Router on Router Question

MAC20

Honorable
Feb 10, 2014
49
0
10,530
Just bought a Asus N66U for my Nvidia Shield for the 5GHz wireless. i already had my network setup on a Cisco RV110W router/firewall. well i want to keep this router in the network and keep all the devices i had on it. im only switching 5 devices (my dedicated HTPC devices) to the new router. The new Asus N66U will be the main router and the Cisco RV110W will now become the second.

Well i need to figure out how to run the second router from port 1 on the Asus to the WAN port on the Cisco (2nd router). The reason being is that the ip scheme for router 2 is already setup and has many devices and i want all these devices to stay on the 2nd router so my dedicated devices wont have to fight much for bandwidth (greedy). The scheme for the 1st router is X.X.3.X with subnet 255.255.255.0 and the 2nd router is X.X.2.X with same subnet. i want the 1st router to give IP address and DNS to second so it can get out to the internet thats all. I DONT want the 1st router handing out ALL ips on both routers. basically i want the 1st router to be able to supply a gateway to the net for the second thats all. the second router will supply DHCP address to everything connected to it. As well as the 1st router supplying DHCP to everything connected to it. Can anyone shed some light on this.
 
Solution
Maybe getting confused the devices on the second router should be able to access the first but not the other way.

Things on your ASUS router appear to on be on the internet from the cisco viewpoint. So anything from the cisco can get to your asus connected stuff as well as the internet. Stuff on the asus network can not get to the cisco stuff because of the NAT just like a some random internet device can not talk to your lan without port forwarding. The cisco treats both the real internet and your asus lan as internet

You can prevent the cisco lan device from being able to talk to the asus lan device with a firewall rule in the cisco.

If you want these to communicate in both directions though it gets really hard because of the...

MAC20

Honorable
Feb 10, 2014
49
0
10,530
il try this and see if it works. the one issue i ran into when i tried it the 1st time was that i could access the 2nd router from any device that was connected to the 1st.
 
Maybe getting confused the devices on the second router should be able to access the first but not the other way.

Things on your ASUS router appear to on be on the internet from the cisco viewpoint. So anything from the cisco can get to your asus connected stuff as well as the internet. Stuff on the asus network can not get to the cisco stuff because of the NAT just like a some random internet device can not talk to your lan without port forwarding. The cisco treats both the real internet and your asus lan as internet

You can prevent the cisco lan device from being able to talk to the asus lan device with a firewall rule in the cisco.

If you want these to communicate in both directions though it gets really hard because of the second nat.

 
Solution

MAC20

Honorable
Feb 10, 2014
49
0
10,530
bill so can you explain how to do the following. i know the devices on the asus cant see ther devices on the cisco without doing port forwarding. can you explain how to get that to work. heres the setup i finally got done.

modem is connected to router 1. router one is x.x.3.254 wit a 255.255.240.0 sub - dhcp is off

router 1 lan port is connected to router 2 wan port

router 2 has static ip of x.x.3.1 wit a 255.255.240.0 sub with x.x.3.254 dns - dhcp is on

router 2 dhcp pool is x.x.2.130-139 with a 255.255.255.0 subnet

so what im tryin to do is get 1 device, my HD Homerun thats on router 2 with ip x.x.2.130 sub 255.255.255.0 to connect to my pc with WMC on router one with ip x.x.3.104 sub 255.255.240.0 is this possible wit port forwarding
 
It should in theory work fine without port forwarding but it depends a lot on the application. As long as all the traffic is intiated from the pc with address 2.130 a nat entry should be created that will allow return traffic even for UDP. Most issue would come is if the 3.104 machine would try to send traffic to the 2.130 machine on a new session. FTP is a example that causes issues (but the router knows about this special case) where the remote device attempt to open a session coming in.

I can't say if it is a issue but if the x.x are the same in both cases you have a inconsistent subnet mask. The one with 255.255.240 would cover x.x.0.0 - x.x.15.255 This overlaps the second x.x.2.0/24 block of ip. This at times causes issues but it may work.