About configuring dual routers

DxHum

Member
Joined
Jun 2, 2024
Messages
42
Reaction score
19
Credits
361
I currently have a tri-band wireless router. On the rear is the WAN port and (3) RJ45 ports.

I also have an older 2.4 GHz wireless router.

I want to hang the older, 2.4 GHz wireless router off the tri-band router.

I am connected from the LAN port on the tri-band router to the WAN port on the older 2.4 GHz router. The routers are connected, but there is no internet available via the older 2.4GHz router, just on the tri-band.

I'm wondering; is it because the tri-band is trying to assign a non-routable ip (192.168.1.*) to a WAN port that typically get a routable ip from the internet provider?
 


When connecting the older 2.4 GHz router to your tri-band router.

IP Address Assignment:
You’re correct that the WAN port on the older router typically receives a public (routable) IP address from your internet service provider (ISP). However, when connecting it to the LAN port of your tri-band router, the older router should be assigned a private (non-routable) IP address.
The tri-band router acts as a gateway, and its LAN IP address range (such as 192.168.1.*) should be different from the older router’s default IP range.
Configuration Steps:
Ensure that the older router’s WAN port is connected to one of the LAN ports on the tri-band router.
Log in to the older router’s web interface (usually via a browser using its default IP address, such as 192.168.0.1 or 192.168.1.1).
In the older router’s settings, disable DHCP (Dynamic Host Configuration Protocol) on the WAN side. This prevents it from trying to obtain an external IP address.
Set the older router’s LAN IP address to an available address within the tri-band router’s subnet (e.g., 192.168.1.2).
Make sure the SSID (wireless network name) and password are the same on both routers to allow seamless roaming.
Channel Interference:
Check if the 2.4 GHz channel on the older router is set to a crowded channel. Interference from neighboring networks can cause connectivity issues.
Try changing the 2.4 GHz channel to a less congested one (e.g., channels 1, 6, or 11).
Reboot Both Routers:
Sometimes a simple reboot can resolve connectivity issues. Turn off both routers, wait a few seconds, and then turn them back on.
Firmware Updates:
Ensure that both routers have the latest firmware updates installed. Outdated firmware can cause compatibility issues.
Device Placement:
Place the routers away from physical obstacles (walls, metal objects) and electronic devices (microwaves, cordless phones) that might interfere with the signal.
 
Last edited:
When connecting the older 2.4 GHz router to your tri-band router.

IP Address Assignment:
You’re correct that the WAN port on the older router typically receives a public (routable) IP address from your internet service provider (ISP). However, when connecting it to the LAN port of your tri-band router, the older router should be assigned a private (non-routable) IP address.
The tri-band router acts as a gateway, and its LAN IP address range (such as 192.168.1.*) should be different from the older router’s default IP range.
Configuration Steps:
Ensure that the older router’s WAN port is connected to one of the LAN ports on the tri-band router.
Log in to the older router’s web interface (usually via a browser using its default IP address, such as 192.168.0.1 or 192.168.1.1).
In the older router’s settings, disable DHCP (Dynamic Host Configuration Protocol) on the WAN side. This prevents it from trying to obtain an external IP address.
Set the older router’s LAN IP address to an available address within the tri-band router’s subnet (e.g., 192.168.1.2).
Make sure the SSID (wireless network name) and password are the same on both routers to allow seamless roaming.
Channel Interference:
Check if the 2.4 GHz channel on the older router is set to a crowded channel. Interference from neighboring networks can cause connectivity issues.
Try changing the 2.4 GHz channel to a less congested one (e.g., channels 1, 6, or 11).
Reboot Both Routers:
Sometimes a simple reboot can resolve connectivity issues. Turn off both routers, wait a few seconds, and then turn them back on.
Firmware Updates:
Ensure that both routers have the latest firmware updates installed. Outdated firmware can cause compatibility issues.
Device Placement:
Place the routers away from physical obstacles (walls, metal objects) and electronic devices (microwaves, cordless phones) that might interfere with the signal.

Thank you for the in-depth reply. I certainly will try what you suggest and get back to you.

However, I don't want seamless roaming.

I have devices that use Chinese technology, which I do not want on my primary router. My idea is to hang the old router off the new in a DMZ. My belief is that only the old router will be seen by the devices using the 2.4GHz band. The new router would be invisible, or at least, inaccessible.

Is my idea flawed?
 
However, I don't want seamless roaming.

I have devices that use Chinese technology, which I do not want on my primary router. My idea is to hang the old router off the new in a DMZ. My belief is that only the old router will be seen by the devices using the 2.4GHz band. The new router would be invisible, or at least, inaccessible.

In that case, just use a different SSID, with a different password.
 
To make that work you would need to either add static routes or a routing protocol. Ideally if you could run rip on both boxes you would be able to communicate. Without those kinds of configuration inbound traffic will never find its way to the second router hanging off the first
 
I currently have a tri-band wireless router. On the rear is the WAN port and (3) RJ45 ports.

I also have an older 2.4 GHz wireless router.

I want to hang the older, 2.4 GHz wireless router off the tri-band router.

I am connected from the LAN port on the tri-band router to the WAN port on the older 2.4 GHz router. The routers are connected, but there is no internet available via the older 2.4GHz router, just on the tri-band.

