Multi client subnets, multi gateways

GWISA-Kroonstad · August 23, 2007, 9:32pm

Still an issue..
In a setup of one MT Gateway, One wireless card(Bridge Mode -WDS- towards wireless network) and one ethernet. Both Bridged.
IPs:
192.168.1.1/24
192.168.2.1/24
192.168.3.2/24
192.168.4.2/24
All set to Bridge Interface/

Clients connect to APs on the Wireless network. Different IP ranges.

Multiple Internet routers with different internal IP ranges.
Router1: 192.168.3.1/24
Router2: 192.168.4.1/24

Example:

Client1: 192.168.1.2/24 gateway 192.168.1.1
Client2: 192.168.2.2/24 gateway 192.168.2.1

Need to route client1 to router1
Need to route client2 to router2

Set separate masquerading for 192.168.1.0/24 and 192.168.2.0/24
Set separate Mangle routing-mark rules for source-ip-address 192.168.1.0/24 and 192.168.2.0/24
Set static routing (default Gateways) for above routing marks to desired gateways…

IS THIS SETUP CORRECT OR AM I MISSING SOMETHING COZ I can’t get it to work???

MT or Anyone Please help.

cmacneill · August 23, 2007, 10:16pm

Doesn’t look right to me, you’re trying to use routing rules over a bridge.

Assuming your Internet routers are on the Ethernet interface there are two possible solutions:-

Scenario 1

Delete the bridge.
Add 192.168.1.1/24 and 192.168.2.1/24 to the Wireless interface.
Add 192.168.2.2/24 and 192.168.3.2/24 to the Ethernet interface.
If required, add a default route so that the Router itself can access the Internet.

Scenario 2

Alternatively, leave the bridge, but delete all 192.168.3.0 & 192.168.4.0 addresses and set your Internet routers to 192.168.1.0 & 192.168.2.0 addresses, finally remove NAT/Masquerade.

cmacneill · August 23, 2007, 10:23pm

Forget Scenario 2, that won’t work, go with my original thoughts for Scenario 1.

Final comment, I wouldn’t bother masquerading it gives no benefit, most Internet Routers do NAT/Masquerading at that point. No benefit in using more than one level of NAT, just use plain routing.

GWISA-Kroonstad · August 24, 2007, 5:09pm

Thx for your response. Definitely problem is over the bridge. Believe also adding another network card and setting the 192.168.3 and 4 range to the new NIC interface should help, coz can’t really change IPs on Internet routers. They are actually real IPs, the 192.168.3 and 4 are just examples. It is actually unacceptable to bridge anything with the Internet… Security and Internet User Policy agreements. Anyway, just wanted to try. But thanks a lot.