DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Static route between 2 subnets

  • saurabh.28j
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
27 Jan 2011 16:39 #65916 by saurabh.28j
Replied by saurabh.28j on topic Static route between 2 subnets

rpg wrote: ok - try adding the route to the PC rather than to the router - just as a test.

Just to make sure I understand your setup.

Router1 192.168.2.1
PC connected to that router with a 192.168.2.x IP.

Router2 192.168.3.1
WAN2 (the connection to Router1) 192.168.2.42
PC connected to that router with a 192.168.3.x IP.

From the 3.x PC you can ping 2.1 router and 2.x PC.
From the 2.x PC you can NOT ping 2.42, 3.1 or 3.x PC




Yes your details are correct, except that last line :
From the 2.x PC you can NOT ping 2.42, 3.1 or 3.x PC
- I can ping 2.42 now, after I un-ticked Disable ping from internet on router2, however, yes I can't ping 3.1 or 3.x PC

-On router1 it does not allow me to set a static route to a PC, it only accepts it If I put the whole subnet (If that's what you meant)

-Also I tried doing port redirect on router2 to test one of the PC connected to it (3.x) enabling ssh from wan. Still cannot shh into that PC from 2.x PC

???

Please Log in or Create an account to join the conversation.

  • saurabh.28j
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
27 Jan 2011 16:45 #65917 by saurabh.28j
Replied by saurabh.28j on topic Static route between 2 subnets

rpg wrote: Also - have you got any VLANS setup on Router1?



Yes there is one vlan (vlan1) on router 1, but that port is directly connected to only one PC. I am connecting the 2.x PC on router1 which are part of rest of the network (vlan0) which includes all the servers and PCs.

Please Log in or Create an account to join the conversation.

More
28 Jan 2011 09:26 #65936 by rpg
Replied by rpg on topic Static route between 2 subnets
I've had a little play around with this on my network - similar setup but I have 2800 as Router 1 and 2820 as Router 2. Router 1 LAN port connects to Router 2 WAN 2 port.

I'm sure this is still a firewall / routing issue but I'm no expert on the Draytek Firewall - is anybody else able to help?

As a work around - can you VPN from 2.x PC to Router 2? Dont know what speed you would acheive but it is all technically internal.

Your test for port redirection on SSH may not have been the best place to start ! Some of the Draytek models are an SSH server so to get port redirection of SSH to work you would need to change the default port the draytek is listening on itself. Simple to do - System Maintenance -> Management -> Management port setup.

Please Log in or Create an account to join the conversation.

  • saurabh.28j
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
28 Jan 2011 10:26 #65940 by saurabh.28j
Replied by saurabh.28j on topic Static route between 2 subnets

rpg wrote: I've had a little play around with this on my network - similar setup but I have 2800 as Router 1 and 2820 as Router 2. Router 1 LAN port connects to Router 2 WAN 2 port.

I'm sure this is still a firewall / routing issue but I'm no expert on the Draytek Firewall - is anybody else able to help?

As a work around - can you VPN from 2.x PC to Router 2? Dont know what speed you would acheive but it is all technically internal.

Your test for port redirection on SSH may not have been the best place to start ! Some of the Draytek models are an SSH server so to get port redirection of SSH to work you would need to change the default port the draytek is listening on itself. Simple to do - System Maintenance -> Management -> Management port setup.




Hi, thanks for all your help.
I have asked Draytek tech support and they say the same that it's the firewall. Both of these router have inbuilt firewall and you can't completely disable them. So according to them it is not possible to achieve what we are trying to achieve here. Very odd that you have to keep the firewall not matter what and you can't get a WAN line fully trusted, even if you want to.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami