Port forwarding with two routers?

[Joe M.]

I've been wrestling with this problem for a while now trying to figure out exactly how I'm supposed to be forwarding ports behind two routers, but I can't seem to get the settings precisely right. Mostly it's frustrating because if I screw up I sometimes have to reset the outer router and start all over again. So maybe someone who is more tech savvy than myself knows how to do this.

I have two computers connected to a Linksys router which is connected to an Actiontec DSL modem/router which plugs into the internets. My IP settings look like this:

actiontec: 192.168.0.1 (default)
linksys: 192.168.1.1 (default)
PC: 192.168.1.50
Mac: 192.168.0.4 (automatically retrieved)

I have tried DMZing, forwarding from actiontec to linksys to PC, or directly from actiontec to my PC, etc, but either it doesn't work or I'm missing one specific detail that would make it all function correctly.

I've also tried moving the Linksys to 192.168.0.2 and then bumping my PC down to 192.168.0.4 but that has resulted in no internet access whatsoever. With the above settings, I can at least connect. It's just gaming (hi Borderlands) that is an issue.

Any help would be cool. I'm mostly lost when it comes to this network stuff.

[jerri blank]

You may have to disable the routing capabilities of your modem to make this work.

[GloriousMess]

So just to clarify:

INTERNETS! <---> [a.b.c.d] Actiontec [192.168.0.1] <---> [192.168.0.2] Linksys [192.168.1.1] <---> [192.168.1.50] COMPUTAR!

I'm ignoring the Mac for now as I'm assuming that's on the 192.168.0.4 network, connected to the Actiontec and working fine. If the above is correct then I'll suggest a few things.

[Joe M.]

Any idea how I'd go about doing that? I have tried disabling DHCP and DMZing to my linksys, but then it kills my connection to the modem.

[Joe M.]

Glorious: Mostly correct. The Mac is connected to the linksys as well - it splits the internet off between the computers.

I should add I've read through reams of google hits but every 'fix' seems to require knowledge that I don't have.

[GloriousMess]

So your Mac sits between the Linksys and the PC? Or is it connected to both routers?

[Joe M.]

INTERNETS! <---> [a.b.c.d] Actiontec [192.168.0.1] <---> [192.168.0.2] Linksys [192.168.1.1] <---> [192.168.1.50] COMPUTARS!

^ is what it looks like. The Linksys is a 4-port wifi access point. Both PC and Mac plug directly into it because the Actiontec only has 1 port but is necessary to authenticate my DSL.

[Joe M.]

Also, I didn't realize the Linksys got its own IP between itself and the Actiontec... this confuses the hell out of me.

[Skipper]

Joe I'm a little lost on the original question. Do you have the capability to modify the settings for both devices? Why are you double NAT'ing int he first place? I'm going to assume that the Linksys is also a wireless router, if so you could probably apply some third party firmware to just make it an access point versus a router, taking one NAT out of the equation. Another possibility would be to set the Actiontec to "bridge mode" wherein that device simply bridges traffic instead of acting like a firewall/router.

Without the capability to change the config on the Actiontec, you're stuck. You have no information on what ports it allows (assume no forwarded ports.) If you do have the ability to change it, troubleshooting it one device at a time will help immensely. Plug your PC directly into the Actiontec and open the corresponding ports for Borderlands. If you're successful you can then add the second device into the equation. What you are doing though, is called double NAT, and it's usually known to cause some problems. VoIP, gaming, VPN's and sometimes even SSL connections have been known to be finicky about double NAT setups.

[markv]

I have a dual router setup myself and this is what I've done:

Modem: 192.168.1.1
Router WAN ID: 192.168.1.2 DMZ'd on modem

Router: 192.168.2.1
Computers: DHCP in the 192.168.2.xxx range
Port Forwarding is done on the Router.

I have both the wireless and DHCP turned off on my modem so it does not cause any conflicts with my router. Everything works like a charm.

Also everything works for me, VoIP, Gaming, VPNs etc due to bypassing the NAT via the DMZ on the modem. There was no way to bridge the modem connection straight over (not an option on that modem) so it's very doable as long as you have a DMZ setup.

[Joe M.]

Okay, Qwest DSL requires PPPoA authentication which the Linksys is incapable of. That's why I'm stuck with both.

I can connect to both just fine in this configuration. It's when I tinker with things that it goes south and I end up having to reset, try again, etc. I was hoping someone with network experience would have some ideas on how to route this correctly.

I will see about disabling the NAT on the Actiontec!


markv: I will see if I can get that to work

[Joe M.]

Still no go. I really hate being tied to this ridiculous modem/router.

[Skipper]

Joe, which model and version Linksys do you have (listed on the bottom of the router.) It's possible that DD-WRT or Tomato might give you the PPPoA options you lack right now.

[Joe M.]

BEFW11S4. It says ver 3 on the box. It's pretty old!

edit: looks like I'm stuck with it. I'll keep tinkering.

[Tman]

Joe -

I was trying to do same thing (with two Linksys, but I think it will work just as well with your ActionTec)...and found the instructions below.

Read here for instructions. Follow them precisely.

[Joe M.]

jesus christ!

Okay, I fixed it! With a little help from all of you. :)

The main issue it appears is that my Linksys has this weird problem where it refuses to assign its WAN IP to 192.168.0.2 when its LAN IP was 192.168.1.1. Prior to this thread I didn't realize it even had two IP addy's so thanks for that.

How I got around this was trying out Tman's trick, which didn't work but when I went to reverse the settings I made, it let me keep my 192.168.0.2 WAN IP (and all the gateway/dns settings) while I reverted the LAN IP back to 192.168.1.1.

I'm a total newbie so I have no idea why it should be this way, but PortForward.com's utility tells me my ports are open, so hurray for that.

To summarize in case anyone else has this problem:

Actiontec IP: 192.168.0.1
Actiontec set to DMZ to: 192.168.0.2

I changed nothing else here. I still have the DHCP server running because every time I disable it stuff goes wrong. My port's are being forwarded so I'm not touching anything, but I could probably turn it off? Who knows. NAT is still active on the Actiontec as well.

Linksys LAN IP: 192.168.1.1

Linksys WAN IP (static): 192.168.0.2
Subnet Mask: 255.255.255.0
Default Gateway Addy: 192.168.0.1
DNS: 192.168.0.1
DNS2/3: (obtained from actiontec status page)

DHCP is active here too. I know that's probably bad. I'm forwarding all my ports from the Linksys, not the Actiontec. I set up a static IP for my gaming PC so that nothing wonky happens. My PC's network settings:

IP: 192.168.1.50
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
Preferred DNS: 192.168.1.1
Alternate DNS: (obtained from the actiontec status page)

I've literally been trying to get this to work off and on for a couple years. Woo!

Thanks for all the help.

edited: some numbers and stuff