I'm wondering; is it because the tri-band is trying to assign a non-routable ip (192.168.1.*) to a WAN port that typically get a routable ip from the internet provider?
you do not have to do anything special. you are attempting to daisy chain the routers. I do that often.

router 1 is connected to ISP equipment
router 2 is connected from its WAN port to router 1 LAN port.

if router 1 is xxx.xxx.xxx.1 set router 2 to connect to router 1 on xxx.xxx.xxx.2 subnet 255.255.255.0 gateway is the router 1 address. dns 8.8.8.8 this config on the WAN port or internet configuration.

Router 2 will see router 1 but router 1 will not see router 2 this gives you the protection you figured on. You do not need any special configurations.This is a basic and simple setup. Just kill any programming on the routers and set the basics up. DMZ not needed. Keep it simple.

This config will give you internet. You are thinking like my mother, too complicated and overthinking.
 
you do not have to do anything special. you are attempting to daisy chain the routers. I do that often.

router 1 is connected to ISP equipment
router 2 is connected from its WAN port to router 1 LAN port.

if router 1 is xxx.xxx.xxx.1 set router 2 to connect to router 1 on xxx.xxx.xxx.2 subnet 255.255.255.0 gateway is the router 1 address. dns 8.8.8.8 this config on the WAN port or internet configuration.

Router 2 will see router 1 but router 1 will not see router 2 this gives you the protection you figured on. You do not need any special configurations.This is a basic and simple setup. Just kill any programming on the routers and set the basics up. DMZ not needed. Keep it simple.

This config will give you internet. You are thinking like my mother, too complicated and overthinking.
This would work for outbound initiated connections. As mentioned in an earlier post you will want to pay attention to make sure each router is set up with a different subnet in dhcp configuration. If you wish to reach the devices on the other segment from the outside you need a routing table to support it. The easiest way is to enable a routing protocol if the equipment supports it. Unfortunately a lot of newer routers try to make setup simple and omit features like that. I guess there are a lot of potential solutions. It is all a matter of what kind of functionality you are trying to achieve. Good luck
 
This would work for outbound initiated connections. As mentioned in an earlier post you will want to pay attention to make sure each router is set up with a different subnet in dhcp configuration. If you wish to reach the devices on the other segment from the outside you need a routing table to support it. The easiest way is to enable a routing protocol if the equipment supports it. Unfortunately a lot of newer routers try to make setup simple and omit features like that. I guess there are a lot of potential solutions. It is all a matter of what kind of functionality you are trying to achieve. Good luck
subnet does NOT need anything other than standard 255.255.255.0 for what the OP is asking. Let us not over complicate it for them.
 
You are right You don't need to use a different mask. The point is that if you have two boxes serving dhcp and you have the misfortune that they use the same subnet ex router 1 192.168.1.0 also uses router 2 192.168.1.0 this will cause a malfunction if you are trying to make an inbound connect. If your only purpose is to have equipment initiate outbound connections this may work but would still make sure they are different subnets. The other thing to consider is that if there is a real security concern here hanging the second box off of the first will provide very little protection. A firewall is really the correct solution if you want to make sure the equipment cannot access other local resources.
 
You are right You don't need to use a different mask. The point is that if you have two boxes serving dhcp and you have the misfortune that they use the same subnet ex router 1 192.168.1.0 also uses router 2 192.168.1.0 this will cause a malfunction if you are trying to make an inbound connect. If your only purpose is to have equipment initiate outbound connections this may work but would still make sure they are different subnets. The other thing to consider is that if there is a real security concern here hanging the second box off of the first will provide very little protection. A firewall is really the correct solution if you want to make sure the equipment cannot access other local resources.
no idea what the op is needing but the outbound sounds like what he wants. When I do the daisy chain it is usually for traffic shaping. Isolating high traffic devices to one router but still giving them internet. I use different dhcp pools and IP for each router. so the internal IP of router 2 would be say 10.10.10.2 and router 2 DHCP would be 192.168.0.100 to 192.168.0.200, this gives each router different dhcp pool and different IP but they pass the packets up. this eliminates the issues you mentioned. Usually anyway.
 
I want is a second router hanging off the primary. The secondary router will be used for "made in China" technology. It is okay for the primary router to see the secondary, but I don't want the secondary to see the primary, which is why I was thinking DMZ.
 
I want is a second router hanging off the primary. The secondary router will be used for "made in China" technology. It is okay for the primary router to see the secondary, but I don't want the secondary to see the primary, which is why I was thinking DMZ.
To the best of my knowledge that is not possible. It can't work that way. unless you are confusing the routers...

Primary router is connected to ISP aka router1
secondary router is connect to primary. aka router2

router1 will not see router2 without higher end programmable routers such as cisco or juniper.
you will not make this work with off the shelf consumer routers.

If router2 does not see router1 then router2 also does not see internet. it will only see its own local LAN.
 
I want is a second router hanging off the primary. The secondary router will be used for "made in China" technology. It is okay for the primary router to see the secondary, but I don't want the secondary to see the primary, which is why I was thinking DMZ.
I don't know how far down a rabbit hole you want to go but one way to create the DMZ you are looking for is to use an old pc with a couple of nic's and load up pfsense. You can isolate the network segment with the suspect hardware to your hearts content. This would eliminate the need for a second router(pfsense will provide both firewalling and routing). This would require some research and time on your part but you can create decent security with this. Personally if you are so afraid of the hardware in question I would just get rid of it.
 

Members online


Latest posts

Top