networking

2805 readers

1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 1 year ago

MODERATORS

manifex@sh.itjust.works

Need Help Creating Isolated Network (OpenWrt) (sh.itjust.works)

submitted 1 year ago* (last edited 1 year ago) by zsnell02@sh.itjust.works to c/networking@sh.itjust.works

6 comments fedilink hide all child comments

Looking for help setting up an isolated network within my apartment complex's network. I have a Linksys router running OpenWrt, with the ethernet connection from my aprtment running to the uplink port on the router. When I SSH into the router, it has WAN access, but none of the LAN devices connected to it (by ethernet or wireless) do. Anyone have any experience with this?

you are viewing a single comment's thread
view the rest of the comments

[–] halcyondays@midwest.social 2 points 1 year ago (2 children)

My guess is responses aren’t NATing properly with the double NAT. Make sure you have a source NAT masquerade rule set up for traffic out, you may also need a masquerade to replace your client’s IP with the LAN gateway address on the way out.

Basically right now without masquerading as your LAN port the router loses the originating client’s IP when it src NATs, so the responses get delivered to the internal gateway address and never forwarded on to the client to establish the connection. Forcing it to masquerade will maintain that connection tracking.

[–] zsnell02@sh.itjust.works 2 points 1 year ago (1 children)

That's exactly what it was. Thank you so much