Broadband Tech > Networking > Using a 2nd router to create a second network

Using a 2nd router to create a second network

This will work, but it’s a bit complex and, well, a mess. That said though, by default, devices on the second router will be able to send packets to devices on the first router, but devices on the first router will never be able to reply back without adding a route to the first router, so it’ll be somewhat secure, and no files will be able to be accessed.

Thanks for the fast reply Bink.

is there a "less messy" way to achieve what I want by doing a different method?

To make sure I understand what you're saying: by doing the method I posted above, devices on the second router would be able to access files that are on devices on the first router, but devices on the first router would NOT Be able to access files that are on devices on the 2nd router?

If I decide I want devices on both routers to interact with each other both ways, how would I go about adding a route to the first router?

Thanks again!

A better way to do this would be with a single router for all hosts and switch that supports VLANs, and then use Access Control Lists on the router to decide what has access to what.

As for accessing files, by default, no devices should be able to access files between routers, but the security here is not complete and this is just a side effect of not having a route on the first router. If you wanted the devices on either side of the router to interact, the best way to do this would be to configure the second router to not NAT, but route and use the IP of the first router as its default gateway. Then you would add a route to the first router so that all traffic destined for 192.168.100.1/24 is sent to the IP of the second router (specifics for doing this should be in the documentation of your router).

Thanks for clarifying

I would have more than 4 devices connected via ethernet hence the reason why I figured I'd need a 2nd router. (My Linksys E3200 only has 4 LAN ports)

From what you're saying though, if I want devices on both sides of the router to interact with each other, it looks like I can still achieve what I want by doing it my way, however on the 2nd router, I should put it in bridge mode, use the IP address of the first router as the default gateway on the 2nd router, and then go into the first router (E3200) and add a route so all traffic destined for 192.168.100.1 goes to the IP of the second router.

Hopefully that makes sense? lol

You got it right, but I do not know what bridge mode means here. The second router will definitely want to route. That said, if you just need more ports, buy a switch.

ahh gotcha. Yeah I got it it now, I'd leave it in routing mode but just go into the advanced routing settings, disable NAT, and set up a static route on the 2nd router to the first router.

I think i got it all down now.

Thanks a lot for your help!

Welcome, and good luck!

OK, so I decided to tackle this task this evening, but have run into problems.

Here's a recap of what I've done:

- Cellpipe has an Ethernet Cable going from it's LAN port to the WAN port on my Linksys E3200

- All my desktop PC's are connected to the LAN ports on the E3200.

- Linksys E3200's internet connection type is set up via DHCP

- ISP's Modem/Router Gateway is 192.168.2.1

- Linksys E3200 Gateway is 192.168.7.1

Everything works flawlessly.

- Picked up the Linksys E2000 that I plan to connect to the Linksys E3200 but on a different subnet as I plan to set up a VPN for all devices connected to this router (and all devices connected to the E3200 will access the internet normally)

- I want computers that are connected on both routers to be able to interact and share files among one another.

- The Linksys E2000 is flashed with DD-WRT

- I connected the E2000 with an Ethernet cable via the WAN port to a LAN port on the E3200

- Internet Connection Type is set to DHCP

- Linksys E2000 Gateway is 192.168.70.1

- Devices on the E2000 can access the internet, BUT computers on the E2000 cannot access files (or even see computers) that are on the E3200 (and vice versa)

Tried setting up the static routes now.

- I went into the advanced routing page of the Linksys E2000

- I set the operating mode to Router (this disables NAT)

- for static routing I set the route name to Local Network

- Destination LAN IP i set to 192.168.7.0

- Subnet Mask is 255.255.255.0

- Gateway is 192.168.7.1 (IP of the E3200)

- Interface is LAN & Wireless

Settings Saved successfully.

I then went into the advanced routing page of the Linksys E3200:

- Nat is Enabled (this router connects to the cellpipe so from what I've read I cant disable NAT or I lose the internet connection)

- Route name i chose was VPN

- Destination LAN IP i set was 192.168.70.0

- Subnet Mask is 255.255.255.0

- Gateway is 192.168.70.1 (IP of the E2000)

- Interface is LAN & Wireless

The E3200 wont allow me to save this and tells me it's an invalid static route.

- In addition, when I set the E2000 in router mode instead of Gateway mode, all devices connected to the E2000 no longer can connect to the internet.

What am I doing wrong?

The E2000 should not require any static routes—the default route it automatically creates should be enough. As for the E3200, to get to the 192.168.70.0/24 network, you need to use the IP assigned to the E2000 on the “WAN” side, so 192.168.7.x—and this is why the E3200 is complaining. Once you configure this correctly, devices connected to the E2000 should get on the Internet just fine (and be able to access devices connected to E3200).

You're the man.

I changed the WAN to the IP assigned to the E2000 and it accepted.

One thing. Devices on the E2000 still cannot "see" devices on the E3200 through "My network" on windows for example. The only way devices on the E2000 can connect to devices on the E3200 is if I click on start, then click on run in the search bar and type in the network path directly (\\192.168.7.xx) then it opens up a folder with all files of that specific device on the E3200 Network.

Is there a way to have all my devices show up in "My network"? (currently in My network, it only shows devices connected to the E2000, and on the E3200, same thing, it only shows devices connected to the E3200.

Glad to hear it’s (mostly) working now.

I believe the issue you’re experiencing is because that stuff is broadcast based, and broadcast packets will not traverse a router, so this is expected. If there is a way to change this behavior on the Windows clients, I’m not certain how to do it.

reply to Imperial1
I still don't understand exactly what you are trying to accomplish by adding a second router. One of the functions of a router is to contain broadcast traffic. This is what keeps you from seeing every Windows PC (with file-sharing turned on) attached to the internet. You are attempting to circumvent containment and allow broadcast traffic to flow across the WAN port. Which, again, raises the question, why did you get another router instead of just adding a switch?

Billaustin: I needed a 2nd router because I needed a 2nd network on a different subnet.

I want *some* of my devices to be behind a VPN, while others to connect to the internet normally.

At the same time I still wanted devices behind the VPN on the different subnet to interact with devices on the other router

From what I understand I'd have needed this 2nd router, as my current router with a switch would not do that.

The setup works for the most part (minus not being able to see all devices in My Network) but that's ok, if absolutely needed I can just plug the ethernet cable from one device into the other router and then all is good.