Tomato Subnet HELP

Discussion in 'Tomato Firmware' started by curtiplas, Jul 10, 2009.

  1. curtiplas

    curtiplas Addicted to LI Member

    Okay, so I must say I'm not new to Tomato, however I am new to subnetting. Now, before I get into my question I'll cover how my Network is setup ATM and why it is that way.

    Recently my WRT54GL running Tomato started to flake out, it completely reset itself after doing a remote reboot after I lost wireless connectivity, after such time I couldn't get wireless to work while using Tomato only wired ( I think this may be because I was Majorly boosting the WiFi transmit power so it would reach the 2nd Floor of my house, from the basement, and thus majorly shortened the life span of the wireless transmitter). So now I have two routers, one on the first floor being used as a Wireless access point and the other in the basement where my cable modem and server are located.

    To make this easy:

    Router A = basement router
    Router B = 1st Floor WiFi Router​

    Right now I have the Modem connected to the WAN on Router A. Router A is then connected to my server and the WAN on Router B.


    Thus it is the Gateway and the WAN is using DHCP, and has the subnet range of - 149 I believe it has the correct Subnet mask of In addition the Router's Internal IP is ​


    Is setup as a "gateway" as well, this router has a subnet range of and has the same subnet mask of This router's Internal Ip address is . However, this router is setup to have a Static WAN which is as well.​

    Currently no devices connected to Router B can get to the internet, I suspect this is due to the subnet being setup improperly and I'm looking for any advice or help on configuring this.

    Ideally what I want to be able to do is connect to any devices on Router A from a Device on Router B and Vice Versa... I.E. I want two separate subnets that are able to talk to each other as well as all devices need to get out to the internet and although they ALL don't necessarily need to be reachable from the outside world, it would be nice if I they still can be... but my server definitely needs to be accessible from the outside world...
  2. rhester72

    rhester72 Network Guru Member

    What is the default gateway on router B, and via what physical ports are router A and router B connected?

  3. curtiplas

    curtiplas Addicted to LI Member

    I'm not at home ATM, but I'm like 90% sure the Default Gateway is I'll double check when I get home,

    PORT 1 on Router A goes into the WAN on Router B
  4. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    Actually, they both have a subnet range of (you're correct that this is what is causing you problems). It's just that they are only actively handing DHCP allocations on the ranges you specified.

    Just change all of the 97s to 98s on router B, and you should be okay.

    Also, you should not assign router B's WAN address as a static address inside of router A's dynamic pool. Either let router B get its IP via DHCP (you'd probably want to set up Static DHCP in router A to give it the same address every time) or assign it a static address outside of the DHCP pool (, for example).
  5. curtiplas

    curtiplas Addicted to LI Member

    Will it route between them automatically? Or will I need to setup a static routing entry on both tables so they can communicate between each other?
  6. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    The PCs on router B will be able to communicate with those on Router A just fine, just not visa versa. Since you have the router in Gateway mode, everything is NATed - just like Router A is with respect to the internet.

    If you don't want this extra NATing, you should be able to set Router B to router mode and set up some static routes.

    (also note I added a bit about your router B's WAN address to my first post after you started your reply)
  7. curtiplas

    curtiplas Addicted to LI Member

    I suspected as much earlier, just didn't have time to play around with it like I had wanted... and this brings me to my second question, and the original reason I stumbled upon this forum.

    Under Advanced > Routing , I set the router to Router mode, change the RIP to both, but I don't quite understand how I would add the entry....

    If I'm configuring Router B's table...

    Destination: Router A's Gateway address?
    Gateway: Router B's Gateway address?
    Subnet mask:
    Metric: ??
    Interface: ??

    Cool, thanks for the heads up, I looked at it again.
  8. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    After setting router B to router mode (I don't think RIP is necessary, either), I think the only static route you would need would be on router A.

    On router A, add:
    Destination: Router B subnet - eg,
    Gateway: Router B WAN address - eg,
    Subnet: Route B netmask - eg,
    Metric: 0
    Interface: LAN
    Description: Whatever you want

    Router B will already be routing things correctly because it knows that everything besides its own subnet (including the internet and the other subnet) lies beyond the WAN port and Router A's LAN IP will handle it. We just had to tell router A where to send things to reach router B's subnet (send it to router B and it will know what to do with it).

    Hope it works for you.

    On second thought, the firewall on A may block things. Let me know if there are troubles.
  9. curtiplas

    curtiplas Addicted to LI Member

    Alright so I added the above Entry in Router A's Static Routing Table, however it didn't solve the entire issue. I can now connect to the internet as well as the actual router's web interface from my computer connected to Router B.... however when connected to Router A, I can not even ping router B... any suggestions?

    BTW, thank you very much for your help so far :-D

    Please Ignore, the only thing I can not get to from my computer when connected to Router A is the actual Web interface of Router B, I can get to everything else... I think this may be because Router A knows Router B as, while the web interface is only responding to requests of, however if you type that in the browser while connected to Router A, it doesn't know how to handle it.... All in All I can manage with out that I appreciate everyone's help thus far especially you SgtPepper :-D
  10. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    Great! Glad it's working for you. Is "Remote Access" (Admin->Access) enabled on Router B since you're trying to administer it through the WAN port?
  11. jza80

    jza80 Network Guru Member

    I think the metric should be 1, as a router decrements the metric (hop count / TTL value) by 1. IOW Router B is 1 hop from Router A.

    Everything else looks good though. :)


    A static route on router A pointing to the subnet/network behind router B should take care of that.

    Did you mean to say instead of
  12. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    Yeah, I considered that. However, since the Metric is only used to make decisions on what route to take, and we darn sure want it to use this one, I went ahead and just said zero. All of the existing routes on the router have a metric of 0, and I didn't want the default route to trump it (it's possible the routing software on the router has special case handling of the default route, but I wasn't sure about that so I went with the safe choice).
  13. jza80

    jza80 Network Guru Member

    Interesting that all the existing routes have a metric of 0.

    I'm not sure how Tomato/Linux handles routing, but Cisco routers use metric and administrative distance (AD). The metric can be a number of things (hop count, delay, bandwidth, etc..).

    Default route is used as a gateway of last resort. IOW if theres no specific route to a destination, the default route is used. Again, I'm not sure how Tomato/Linux handles this.
  14. curtiplas

    curtiplas Addicted to LI Member

    Yes it is, I did check that
  15. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    I'm guessing the firewall on B is causing the trouble. That mode of operation probably doesn't get near the amount of exposure as Gateway mode, so there may just be a faulty firewall rule.

    If you'd like to get that aspect working, please post the output of (run on router B ssh/telnet):
    service firewall restart
    <attempt to access B's web GUI from A-attached computer here - preferrably, no other B-related activity>
    iptables -t filter -vL; iptables -t nat -vL; iptables -t mangle -vL
    This should tell us everything we need to know if it is a firewall issue.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice