Hey all, I am having a bit of an issue with my home/office network. I work from home and recently setup a segrated home office.
My 'net facing router is a R6260. Works well and haven't had any complaints till now. When I established my home office, I added a old Linksys E900 router(security wasn't much of a concern, I just didn't want to flood my home network with my office traffic). I established a private subnet, and the Linksys nat'd my office network to my home network, then out to the 'net. This works fine. My son is starting college soon, and would like to learn more about computers, servers, etc.... So I figured it would be worhtwhile to give him access to my office network from the desktop in his room.
To this end, I turned off the firewall and natting on the Linksys E900, added a static route to the R6260 and tada, traffic was routed between the networks. I could remote into my home server, and the home network could remote into office servers.
BUT - Once I made this change, the office systems stopped being able to access the internet. If I switch the E900 back to nat mode, the office can access the internet, but then the home systems can't access the office systems.
I have tried all the rip settings on the R6260 to no avail. It appears as though traffic from the office is leaving to the internet through the R6260, but when it returns, the R6260 doesn't check it's static route table for the return route and just drops the packet. The documentation examples for the static route uses if you want to route outgoing traffic through a diferent gateway. I assume from the example they(Netgear) are not expecting the rerouted traffic to return to the external interface of the R6260.
Is there a bug in the Nat table which bypasses the static route configuration? Any suggestions would be appreciated.
Thanks
Model: R6260|AC1600 Smart WiFi Router Dual Band Gigabit
That tells me what, exactly, about your static routes? I also can't see how you're testing any of this stuff.
> [...] I established a private subnet, [...]
"172.168.10.*" is _not_ a private address range. (It's assigned to AOL.) I'd suggest restricting your private LAN segments to _private_ addresses. "192.168.y.*", for example.
Those are actually not the IP subnets I am using. The specific IP subnets I am using are irrelevent to my issue. Esp given my network is nat'ed out to the world. (It would be an issue if my final subnet uses a public IP space, but it does not).
My issue boils down to this.
Subnet "A", is connected to my ISP is using a Netgear R6260. The inside interface of the Netgear R6260 is x.x.x.1. Subnet "A" can access the internet without issue.
Subnet "B", is connected to Subnet "A" by a Linksys E900. It's WAN interface is configured statically with IP address x.x.x.2. It's inside interface is configured as y.y.y.1. Subnet "B" cannot access the internet.
The Netgear R6260 has a static route configured for y.y.y.#/24 subnet with a gateway of x.x.x.2.
Hosts on subnet "A" and "B" can access each other. This was verified via ping, tracert, rdp and ssh.
Subnet "A" and "B" both have DNS servers. Both use root hints for final lookup. Subnet "A" DNS servers resolve addresses as expected. Subnet "B" DNS servers cannot resolve anything external to their database.
