Hi fellow LQers,

Problem Summary:
- Linksys WRT54G dd-wrt NOT able to route when in Router mode

Env:
- Linksys WRT54G running dd-wrt v24 firmware
- LAN Subnet: 10.0.0.0/8
- WAN Subnet: 172.16.0.0/16
- Linux FC13 configured as a IPv4 router
- LAN 172.16.0.0/16
- WAN ISP/Public IP

Setup:
wired/wireless client -> Linksys WRT54G -> Linux FC13 router -> Internet

Problem Details:
When I have the dd-wrt configured as a 'Gateway' (ie: NAT), all-is-well. That is my client is able to "talk" to other computers on the LAN as well as the Internet. However, when I change the operating mode to 'Router', I run into the following problem:
- client is no longer able to communicate to the Internet
- client is no longer able to communicate to other computers on the LAN
- client is ONLY able to ping the LAN & WAN IPs of the Linksys DDWRT
- However, I am able to ping LAN computers & ping public/internet hosts if I SSH into the ddwrt itself.

Analysis:
- Linksys/dd-wrt box itself has LAN & internet connectivity
- Wired and Wireless clients connecting to the Linksys/dd-wrt do *not* have the LAN or the Internet connectivity

Troubleshooting done so far:
- When changing Operating mode (ie: Gateway<->Router), the routing
table on dd-wrt, as expected, do not change.
Here is the routing table just in case its of any interest:
192.168.66.2 255.255.255.255 0.0.0.0 tun0
192.168.66.0 255.255.255.0 192.168.66.2 tun0
172.16.0.0 255.255.0.0 0.0.0.0 WAN
169.254.0.0 255.255.0.0 0.0.0.0 LAN & WLAN
10.0.0.0 255.0.0.0 0.0.0.0 LAN & WLAN
0.0.0.0 0.0.0.0 172.16.150.254 WAN
------------------------

Since I need inbound connectivity to the hosts connected to the LAN interface of the Linksys/dd-wrt, I need to have the Linksys/dd-wrt
configured as a Router and not as a Gateway. Any help/suggestion would be greatly appreciated.

-itsecx

Hi, Welcome to LQ. First, I'd suggest not using your email address in your user name.

Second, did you disable DHCP on one of the devices? Have you tried AP mode on the DD-WRT router? Perhaps I'm misunderstanding something?

Good luck. ;-)

I don't understand why you can't have inbound access in gateway mode? I have a vpn via openVPN and I occasionally host a web server with apache from behind my dd-wrt router in gateway mode. According to the configuration page:So do you have another router? It would seem from that quote that routing is disabled when in router mode. Maybe I'm missing something in your setup?

Thanks for responding, @peacedog.

It doesn't look like I can now change/edit the username to something other than what is currently setup.

I'm guessing you're referring to the Linksys and the Linux box as the two devices. No, I have not disabled DHCP on either devices as I need DHCP services on both (ie: need dhcp for the local clients (lan) that connect to the linksys. The linux box also needs a dhcp server as it distributes IP to the clients on its subnet. Note, both devices are on a separate subnets and there's one/unique DHCP server for each subnet.

Finally, there's no "AP" mode. There's a Gateway mode, a Router (static) mode, and RIP (dynamic routing) mode.

Again, thanks for taking time for responding.

-itsecx

Thanks for responding, @damgar. Here's the response to your note:

Outbound requests are handled by NAT; however, inbound request origination could only be made to the WAN interface/IP; thus, there would be no way for the router to know which internal host is the target. Ofcourse, one could put a particular host in a DMZ or do port forwarding for certain services; however, that not the intent here.

Scenario:
3 Subnets: 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24
2 Routers:
R1 (LAN) 192.168.1.1, (WAN) 192.168.2.2
R2 (LAN) 192.168.2.1, (WAN) 192.168.3.1
1 Client: (C) 192.168.1.100
1 Server: (S) 192.168.3.100

Client 'C' wants to initiate a SSH session to Server 'S'

*What we want is that 'S' should know that the client connected from 192.168.1.100 and not the masqueraded IP of the router (192.168.1.1) that is doing the NAT.

Hope that makes things a bit clearer.

Regards,
-itsecx