How can I set up to routers, router one being the internet gateway and the router 2 being a guest network with no access to ro

[etb464]

I have two wrt54gl routers flashed with DD-WRT. One is the gateway and the other I wish to be a guest network which is isolated from the gateway router and all computers connected to it. I've tried multiple methods and have not been successful. Any help would be appreciated.

 

[computertech82]

Sounds like you still have a router set to router mode and not as a gateway. If both are trying to use the same ip address, that's a problem. You have to program one to use different addresses, like 192.168.100.1. that way they do not conflict with each other.
And if you set one router and disable the dhcp server, and turn it into a gateway/hub, then the router would be first abd the hub connects to the router.

 

[etb464]

Should both be set as gateways? I have router 1 set to 192.168.1.x and router 2 to 192.168.2.x I then have another router wired to router 2 and this one is my access point for my guests. Should this router be directed to router 1 LAN IP or router 2 WAN IP as the gateway? I have router 2 set with Static IP as per instructions at http://www.dd-wrt.com/wiki/index.php/Linking_Subnets_with_Static_Routes. Also what should I set the Gateway to under WAN setup on router 2?

 

[RealBeast]

I will call your primary router (the one that connects to your cable or dsl model) router 1. Connect router 1 WAN port to your cable or DSL modem as usual. Then connect router 2 to an LAN port of router 1 to the WAN port of router 2.

If your router 1 has a gateway of 192.168.0.1, then make the gateway address on router 2 equal to 192,168.x.1, where x is any value from 1 to 254. Set the WAN address and DNS address of router 2 to be the router 1 gateway address of 192.168.0.1.

Insure that each router has a different SSID and different security passkeys, and that they also use different non-overlapping radio channels (selecting from the three non-overlapping channels of 1, 6, and 11).

That will allow your router 2 (guest router) to access the Internet but not to access anything on your primary network.

 

[etb464]

Thanks for the input. I tried your suggestions RealBeast with no luck. Is there any way for me to post a screen shot of my router admin page? It would be much simpler if you could see what I am doing and tell me where I am going wrong. I mentioned before, router one and two are WiFi disabled and I have a third router in a better location as the ap for guests cable connected to router 2 lan. If I get router 2 isolated it should isolate anything connected to it...right?

 

[RealBeast]

Ah, I didn't notice that third router, the guest AP. If you want it isolated from 1.x and 2.x you will need to make it another distinct subnet, say 3.x. Not sure why you need two other personal subnets though.

Since it is connected to router 2 you will need to give it yet another cascaded address -- this time router 3 will have a gateway address of 192.168.3.x and it should connect to an LAN port of router 2 from the WAN port of router 3. The WAN address that you enter for router 3 will have to be the gateway address of 2 (2.x) and the DNS address of router 3 will also be the gateway address of 2 (2.x).

It is fairly straightforward if you think of it this way. To set up an access point you attach it LAN to LAN and give it a static address in the network range of its router. To set up a separate subnet you attach the secondary router WAN port to the primary router LAN port and give the secondary router a new network address, so the third octet is different, and set its WAN address to that of the primary router that it is attached to.

 

[etb464]

Some progress being made. I was making things more complicated than I needed to. Thanks RealBeast. I now have a 2nd router on a seperate subnet (192.168.2.x) with internet access. The problem now is when connected to this router I have full access to the gateway router 1 subnet (192.168.1.x). From router 2 I can access admin page of Gateway router 1 and I would guess any other device connected to router 1. When connected to router 1 I have no access to router 2, subnet 192.168.2.x. This is the opposite of what I am trying to achieve. I guess this can suite my needs if I just use router 2 as my home network router and router 1 as the guest router but for knowledge sake can I switch this so there is full access from router 1 to router 2 and no access from router 2 to router 1 other than internet access?

current config:

WAN Connection Type
Connection Type Static IP
WAN IP Address 192.168.1.10
Subnet Mask 255.255.255.0
Gateway 192.168.1.2
Static DNS 1 0.0.0.0
Static DNS 2 0.0.0.0
Static DNS 3 0.0.0.0
STP Disable

Router IP
Local IP Address 192.168.2.1
Subnet Mask 255.255.255.0
Gateway 192.168.1.2
Local DNS 192.168.1.2

DHCP Server Enabled

 

[RealBeast]

You should not be able to access any devices on router 1 when using a device connected to router 2.

You do need to change the user and password of router 1 (and really 2) to something other than the default so that nobody on 2 can access the configuration pages for either machine.

Only you will know those and keep them written down in a secure location so that you don't have to reset to default and rebuild your network if you forget them.

 

[etb464]

After a couple of reboots the two routers are isolated from each other. Thanks for all the help.

 

[RealBeast]

After a couple of reboots the two routers are isolated from each other. Thanks for all the help.

Great, nice work. You are now the master of your domains! :lol: