Network configuration problem.

[Stewart Nelson]

Hi Erik,

> > You probably have the Linksys set up to do NAT (the default, and
> > impossible to turn off in many models).  That will block requests from
> > 192.168.1 to 192.168.2 .  You could possibly set it up non-NAT, but
> > then your Internet router would need to be configured with a static
> > route and to do NAT for the other subnet.

> No, I don't think it does NAT. How can I verify that? There is nothing
> of this kind in the configuration dialogs.

All inexpensive routers (those intended to share a DSL or cable modem
connection) use NAT by default.  That's because the ISP only provides
a single public IP address to the typical residential or small business
user.  In your present setup, you can ping from 192.168.2.125 to
192.168.2.1 .  While doing this, run ethereal or tcpdump on 192.168.1.1
and look at the ICMP request packets coming in.  I'll bet that the
source address will be 192.168.1.7, rather than 192.168.2.125, showing
that NAT is enabled.  On many small routers, it's not possible to
turn NAT off.  On some Linksys models, in Advanced->Routing, you
can change the Operating Mode from Gateway to Router to disable NAT.
But IMHO, that is not the right solution for you, because you have
no administrative control over your Internet router, and you would
need to change settings there, if you want to have the Linksys be
non-NAT and still provide Internet access to the wireless clients.

> > IMO, if you don't need extra security between your customers and the
> > office LAN, it is easiest to set up the Linksys as just an access
> > point, not using its routing function.  To do this, disconnect the
> > WAN port altogether.  From a PC on its LAN side, change the Linksys
> > WAN address to something that does not conflict, e.g. 192.168.3.7 .

> But the present address, 192.168.2.1, does not conflict.

Sorry if I was not clear.  I meant to say that you should change
it to avoid a conflict on the next step.  But I now know (from
another message you sent) that the Linksys WAN address was supplied
by DHCP from the Internet router, so you don't need to do anything
but disconnect the WAN port and reboot the Linksys.

> > Then, disable its DHCP server, and change its LAN address to 192.168.1.7 .

> I can't change the DHCP server. It belongs to the ISP. They'll do the
> change for a fee and I loose support if I do. I'll rather change ISP
> than their router.

I meant that you should disable the Linksys DHCP server.  On my WRT54G,
on the DHCP tab, there is a DHCP Server: entry that you can set to
Disable.  On your model, it may be different.

> > Connect a LAN port on the Linksys to your office LAN switch.  If neither
> > side is auto MDI/MDX, you will need a crossover cable.  Now, your
> > wireless clients will get IP addresses 192.168.1.x, handed out by
> > whatever does DHCP on your office LAN, presumably either the Internet
> > router or your server.  The Linksys will just be a bridge, so you
> > don't need any special routes on your server.

> I had a similar setup at the very beginning and it worked fine except I
> could establish a mail server. The NAT in the WAN router translates
> incoming SMTP traffic to 192.168.1.2 and that was never reflected to the
> connected subnet due to addressing conflicts. I had to connect the mail
> server to the WAN router and reconfigure the wireless router to
> 192.168.2.0 and that's when I lost connection from the mail server to
> the customer machines on the wireless network.

I assume that you meant to say "... could not establish a mail server" :)

I believe that your trouble was the conflicting DHCP servers.  Try this
again, after disabling the Linksys DHCP server, and resetting the Linksys
LAN address to 192.168.1.x that does not conflict with other hosts on
your LAN, and is out of the range of addresses handed out by your Internet
router.

If it still doesn't work, please tell me the models of your Linksys and
Internet routers, and what service(s) on the wireless LAN that you want
to access from your server.

Good luck,

Stewart