Unfortunately, I don’t know many details about the GL-ARM300M (Shadow).
On a Flint you have to convert the WAN port to a LAN port. Maybe there is an option like this as well on the Shadow?
Just to understand the desired end state: You want the shadow router to exist on the same network as the home network, and then you want to manually set routes to route them through the VPN?
I can access the secondary glinet router either on the same lan connection , so on my laptop for 192.168.10.1 to be seen by internet on my laptop i have to connect to its wifi?
i want it all to work from one connection.
also i will do this now but i have to swap wifi ever time i make changes
EDIT: I just changed wan to lan, and The GUI says no internet?
I need internet into SHADOW
so it can generate VPN for me to connect to
I will assess your image but for right now:
I need my shadow connected to flint with internet and ability to create a tunnel out of my home
Edit, ive just looked, I didnt know my home could have two routers exposed to the internet?
Only devices within the same subnet can access each others.
If your computer’s subnet isn’t set up right, it’s like being in the wrong neighborhood. So, your computer will use the gateway, which is like a town center, to find its way to the right place.
So if you are in subnet 192.168.8.x (with subnet mask 255.255.255.0) you can only access devices within the 192.168.8.x. If you use a broader subnet mask (like 255.255.0.0) you can access all devices within the network 192.168.x.x
But this is just for your understanding - not for solving the issue so far.
And now I’ll wait for @LupusE - he is pretty good in describing what to change.
A subnet (192.168.8.0/24) can only exist one time. So you need to change the network of your ISP LAN or your GL.iNet LAN. Than you’ll have a double NAT for all devices behind the GL.iNet LAN.
In that case the Shadow admin panel is reachable only from the LAN site (all devices in the LAN/WLAN settings of the Shadow). Or you explicit allow access to the admin panel from WAN, than the clients at the ISP LAN can reach the Shadow, but at the WAN IP, not the GL.iNet LAN IP.
On the other hand you can can switch the Shadow to Bridged mode. Than it does no DHCP, DNS, Routing. It is just another Client in the network, that can hand over all WLAN to LAN, in the same Network.
In that case your Shadow is reachable from the Whole LAN by the settled or assigned (via DHCP) address.
No. Two sites with the same Subnet won’t work. Never. Regardless how many people people living there.
Lets live in a ideal world:
SiteA: LAN 192.168.1.0/24 (.1 is the router, .2 the first client)
SiteB: LAN: 192.168.2.0/24 (.1 is the router, .2 the first client)
Now you can create a VPN in between, with the network 192.168.3.0/24 or 10.10.10.0/24 (a little oversized, but okay for this picture).
The issue in the wrong setup: Because it is more easy in your head, you’d like to use 192.168.1.0/24 on both sites, because there is a VPN in between → But the SiteA is routing all 192.168.1.0/24 to itself, SiteB is routing al 192.168.1.0/24 to itself … The VPN is confused what is the target address.
The Network at the Shadow isn’t working, right? So you can change it and lose nothing.
No there is no offsite yet, im saying that i have the hardware so i can experemnt, i need to first get my stable known working network to see Shadow and let it vpn
ill read this now and wrap my head around the logic of what to do
Network with the CIDR /32 will be only one IP … I really don’t think this will represent your network.
Yeah, the bridged is on another device. Sorry that I have more than one router config. sometimes I confuse them.
But please make sure you are using Firmware 4.x, not 3.x