI Member

    Thanks Hennie

    Up and running..
     
  4. HennieM

    HennieM Network Guru Member

    Cool. Remember that your firewalling, etc. on the Zyxel should be up to scratch.
     
  5. heisesgade

    heisesgade Addicted to LI Member

    OK, Hennie

    Could you give me a check list please, cause some of the settings i don´t quite understand..

    Thx
     
  6. HennieM

    HennieM Network Guru Member

    I don't know how the firewalling would work or look like on the Zyxel, so unfortunately I cannot give you a check list.

    However, a couple of rules of thumb would be:

    If you have a Stateful Packet Inspection (SPI) firewall on the Zyxel, turn it on.

    Do not open any incoming ports, as you don't have any servers or the likes running behind (on your private side) the Zyxel. If you have software running on your PCs that needs incoming ports to be open, study their requirements and then open only the needed ports.

    Disable the Zyxel's ping response on the WAN side

    Outgoing ports are not critical, but it's still safer (in case you get a virus or perhaps some funny software) to just open the outgoing ports that you need. The most prominent outgoing ports would be http (80), https (443), smtp (25), and pop3 (I forget pop3's port number) - the first 2 for browsing and the latter 2 for e-mail.

    Remember that you need anti-virus software on all your PCs, as the firewall is not an anti-virus device.
     
  7. heisesgade

    heisesgade Addicted to LI Member

    Hi Hennie

    What I have is this:

    "Internet Security

    --------------------------------------------------------------------------------

    Your device provides the following filter rules

    Telnet Telnet traffic is blocked from the WAN to the LAN
    FTP FTP traffic is blocked from the WAN to the LAN
    TFTP TFTP traffic is blocked from the WAN to the LAN
    Web Web traffic is blocked from the WAN to the LAN
    SNMP SNMP traffic is blocked from the WAN
    Ping. Ping traffic is blocked from the WAN / LAN
    "

    These are all on/off settings.
    Is this sufficient you think, and which ones should be on?
     
  8. HennieM

    HennieM Network Guru Member

    Seems fine as is, although, if you could get it to say, for all those listed

    "Telnet Telnet traffic is blocked from the WAN"

    i.e., if you could block telnet, FTP, etc. not only from WAN to LAN, but block those coming in on the WAN, full stop.
     
  9. heisesgade

    heisesgade Addicted to LI Member

    Thanks again

    The listed setting are all there is.
    I´ve set them all to on and hope it´s ok.
     

Share This Page