# wireless router behind firewall



## jcipale (Jan 11, 2010)

I have come across an annoying hiccup that I cant seem find an answer for.

I recently purchased Netgear N-router to use with my laptop. Here is my network:
Smoothwall firewall/DHCP server--+-- 2 linux(ubuntu) desktops
|
+-- 1 linux laptop
|
+-- 1 Vista desktop

I am using DSL from my provider.

I am using an Intel 16-port 10/100 hub

What is happening is I have the wireless router installed and configured behind my firewall. The 2 linux desktops are able to access the 'net cleanly with no interupts. The laptop, when used in wirelss mode, is able to locate/access the wireless and access the mountpoints for the desktop workstations as well as access the internet. When used in wire mode, it is still able to connect and access the internet.

The Vista PC, however, is trying to access the router and connect through it. There is NO wirelss card/antennae installed on this desktop machine. When a user attempts to access the internet (Yahoo/Google/etc), the browser display a message that it is unable to connect at this time. If I perform a 'ping' on the other networked workstations, I am able to 'see' the response from the other hosts on the network. I am just unable to go outside to the web.

The funny part here is this: If I disconnect (read power-down) the router and power-cycle the Vista desktop, the 'net is now available. I suspect that the configuration I am using is causing the failure. The Netgear instruction manual has no clear instructions on where to place the router in this chain.

Anyone have any experience in the best place to install/configure the router? Thanks!


----------



## johnwill (Sep 26, 2002)

I'd connect the router to the Smoothwall with the other machines, and use the following configuration to remove it's NAT layer. This will make it transparent to the network.


Connecting two (or more) SOHO broadband routers together.

*Note:* _The "primary" router can be an actual router, a software gateway like Microsoft Internet Connection Sharing, or a server connection that has the capability to supply more than one IP address using DHCP server capability. No changes are made to the primary "router" configuration._

Configure the IP address of the secondary router(s) to be in the same subnet as the primary router, but out of the range of the DHCP server in the primary router. For instance DHCP server addresses 192.168.0.2 through 192.168.0.100, I'd assign the secondary router 192.168.0.254 as it's IP address, 192.168.0.253 for another router, etc.

_*Note: Do this first, as you will have to reboot the computer to connect to the router again for the remaining changes.*_

Disable the DHCP server in the secondary router.

Setup the wireless section just the way you would if it was the primary router, channels, encryption, etc.

Connect from the primary router's LAN port to one of the LAN ports on the secondary router. If there is no uplink port and neither of the routers have auto-sensing ports, use a cross-over cable. Leave the WAN port unconnected!

This procedure bypasses the routing function (NAT layer) and configures the router as a switch (or wireless access point for wireless routers).

For reference, here's a link to a Typical example config using a Netgear router


----------

