Posted: Tue Oct 17, 2006 7:44 Post subject: Connection problem to client bridge
Hi.
I've just purchased a couple of WRT:s and installed dd-wrt on them and everything is working perfectly except for one thing. I can't access the client bridge from the "server bridge" part of the network. It's a minor problem but it's been bugging me.
Ok, here are the specs:
I'm using two WRT54GL v1.1 with dd-wrt v23sp2 std
I'm trying to create a segmented network with the two WRT:s acting as wireless bridge between two areas of my house.
Something like this (It should look ok with default fonts):
3
<>
I - 1 - S - A <> C - 4
|
2
"-" = Wire
"<>" = Wireless
I = Internet
S = Unmanaged 10/100 switch
A = WRT Access point, 10.0.2.100/172.30.100.1, dhcp
C = WRT Client bridge 172.30.100.150
1: Linux router, 10.0.2.1, dhcp, dns, etc.
2: Wired wintel, dhcp assigned from "1" (10...)
3: Wireless wintel, dhcp assigned from "A" (172...)
4: X-Box, dhcp assigned from "A" (172...)
Okey... The problem is that I can't connect to "C" from anywhere on the 10-network. I have added the 172 network to the routing table in "1" and I can connect to the X-Box from any device on any network, which makes me believe that the routing works as supposed.
I've disabled the SPI firewall and enabled remote access. I've also tried configuring the client bridge as a RIP2 Router. I can access it from anywhere on the 172 net, including from the AP but as soon as i'm on the 10-net it's as if theat host didn't exist.
Yup, the box gets internet and I can connect to it from the 10-network. I've set up a static route at the linux router "1" which is the default gateway for computers in the 10 network. That part works as it should.
What's weird is that I can't connect to the client bridge router from the 10-network, but I can connect to the x-box which is connected to the client bridge by wire.
And with unable to connect, I mean I can't form any connections at all, be it ping, telnet, traceroute, http, snmp, nothing works. Neither TCP nor ICMP. It's as if it drops all packets not originating from the 172-network but I can't find any settings that would imply that it should do that. Not even if I look directly at the iptables output can I see anything that would cause this behaviour from a firewall point of view.
Problem solved. I slipped when I configured the gateway for the client bridge and lost a digit so all packets that we're sent back were routed to a non-existing host.
So now, thanks to dd-wrt, my net is working like a charm.