Menu
What's new
By:
Filters Better Search

Source NAT for secondary networks?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

BR Thurr

BR Thurr

New Around Here
Guys,

First of all, hello to all of you.

I've been desperately trying to set up my home network in a DMZ-Lab type configuration. Here's my current configuration:

Edge (Home) Router: Asus RT-AC87U running DD-WRT v3 buld 29193
Internal Router: VyOS 1.1.6 running on Hyper V

Here's what I'm trying to accomplish (yes, I stole these, but I've configured them exactly as outlined. If you'd like more background on what I'm attempting to accomplish, see this.)

071815_0011_Configuring1.png

I've also configured the VyOS router as follows:

071815_0011_Configuring5.png


Hosts on the DMZ subnet can browse the Internet with no problem. However, my "internal" hosts cannot. With DD-WRT, this can be solved by entering the following in the Firewall section of the router:

071815_0011_Configuring6.png


And....it works! But only until DD-WRT crashes repeatedly which was why I moved on from it months ago. I flashed again with DD-WRT last night solely for the iptables command above. But it's just not worth it due to DD-WRT's instability, particularly on my model of router.

So my question is, can this be done with AsusWRT-Merlin? If so, how? I'd gladly switch back if this is possible, as the ASUS/Merlin firmware has been very stable and feature-rich.

Any help would greatly be appreciated. Thanks!
 
How far did you get with this? I'm trying to setup a secondary network segment for a lab I'm building and ran into a snag... My setup is similar to yours with VyOS. In my case I'm trying to do a simple routed network (I have a static route on my main lan to my lab network, the lab network has a default gateway of the main lan router) but I'm having a routing issue between the servers on the different ip segments.
 
You might need to go back to Hyper-V, and build the virtual interface for the Vy-OS interface, once done, you can put it, and the children attached into the DMZ of the primary router/AP interface...

Keep the scopes separate...
 
You must log in or register to reply here.

Similar threads

S
Voxel R9000 possibility for VLAN tagging (internal)
Replies
2
Views
1K
Selcal
S
T
Input on ways to implement IOT network
Replies
3
Views
4K
nikr
N
Z
Source IP for NAT in UI?
Replies
2
Views
2K
zPacKRat
Z
N
Grandma Test: RT-AC68U (RMerlin 374.43.2) vs R7000 Nighthawk (v24354M)
Replies
3
Views
5K
TonyH
T
namurt
Best advice for laying out (and upgrading) my home network
Replies
10
Views
2K
azazel1024
azazel1024
Similar threads
Thread starter Title Forum Replies Date
R DNS - passing on source IP address to pihole in the cloud Asuswrt-Merlin 7
T Merlin closed source parts and privacy questions Asuswrt-Merlin 15
E Multi source selective port forward? Asuswrt-Merlin 1
M How to NAT traffic inbound to a specific host or network ? Asuswrt-Merlin 6
A Open NAT game profiles Asuswrt-Merlin 8
J Double NAT trouble? ISP-provided modem/router + GT-AX6000 (w/ RMerlin) Asuswrt-Merlin 6
J Max number of open NAT connections on GT-AXE16000 and GT-BE98 Asuswrt-Merlin 9
S VoWifi and NAT Acceleration Asuswrt-Merlin 0
C Solved Need help with nat-start scripts Asuswrt-Merlin 3
Mr Solis Enabling NAT Acceleration (CTF) breaks Port Forwarding? (RT-AC68U w/ 386.12_4) Asuswrt-Merlin 17

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 583 (members: 15, guests: 568)
Top