Configure dual router network for performance and security

Toggle sidebar Toggle sidebar
T

timlt

Honorable
Apr 5, 2013
2
0
10,510
I read the networking sticky threads and some others, but couldn't find an answer that worked with my routers. I'm trying to configure an optimal setup. The setup described below works fine, but not sure if I have it optimized for best performance and security.

Setup:
* ISP: Frontier FIOS
* Gigabit ethernet LAN with Cisco SG200-26 switch
* Modem: Actiontec M1424WR (10/100 router, coax connection to broadband)
* Router: Netgear WNDR4500 (gigabit router, wireless)

Current configuration:
* Modem: DHCP/wireless disabled. "Internet connection firewall" disabled. IP: 192.168.1.1. In the Broadband/Coax connection settings, I have to set "Route Mode" to "NAPT", I tried setting it to "Route" but then I lose internet connection on the network. So I don't think that I have figured out how to disable NAT on the modem and still keep my internet connection working.

* Router: Serving DHCP and wireless enabled. Firewall and NAT enabled. Static Internet IP: 192.168.1.2 (uses the modem 192.168.1.1 as its gateway/dns addresses). Lan IP: 192.168.2.1. All internal devices on this subnet. Cable connects from modem LAN port to the router's WAN/Internet port.

Questions:

1. For best performance, should I be doing something differently? If so, what configuration options should I change on each router?

2. For best security, should I be doing something differently?
 
Sort by date Sort by votes
T

timlt

Honorable
Apr 5, 2013
2
0
10,510
Well I don't know if this is the "best" setup but found an approach that works and sounds like it's giving what I want: the ability to use the required ActionTec router for FIOS merely as a "bridge" to my newer and better performing gigabit Netgear modem. This has the advantages of disabling firewall, DHCP, wireless, NAT etc. in the ActionTec, and lets me handle everything in my Netgear gigabit router. So I assume I'm getting best performance possible and still secure since using the Netgear's firewall.

What I did:

Configure the ActionTec:
* Disable wireless.
* Set Firewall to "minimum."
* In the Broadband/Coax connection settings, release the current IP, then set the Internet Protocol config dropdown to "No IP Address".
* In the Network Home/Office connection settings, in the "Bridge" section, select checkbox for the Broadband/Coax connection, then select the "STP" checkbox. Also disable IP address distribution and set IP address to 192.168.1.1.

Configure the Netgear:
* Configure wireless.
* For Internet setup tab, get the IP and DNS addresses both dynamically from ISP.
* For LAN setup tab, set static IP to 192.168.2.1. Configure DHCP.

Cable connections:
* ActionTec LAN port to Netgear WAN port.
* Netgear LAN port to Cisco switch.

Details of this setup described at:
http://www.dslreports.com/forum/r17679150-Howto-make-ActionTec-MI424WR-a-network-bridge


If there's anything I should reconsider with this setup, it'd be great to hear any ideas! The key issue here is that with Frontier FIOS and a coax connection to the WAN, you're basically stuck with their lame/outdated ActionTec 10/100 router. So the bridging setup is a way to bypass that router so that you can still have gigabit performance on your internal network. For the internet speeds, the ActionTec is fine, I only have a 35 mbps FIOS service anyway.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom