locked
2 Routers Different Subnet RRS feed

  • General discussion

  • I have read on the forum about the double NAT issue and understand a few things I might try to get Remote access working but have a question.

    Here is my set up starting at the phone line for DSL and working in to my home network.

    1. An Action Tech GT701 modem/router/NAT device that is set to 192.168.0.1.  NAT ON DHCP OFF Remote Managment OFF  Firewall OFF
    2. Sonic Wall TZ500 (A true Hardwire Firewall) 192.168.1.1 It sees the Action Tech modem as DNS 192.168.0.1 and a WAN address of 192.168.0.2 NAT ON  DHCP ON Firewall ON  that is not really the WAN address as it is really 216.38.X.X according to my server.homeserver.com IP and the Port forward web site.
    3. A netgear switch which all the client PC's and the WHS are plugged into.

    In understand that if I am going to make this work I need to forward the 3 needed ports from from the Action Tech to the Sonic Wall and then forward the Sonic Wall to the IP of the WHS (192.168.1.14 static). 

    I have one problem and a few questions:

    The problem is that the Action Tech will not let me forward 80,443 and 4125 to a different sub net (192.168.0.1 to 192.168.1.1).  I tried changing the Action Tech Modem to 192.168.1.5 but never got my internet connection to work.

    1. Is there a way to get this to work ?  I dont really want to change my network to the 0.X subnet?  That is the only thing I can really think to try at this point.
    2. Should I turn off the NAT on the Action Tech modem since I have read here that double NAT can be an issue and I am sure that the Sonic Wall is a more secure device?
    3. Should I turn off DCHP on the Actaion Tech Modem.  It seem redundant.  It hands out IP on 192.168.1.X just like the Sonic Wall.

    Any advice on getting this configuration to work would be appricated.


    JW
    Tuesday, September 30, 2008 2:39 PM

All replies

  • Hello,
    seems to me like a strange configuration building up unnecessary headache.
    What would happen, if you use another subnet, like 10.x.x.x or 172.x.x.x for one of the routers? Would port forwarding be available in this case?
    Best greetings from Germany
    Olaf
    Wednesday, October 1, 2008 11:30 AM
    Moderator
  • Unfortunately the Action tech will seems to only let you forward to the same subnet.  I have not as of yet tried changing my internet net to 192.168.0.X but if I did that then there is little point in having the Sonic Wall that I paid $350 for given that I would then be relying on the simple little Action Tech NAT for all my security.

    It has occurred to me that maybe I just need a more robust modem that will allow cross subnet forwarding.

    This kind of trouble shooting just takes up so much time to research and try solutions.



    JW
    Wednesday, October 1, 2008 1:06 PM
  • Sorry, I just try to understand what you are doing (I don't know both of your hardware components, so I may be wrong).
    The Sonic Wall has an external interface, connected to the Action Tech side of the network. This should have an IP address in the same subnet as the Action Tech is, right?
    In this case you would forward the ports from Action Tech device to this external interface of the Sonic Wall.
    In the Sonic Wall you would have to configure the forwarding for the same ports to the WHS.

    Best greetings from Germany
    Olaf
    Wednesday, October 1, 2008 1:15 PM
    Moderator
  • I need to forward the actiontech (192.168.01.) to the Sonic Wall (192.168.1.1)(this is really my fire wall not the simple little NAT modem). and then forward the Sonic wall to the WHS which is 192.168.1.14.

    You post made me wonder if there is a way to just let the modem send all traffic to the sonic Wall since the Actaion Tech is redundant in a security sence.  I might go try just turning off NAT on the Action Tech and see what happens.

    JW
    Wednesday, October 1, 2008 1:29 PM
  • The reason I have this set up is that I have to have the Action Tech modem to connect to my ISP but I dont think it is enough security so I have the Sonic Wall.  It is a Firewall,Anti Virus, Anti everything box.  With the sonic wall I dont really need to much security on each client box.
    JW
    Wednesday, October 1, 2008 2:20 PM