Page 1 of 1
Routing problem
Posted: Thu Oct 27, 2016 7:54 am
by yaikun94
I have 2 RB951G, let's call it A and B.
RouterA:
- ether1: wan
-ether2-5: lan with dhcp server (192.168.10.0/24)
RouterB:
-ether1-2: bridge received ip from routerA (192.168.10.254/24)
-ether3-5: lan with dhcp server (172.16.10.0/24)
client with ip 192.168.10.0/24 can't ping client with ip 172.16.10.0/24 because they don't have routes. After routing them (Dst. 172.16.10.0/24 , Gw.192.168.10.254) ip 192.168.10.0/24 can ping gateway 172.16.10.1 but still can't ping client 172.16.10.0/24. Although client with ip 172.16.10.0/24 can ping client with ip 192.168.10.0/24 just fine.
Did i do something wrong?
Thanks in advance and sorry for my bad english.
Re: Routing problem
Posted: Fri Oct 28, 2016 7:34 am
by yaikun94
Anyone
(
Re: Routing problem
Posted: Fri Oct 28, 2016 8:04 am
by Rudios
are you using any NAT on the second router?
How about firewall, on both routers and the destination client?
Re: Routing problem
Posted: Fri Oct 28, 2016 10:32 am
by yaikun94
are you using any NAT on the second router?
How about firewall, on both routers and the destination client?
the 2nd router don't have any NAT, try to add once but it's the same result.
There is no firewall rules on both routers
Re: Routing problem
Posted: Fri Oct 28, 2016 2:45 pm
by Rudios
Can you please share your 2 configs.
Re: Routing problem
Posted: Fri Oct 28, 2016 9:16 pm
by miq
Maybe you must add rule to forward chain?
Re: Routing problem
Posted: Sat Oct 29, 2016 2:27 am
by skuykend
If it's a home version Windows pc you're trying to ping, the default Windows firewall doesn't allow ping responses to other subnets. Try temporarily disabling the firewall.
Re: Routing problem
Posted: Sun Oct 30, 2016 6:32 pm
by actrn
you are in double nat, generally not good to surf with these, in any case you can try to add route from 172.x Lan to return icmp.
Re: Routing problem
Posted: Mon Oct 31, 2016 4:27 am
by yaikun94
Hi,
sorry for the late reply,
Here is my 2nd router config
***Router2:
-Bridge1 received ip from router1 (192.168.1.8 )
-Bridge2 created dhcp server and has 1 client (192.168.20.252)
***Router1:
-Try to ping router1 to client 192.168.20.252 but time out.
-Ping gateway 192.168.20.1 just fine
Re: Routing problem
Posted: Mon Oct 31, 2016 4:34 am
by yaikun94
If it's a home version Windows pc you're trying to ping, the default Windows firewall doesn't allow ping responses to other subnets. Try temporarily disabling the firewall.
Already disabled but still not work =.=!!
Maybe you must add rule to forward chain?
you are in double nat, generally not good to surf with these, in any case you can try to add route from 172.x Lan to return icmp.
Could you pls show me how to do it
Re: Routing problem
Posted: Mon Oct 31, 2016 9:28 am
by actrn
try to add:
172.16.10.0/24 gate 192.168.10.x ( your gateway )
Re: Routing problem
Posted: Mon Oct 31, 2016 11:56 am
by miq
Maybe you must add rule to forward chain?
chain=forward action=accept src-address=0.0.0.0 dst-address=172.16.10.0/24 log=no log-prefix=""
Re: Routing problem
Posted: Mon Oct 31, 2016 6:29 pm
by Rudios
Does your DHCP supply gateway address?
Re: Routing problem
Posted: Tue Nov 01, 2016 6:43 am
by yaikun94
try to add:
172.16.10.0/24 gate 192.168.10.x ( your gateway )
already did it in router1. After route i can ping 172.16.10.1 but can't ping client (ex.172.16.10.252)
Re: Routing problem
Posted: Tue Nov 01, 2016 6:45 am
by yaikun94
Maybe you must add rule to forward chain?
chain=forward action=accept src-address=0.0.0.0 dst-address=172.16.10.0/24 log=no log-prefix=""
i'll try it later tks.
Does your DHCP supply gateway address?
yes it is
Re: Routing problem
Posted: Tue Nov 01, 2016 9:46 am
by Rudios
I would first disable all firewall rules to see how that goes (maybe only let exist the masquerade rule on RouterA to have internet connection)
Re: Routing problem
Posted: Tue Nov 01, 2016 10:40 am
by yaikun94
Solved,
put my NAT rule masquerade for src.address 172.16.10.0/24 in router 2 to the top (just notice it behind other nat rules so it won't work.) and it work like a charm. Gotta note it =.=!!
Thanks you guys for helping me all this time
Re: Routing problem
Posted: Tue Nov 01, 2016 10:42 am
by Rudios
Solved,
put my NAT rule masquerade for src.address 172.16.10.0/24 in router 2 to the top (just notice it behind other nat rules so it won't work.) and it work like a charm. Gotta note it =.=!!
Thanks you guys for helping me all this time
Good to hear you solved it, nevertheless I am curious about your config, because in one of the first posts you stated there was no NAT on RouterB
Re: Routing problem
Posted: Wed Nov 02, 2016 3:39 am
by yaikun94
Solved,
put my NAT rule masquerade for src.address 172.16.10.0/24 in router 2 to the top (just notice it behind other nat rules so it won't work.) and it work like a charm. Gotta note it =.=!!
Thanks you guys for helping me all this time
Good to hear you solved it, nevertheless I am curious about your config, because in one of the first posts you stated there was no NAT on RouterB
yes i said that i tried to add and then remove NAT but there is no difference between 2 options. Turn out after add NAT i have to move it to the top so the rule can work properly