Crossing two subnets on home network Announcing the arrival of Valued Associate #679: Cesar...

How to bypass password on Windows XP account?

3 doors, three guards, one stone

What is the logic behind the Maharil's explanation of why we don't say שעשה ניסים on Pesach?

Apollo command module space walk?

What is the meaning of the new sigil in Game of Thrones Season 8 intro?

Output the ŋarâþ crîþ alphabet song without using (m)any letters

Denied boarding although I have proper visa and documentation. To whom should I make a complaint?

Storing hydrofluoric acid before the invention of plastics

How to react to hostile behavior from a senior developer?

Ring Automorphisms that fix 1.

Can inflation occur in a positive-sum game currency system such as the Stack Exchange reputation system?

Book where humans were engineered with genes from animal species to survive hostile planets

Why do we bend a book to keep it straight?

Is the Standard Deduction better than Itemized when both are the same amount?

Why are there no cargo aircraft with "flying wing" design?

Error "illegal generic type for instanceof" when using local classes

Is it fair for a professor to grade us on the possession of past papers?

Fundamental Solution of the Pell Equation

How come Sam didn't become Lord of Horn Hill?

Can I cast Passwall to drop an enemy into a 20-foot pit?

Should I use a zero-interest credit card for a large one-time purchase?

What would be the ideal power source for a cybernetic eye?

Seeking colloquialism for “just because”

Understanding Ceva's Theorem



Crossing two subnets on home network



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Allow two subnets to talk to each other over a wireless bridgeTwo routers for two subnetsHow to Connect two LANs?Allow two subnets to talk to each other over a wireless bridgeAccess across subnetsAssigning IP addresses and subnetting on a home networkDual ISP/Network, Force DHCP Clients to One?how to configure isc dchp server with different subnets with different wl-access pointsNon IP-based policy routing on home network across subnetsTrouble setting up home network ( isolating home server )Why does this work?





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge



where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.



Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.



Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.



What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!



thanks










share|improve this question







New contributor




Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.



























    0















    I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge



    where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.



    Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.



    Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.



    What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!



    thanks










    share|improve this question







    New contributor




    Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      0












      0








      0








      I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge



      where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.



      Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.



      Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.



      What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!



      thanks










      share|improve this question







      New contributor




      Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge



      where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.



      Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.



      Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.



      What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!



      thanks







      networking router dhcp






      share|improve this question







      New contributor




      Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question







      New contributor




      Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question






      New contributor




      Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 18 hours ago









      Colin MColin M

      1




      1




      New contributor




      Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          1 Answer
          1






          active

          oldest

          votes


















          0














          The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.



          Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.



          But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.



          Method 1



          There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.



          So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.



          Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.



          Method 2 and 2½



          Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.



          So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.



          If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)



          The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.





          There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.



          The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)






          share|improve this answer
























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });






            Colin M is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1426075%2fcrossing-two-subnets-on-home-network%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.



            Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.



            But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.



            Method 1



            There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.



            So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.



            Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.



            Method 2 and 2½



            Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.



            So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.



            If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)



            The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.





            There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.



            The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)






            share|improve this answer




























              0














              The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.



              Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.



              But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.



              Method 1



              There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.



              So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.



              Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.



              Method 2 and 2½



              Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.



              So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.



              If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)



              The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.





              There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.



              The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)






              share|improve this answer


























                0












                0








                0







                The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.



                Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.



                But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.



                Method 1



                There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.



                So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.



                Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.



                Method 2 and 2½



                Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.



                So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.



                If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)



                The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.





                There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.



                The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)






                share|improve this answer













                The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.



                Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.



                But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.



                Method 1



                There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.



                So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.



                Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.



                Method 2 and 2½



                Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.



                So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.



                If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)



                The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.





                There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.



                The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 51 mins ago









                grawitygrawity

                244k37515576




                244k37515576






















                    Colin M is a new contributor. Be nice, and check out our Code of Conduct.










                    draft saved

                    draft discarded


















                    Colin M is a new contributor. Be nice, and check out our Code of Conduct.













                    Colin M is a new contributor. Be nice, and check out our Code of Conduct.












                    Colin M is a new contributor. Be nice, and check out our Code of Conduct.
















                    Thanks for contributing an answer to Super User!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1426075%2fcrossing-two-subnets-on-home-network%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...

                    Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

                    VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...