[MLB-WIRELESS] File sharing over 2 x WRT with WEP
Guy Weymouth
guy_vid at yahoo.com.au
Thu May 5 11:46:18 EST 2005
Um... Oh dear god... Give me strength!
Ok...
I tried the whole bridging thing effectively setting up three networks; 2 x
WRTs and a bridging network in between and pointed each WRT to the gateway
of the other. I couldn't get it to work because it seems to treat the
wireless and LAN ports as one and I basically got confused.
So, bridging then is what I want if it's going to make it faster. Bridging
to me would mean:
WRT 1
Internal IP: 192.168.1.1
External IP: 192.168.1.2
Gateway: 192.168.2.2
WRT 2
Internal IP: 192.168.2.1
External IP: 192.168.2.2
Gateway: 192.168.1.2
I'm sure that's wrong... Which then leads me to ask...
how do I configure each router, as below?
Router 1 - Main
Internet Connection Type:
Internal IP:
Subnet:
Gateway:
DCHP Server (on or off? What range of IPs?):
SSID and Router Name:
Set up as (AP / Client / Ad Hoc?):
Anything else?
Router 2 - Second
Internet Connection Type: Disable
Internal IP: 192.168.20.2
Subnet:
Gateway: 192.168.20.1
DCHP Server (on or off? What range of IPs?):
SSID and Router Name:
Set up as (AP / Client / Ad Hoc?):
Anything else?
Guy
On 5/5/05 9:57 AM, "David Ashburner" <d_ashburner at hotmail.com> wrote:
> Short answer:
> Try connect the existing LAN into one of the LAN ports of WRT (main), then
> you don't have any issue with routing and NAT. Don't run DHCP on the Wrt
> (main) and make sure your DHCP servers serve different subsets of the
> available address range.
>
> long explanation follows...
>
>> im pretty sure u ither use the 4 ports or the wan and not both?
>>
>
> As Ric says, you can connect to either the WAN port or one of the LAN ports
> but don't connect both to the same segment. I'm not sure exactly what you
> are trying to do with this set up but you have two basic choices, either
> bridging or routing. Bridging means you have one big LAN that is
> physically segmented but your wireless devices are bridging the segments
> together. Routeing means that each physical locatio is it's own address
> space and the wireless devices are routing between the segments - only
> packets specifically addressed will be forwarded across a link.
>
> It sounds like you want a bridged network, something like this?
>
> existing LAN 192.168.2.0 WRT (main) ---< bridge >--- WRT (second) --- new
> LAN 192.168.2.0
>
> All machines are sharing an address space. The WRT's are both in WDS mode
> and create a lbridge between the two physical segments. The added advantage
> of WDS here is that it allows wireless clients at either location to connect
> up to your LAN, but with the side effect that messages from one of those
> wireless clients go through the radio twice.
>
> ** in this case the existing LAN should be connected to one of the LAN ports
> on the WTR (main) - effectively you would not be needing or using the
> routing part of the wrt.
>
> Routed would look like this:
>
> existing LAN 192.268.2.0 --- (WAN port) WRT (main) ---< link >-- WRT
> (second) --- new LAN
>
> The new LAN would have a different address range. WRT(main) would be in AP
> mode and WRT (second ) in client mode. WRT (second) would need to run
> OpenWRT because you don't want it bridging between the Wlan and the LAN, you
> want it to Route between the two.
>
> if you are routing you can choose to connect the WRT (main) to the existing
> LAN via either the WAN or LAN port depending on how you want to split the
> segments and if yu are trying to create a firewall between the existing LAN
> and the wireless LAN.
>
> Here you are saying WTF? this is too hard. and you would be right!!
> Routing is more complicated and requires custom firmware. This is why these
> units are consumer grade not Telco grade. A telco grade device allows you to
> frig with these things in a well defined management framework - but the cost
> 10x the price.
>
>
>>>>
>>>
>>> I don't quite get that, but what's the alternative?
>>>
> as above :)
>
> The wrt is a combination device. It is a router, switch and wireless all in
> one. How it is connected with standard firmware ( including sveasoft) is
> that the LAN ports and the Wlan are bridges together and the bridge is
> routed to the WAN port.
>
> Bridging means the LAN and the Wlan all sharer a common address space. The
> routing to the WAN means that the Wrt and all the bridged devices behind it
> appear as a single device to anything else on the WAN. As far as your ISP
> is concerned it looks like a single machine. Part of the routing set-up is
> NAT, NAT performs address translation on the packets sent from the LAN and
> Wlan to make it look like they came from the WRT (hence anything else on the
> WAN thinks it is a single device). When return messages come back the NAT
> software keeps track of where the requests cane from and re-translates the
> address and forwards the packets onto the correct device.
>
>
>
>>>> You could have DHCP on at both ends and serve different address ranges (
>>>> like 50-100 at main and 101-150 at second)
>>>>
>>>>
>>>
>>> Well I could but any workstations will connect to the "Main" Linksys via
>>> wireless or one of the 4 ports, but ultimately get an IP from the existing
>>> DHCP server on the existing network (which is connected to the WAN port on
>>> the "Main" linksys). So why would I want DHCP on the Linksys as well?
>>>
> Depends on how the WRT is connected to the existing LAN.
>
> If your WRT (main) is connected to the existing network via the WAN port I
> don't think anything on the LAN or Wlan would be able to get any messages
> back from the DHCP server on the existing network. By using the WAN port you
> are using NAT and to the DHCP server it thinks it has already served an
> address. Also any reply coming back would stop at the WRT unless you have
> port forwarding for that port and then you can only forward to one device -
> not going to work!!
>
> But, if you have the existing LAN connected to the LAN port it will be OK.
> ( make sure the DNS servers in each location only serve a subset of the
> address range for that segment to avoid duplicate addresses).
>
>
>>> Yeh, file sharing works fine without security. But with WEP or WPA, if I
>>> connect directly to the "Main" linksys or via the existing network which
>>> is
>>> connected to the "Main linksys, I can't file share with a workstation
>>> wirelessly or directly connected to the "Second" linksys.
>>>
> WEP and WPA are always probematic. I think what a lot of people end up doing
> is using some sort of encrypted tunned between locations. I use SSH tunnels
> across the internet ( between UNIX/Linux machines). The problem with these
> is that you either need support for them (VPN support) in the router
> firmware or need to run the tunnel endpoints on other machines.
>
>
>
>>> Yeh, I've tested that and it does work. It's not really a big issue
>>> because
>>> if I connect to the existing network, I get the right IP and default
>>> gateway
>>> and I don't really intend on connecting any workstations directly into the
>>> "Main" linksys anyway... It's just a problem if you want to connect
>>> directly
>>> to administer the router and while you're there reference something on the
>>> internet - you can't. So, I guess DHCP on both routers would solve this.
>>>
> Again, you won't need it if you connect the Wrt (main) via the LAN port.
>
>
>>> I can't get it to work without WDS. How can I set it up without using WDS?
>
> Without WDS you need cusom firmware on the wrt's at the remote locations.
> The Main is acting as an AP and the remotes run in client mode. They need
> to be configured to route between their Wireless interfaces and their LAn
> interfaces (not bridge) and would not be able to support local wireless
> clinets (as they would not be in AP mode).
>
> gee, it should be easy right??
>
>
>
> To unsubscribe: send mail to majordomo at wireless.org.au
> with "unsubscribe melbwireless" in the body of the message
>
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list