You have not indicated that you are looking to restore the full
functionality of the firewall, and that it is currently being used as a
hub. My comments are based on that premise.
Given your current topology, you would connect the WAN port of the new
router (the downstream router) to one of the firewalls eight ports. You
would configure the downstream router's WAN port with an IP address on
network 192.168.0.0 /24, lets say 192.168.0.2.
The LAN interface on the downstream router would be configured with an
address (e.g.: 192.168.1.1) on a different network (e.g.: 192.168.1.0 /24).
Hosts need to be configured with addresses 192.168.0.x, or 192.168.1.x
depending on which side of the downstream router they will reside.
Keep in mind that all IP addresses must be unique. Imagine if you
mistakenly connected the LAN interfaces of two routers using the same
factory default IP address, and you tried to connect to the web
interface of either. You'd be in trouble.
The new (downstream) router should not need a crossover cable to connect
to what I presume is an integrated 8 port switch in the firewall.
You will want to implement static routes (probably best for your
situation), or dynamic routing (e.g.: RIP) if you prefer, and if the
routers support it. You do NOT want to be sending dynamic routing
updates out the WAN interface of the upstream router though!
The upstream router needs to have a route to 192.168.1.0. (this is
critical).
The downstream router already knows about each of your networks because
it has an interface on each.
Hosts on 192.168.0.0 will use default gateway 192.168.0.1, per my example.
Hosts on 182.168.1.0 will use default gateway 192.168.1.1, per my example.
If you get the routing right, any LAN host can find any other LAN
host/server regardless of which network they reside on.
Here is a scenario you should understand:
Upstream host 192.168.0.10 wants to communicate with downstream server
192.168.1.20. The host sends its first packet to its default gateway
(upstream router), which isn't really desirable. The upstream router
checks its routing table and determines that the next hop router should
be the downstream router. It will send an ICMP Redirect message to the
host saying "use the gateway at 192.168.0.2" (i.e.: the downstream
router). Typically, the upstream router would then forward the packet to
the downstream router for forwarding to the server.
The host should add a route to its table, and comply with the advice
communicated by the upstream router by sending subsequent packets
directly to the downstream router (i.e.: in the desired direction). I
have seen hosts that did not comply. They continued to send to the
upstream router, and then the upstream router forwarded them downstream.
The result being twice the traffic (undesirable).
As far as your reference to firewall rules, it is not clear whether you
are talking about port forwarding on the upstream router, or
re-establishing full firewall functionality of your Net Gear device
which would require reconfiguring your topology. Either way, enough for now.
Best Regards,
News Reader
Jim G wrote:
> My network is pretty basic.
>
> Cable Modem to Linksys Wireless Router (handing out dhcp, 4 port)
> (192.168.0.1)
> From wireless router to 8 port netgear firewall (firewall has dhcp turned
> off, firewall off. Acting as a hub right now. Has ip of 192.168.0.17).
> I have a slingbox running on my network and configured as 192.168.0.88. I
> have an issue with my slingbox constantly taking over my router (I have upnp
> disabled as well).
> I want to setup another router with a different subnet, like 192.168.10.x. I
> want to hookup the slingbox to this network to see if this will resolve it
> taking over my 192.168.1.1 router.
>
> My question is this.
>
> How would I hookup this new router. Do I go from a lan port on my netgear
> (192.168.0.17) to the internet port on the new router (192.168.1.x), or do I
> go to just a lan port?
> Do I need a cross over cable?
> What about firewall rules to direct traffic to the new router? I have a
> couple servers that I would like to move here too and would need several
> rules in order for them to run (smtp, pop, http, imap etc).
> Would I need some static routes to direct traffic to this new router?
>
> Please let me know your thoughts.
>
> Here is my post at the slingmedia site about this issue.
> http://www.slingcommunity.com/forum/...control+router
>
> Thanks
> Jim
>
Bookmarks