I'm hoping someone can assist me; kinda lost as to how to solve this but I'm sure/hope it's an easy fix (I'll be the 1st to admit my knowledge is limited). I'm trying to get remote access to my desktop/Dell machine (running Windows 7 Pro) which is behind two Linksys boxes.
My setup is as such: I have a static IP from my ISP assigned to the WAN side of a Linksys ATA (model SPA2102), node 1 in my network & used for VoIP service from my ISP & as my network DHCP server - range 192.168.1.15-25). This ATA has to be on the WAN side of my network for the VoIP service to work. The Ethernet port on the ATA (only one Ethernet port available) is feeding a Linksys WRT54Gv2 for WiFi access - node 2 on my network - and the WRT54G in turn is connected to my Dell desktop - node 3 on my network (port 1 of the WRT54G is to my ATA, port 2 to my desktop Ethernet port). The WRT54G is solely for WiFi internet access but is needed (its DHCP server is disabled in favour of the one on the ATA). I have assigned all nodes a static LAN IP: 192.168.1.1 (ATA), 192.168.1.2 (WRT54G) & 192.168.1.3 (Ethernet port on the Dell desktop, needed for remote access, with the default gateway specified here being the IP address of the ATA - 192.168.1.1) and they are all on the same subnet (255.255.255.0). Everything works fine, meaning I have internet access on the Dell desktop & any WiFi systems get a DHCP IP address from the ATA when connecting wirelessly. However, and this is my problem, I cannot get remote desktop access to the Dell desktop, node 3. I used to have this working when I didn't have the ATA...this is just a recent addition and prior to it being introduced into the network I had all the settings (the ISP WAN settings, DHCP, WiFi & remote access port forwarders) configured on the WRT54G. Everything worked fine and when I opened a remote desktop connection to my static ISP IP I got access to the login screen of the Dell desktop (needless to say this is configured correctly to allow remote connections). I have configured the ATA port forwarders the same way as I used to have the WRT54G port forwarders configured ('starting port' and 'ending port' both set to 3389, protocol set to 'Both' TCP & UDP & the 'Server IP Address' the static address of the Dell desktop) but I'm guessing I need to do some configuring on the WRT54G to allow the communication through it. Yes? No? Is it even possible to do this or should I just buy a WRP400 to combine present ATA & WRT54G setup I have right now into one box?
Sorry for the long-winded question. I just wanted to explain it in as much detail as possible. Any help would be much appreciated.
I'm not sure what the problem is as yet, but it may be moot. I believe your network configuration could be vastly improved.
I've never seen an ATA that *had* to be in front of the router. It may be necessary for performance reasons, but not in terms of whether or not it will function. Doesn't mean such limitations don’t exist, only *I* haven't seen it. I place my ATAs behind the router all the time. The only mistake I've seen is when the ATA is also a router. In those cases, you usually need to connect the ATA's WAN port (not LAN port) to a LAN port on the router for it to work. Frankly, it's just another example of why I hate having the ATA dictate the architecture.
But let's put all that aside for the moment and just assume the ATA must front the WRT54G. Even if you could make it work behind the router, you could still justify having it front the router for performance reasons. So let's try something different.
I’m sure you would prefer to use the WRT54G router and its firewall for numerous reasons (more features, better performance, simplicity, etc.). Why not connect the SPA2102 to the WRT54G, LAN to WAN, and put the WRT54G’s IP address in the DMZ of the SPA2102.
The WRT54G pulls its IP address from the DHCP server of the SPA2102 (or uses a static IP from the same subnet, more on that shortly). So let’s say that’s 192.168.1.2. Behind the WRT54G’s WAN port is a different subnet, 192.168.2.x. Finally, we place the IP address of the WRT54G (192.168.1.2) in the DMZ of the SPA2102.
The SPA2102 now has unimpeded access to and from the Internet. Any inbound traffic it decides not to handle is simply passed to the WRT54G as if the SPA2102 wasn’t even there. The WRT54G doesn’t care whether it gets its IP assignment from the ISP or SPA2102, it’s all the same. The WRT54G is configured like any other router connected directly to the ISP; you use your own local network, DHCP server, port forward when necessary, etc. In effect, the SPA2102 is just acting as a filter. If something is intended for the SPA2102, it handles it, transparently, but otherwise it’s just forwarded.
Getting back to the WRT54G, it would make sense to use a static IP in the same subnet as the SPA2102, or else reserve an IP from its DHCP server (if it’s supported) since you don’t want its IP changing and thereby screwing up the DMZ setting.
Think how much easier this is to manage. Except for the fact some network traffic will be intercepted by the SPA2102, everything else functions normally. And if one day you remove the ATA, you don’t have to reconfigure anything. Now, instead of the WRT54G grabbing it’s IP from the DHCP of the SPA2102, it goes straight to the ISP.