GL-MT6000 Lan to ISP Lan

Technical Support for Routers
1

Hi!

Newbie here with hours looking for an answer in this forum with no luck.

My setup:

  1. ISP router in bridge mode with lan subnet 192.168.1.0/24;
  2. GL-MT6000 in router mode with lan subnet 192.168.8.0/24;
  3. Both obtain wan external ip's from ISP;
  4. Wireguard server is fully functional in GL-MT6000, meaning i can connect properly from internet to all resources in subnet 192.168.8.0/24.

Goal:

  1. Connect from devices in subnet 192.168.8.0/24 to devices in 192.168.1.0/24.

How can i do it?

Thanks in advance.

Best,
João Moreira

2

Normally you can do that in two ways both need to be done in luci.

The less secure one:

If you go to luci -> network -> firewall set to zone wan everything on accept.

more secure:

if you go to luci -> network -> firewall -> traffic rules tab

there you can create a rule with more fine control to ports etcetera.

note that the source zone is the zone your traffic orginates from in your case flints 2 lan, and destination wan.

if the above still doesn't work, you have to look into the dhcp settings in luci.

In normal circumstances a bridge maybe only has one ip you can go better use the traffic rules, also if it was configurered like DMZ would do its better to have it more restrictive.

Then again there are different variations of what a 'bridge mode' could be :wink:

3

As the ISP router works in bridge mode, why do you want to access subnet 192.168.1.0/24?

4

@xize11 thanks! I will try and let you know!

@alzhao, goal is to have home lab behind GL-INET router, nevertheless when away from home i want to be able to access ISP router from GL-INET router wireguard, or any other device that make sense to be in that subnet.

5

I mean, maybe you ISP router is not in bridge mode as it has its own subnet.

But need more details to tell.

1 Like
6

Made it:

  1. Configure ETH2 as WAN, and connect ETH cable from WAN/LAN1 to ISP Router:

image

  1. Configure firewall to forward GL-INET LAN to ISP router subnet:

image
image895×487 19.5 KB

Thanks @xize11 and @alzhao!

2 Likes
7

Looks like mesh router you made :thinking:

8

It didn't work for me, I have an ont behind my mt6000 that I have access to via 192.168.0.1 in the settings you provided, I don't have access, changing it of course to my respective IP.

9

With following configuration, noticed today, that external IPV6 address is coming from ISP router and not from GL-inet one.

Since in ISP i cannot remove IPV6 propagation, given this configuration which is best way to have external IPV6 from GL-inet router?

Any suggestions?

10

Hi,

I'm not sure if im correct in this, neither do i know if it can be accomplished by gl ui.

From what i understand you can have ipv6 allocated from the isp subnet this is what you currently have.

But you can also derive ipv6 from ula prefix, the ula is already generated by default, but to enable its allocation you have to go to:

Luci -> network -> interfaces -> lan (click edit)

From the advanced tab, you have a option for:

IPv6 prefix filter, and IPv6 assignment length.

^ i believe this allows you to use the local ula prefix.

Inside the dhcp options tab i think you only need to have it on server mode.

My knowledge further about ipv6 is very limited however onemarcfifty on youtube has alot of powerfull tutorials about ipv6.