Hello to everyone, network amateur here, I would be greatfull if anyone could help me with a problem I have and cannot seem to find the solution on my own.
As you can see from the drawing I made, every device inside my Opal router has internet access, and also can see every device outside of it.
But no device directly under the ISP router can see devices under the Opal router.
What can I do to make this happen?
The Opal router is in router mode because I need it’s wireguard VPN function
I am not sure about the features about the Opal router… but you can do it by using by 1nfiguring different networks (exactly like what you did in the drawing.) Then the network that is 192.168.5.x can be NATed to the access the other network (192.168.1.X) as well as the Internet.
By checking the Opal online, I see that it has two LAN ports and 1 WAN port. In your case PC2 and Synology are connected to the LAN ports and the WAN is connected to your ISP Router. Please connect as explained and show us the routing table.
But that is exactly what I have done. Synology and PC.2 are connected in the lan ports of the Opal router and the wan port of the Opal router is connected to the ISP router. Both Synology and PC.2 have ip’s in the 192.168.5.xx range. Both devices have access to the internet. Both devices can see ip’s in the 192.168.1.xx range (ISP router range). But PC.1 that is in ISP’s ip range cannot see the synology and PC.2.
I am a bit confused by your advice. If i understand correctly, you advice me to utilize my drawing, but my drawing is already utilized!
Any other advice/thought maybe?
Sorry, I misunderstood the drawing!
Now I understand that you want your devices connected to the ISP router to access your devices behind the NAT?
Since you have NAT enabled by default on Opal, PC1/TV cannot access access PC2. To verify that: from PC1/TV try to ping PC2?
I asked you show us the routing table. I am not sure whether you are using NAT/Routing when accessing the TV box from PC2.
So please in addition to the routing table, ping the TV’s IP from PC2?
- Does the TV see the IP that ends with x.x.5.108 or x.x.1.51 ?
What type is you ISP router?
Your ISP router does not know about the 192.168.5.x network and will therefore discard that traffic, because it is a private range, which cannot be routed into the internet. That’s why you cannot go through from a device connected to the ISP to a device connected to the GL.inet.
The other way does work, because the GL.inet performs NAT and therefore the ISP router only sees traffic from the IP of the GL.inet instead of the 192.168.5.x range. Therefore the ISP router can send the traffic back as well.
So that most important questions here are:
- Can you add routing (static routing) to the ISP router
- Can you disable DHCP on the ISP router and make the GL-inet router handle all the routing?
You could also do port-forwarding on the GL.inet to allow the 192.168.1.x network to reach forwarded services on the 192.168.5.x network using the GL.inet’s ip (192.168.1.51).
That is exactly my problem. If you look at my drawing PC.1/TV cannot reach PC.2 (RED arrow with “NO” writen in it)
My routing table is empty, i have not touched it at all
I believe that is not a wise to do. Opal is a medium capability router and I believe cannot handle all my in house devices. Also my ISP Router has voip telephone in it and also 4G sim card, so that it bonds wired internet speeds with 4G mobile speeds.
I am afraid that if I disable the DHCP of the ISP router something may broke
I believe maybe I can but do not know how.
I attach some photos of the relevant settings page of the ISP router for you to see
Your IPv4 Routing table contains 192.168.5.0 in br0. Do you have any idea why?
Try adding the following Static route in the Route → IPv4 Static Route page:
Wan name: Whatever you want to name this.
IP Address: 192.168.5.0
Subnet Mask: 24 (or 255.255.255.0)
Once that is done, do a traceroute from PC.1 to Synology and post what you get and also make a screenshot of Route → IPv4 Route Table again.
That’s caught my attention too?!!
There are tens of ways to achieve what to are trying to do. The easiest way would be to confirm your opal in bridge mode so that all devices connected to Opal take their IPs from the ISP modem range. Do you have restrictions putting all devices in a single LAN?
I really have no idea
So if I understood correctly, i did this
The Routing table now is:
But the ping gets this result
Yes it won’t work even if you set static route! as I told you your Opal has NAT firewall which works by allowing outgoing traffic from x.x.5x and denying all incoming traffic from the side of your ISP - that’s the job of NAT!
Please provide routing tables on both routers.
As I mentioned before the easiest way if you have no security concern to come figure the WAN interface of your Opal in bridge mode. After that all connected to Opal will take IP from x.x.1x range
I do not want to connect the Opal router in Bridge mode, because I will loose the wireguard function.
For the ISP router, I have posted them in my previous posts.
For the Opal router, where can I find them? Are they somewhere inside the luci page?
Can you tell me where to find it?
Maybe is this?
Logically, if you need the devices connected to your ISP router to fully access the ones connected to your Opal then no need for NAT at all right ?