Posted: Tue Feb 28, 2012 6:02 Post subject: [RESOLVED] NAT with multi LANs subnet
Hello all,
Has you can see in my profile, I do not POST really often in this forum... I usually review and read on different topics and usually find what I need but tonight it's a bit different. I've spent several hours and read several post related to NAT configuration and others but nothing sounds like the issue I'm having...
I'm actually using DD-WRT v24 SP2 build 17798 (Special version from DD-WRT for Buffalo Tech) with a Buffalo WZR-HP-G300NH router.
My config is quiet simple. The Buffalo is configured as a Gateway with direct connection to ISP cable modem (DHCP). On the LAN side I use three differents subnets. The configuration is as follow:
The second router (192.168.100.2) is a L3 switch using VLANs (No NAT activated)(OmniSwitch 6850-P24)
Unfortunately, the WEB access works only for the main subnet. I can't reach the web from the "92" & "10" subnets. I made some test and research and finally discovered that the issue comes from the "NATING"... But now I'm out of resource and rely on you guys to find the solution...
Here is the extract from the router related to NAT:
(WAN IP removed from config) Apparently, the SNAT doesn't include the 192.168.92.0 & 192.168.10.0 subnets and this seams to be the source of my issues... Now, how can I add them to activate the NATing on these?
Let me know if you would need more details...
Thanks in advance for your support...
Rapetou
Last edited by Rapetou on Sat Mar 10, 2012 14:20; edited 1 time in total
Yes this is a VERY annoying change in recent builds. DD-WRT used to NAT all traffic going out the WAN port but now it only NAT's for the LAN subnet. Add this to your firewall script on the admin->commands page to use the old functionality.
iptables -t nat -I POSTROUTING -o `get_wanface` -j SNAT --to `nvram get wan_ipaddr` _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)