2 computers, 2 routers, 1 room

[hkjz]

Dear People,

I want to connect computer1 and compute2 through SSH

connection model looks like below

Code: Select all

 
  computer 2 -> (LAN 192.168.1.1 ) router 2 (WAN 192.168.0.2)-> (LAN 192.168.0.1) router 1 -> Internet
(192.168.1.100)                                                                    |
                                                                               computer 1
                                                                             (198.168.0.100)

I took computer2 and router2 to place where computer1 and router1 are,
to be able to freely jump between them.
Here are 2 screens, two units to, two routers, two mouses and two keyboards, we have kind of LAN party around, and we (me and all other eventual LAN party members) enjoy it so far.


on both machines

Code: Select all

$ sudo service ssh status
[sudo] password for mq: 
[ ok ] sshd is running.

give me +, all good

being on computer2,
I can connect with IP address to router1 and router2,
i can ping computer1 but by ssh i get timed out

Code: Select all

ssh user@address
ssh: connect to host address port 22: Connection timed out

being on computer1
i cannot ping router2, i cannot connect to router2 (yes: WAN address),
i cannot ssh user_comp2@comp2_addr

Firewall has to be strong here!
Is there any trick with Forwarding i should know about?

How can i check on MX, if I allow ssh traffic on computer 1/2 beside 'sudo service ssh status'?

Thanks

(ps : is it safe that i put here all those data?)

[timkb4cq]

Since those addresses are non-routable (from the internet) addresses they are safe to give.
IF the addresses you gave on your diagram are the ones you are trying to use, then your failure is because Computer 1 cannot have a 198.162.0.100 address given to it by router 1 at 192.168.0.1 Those are different subnets.
Computer 1 has to be 192.168.0.100

Of course you could have just made the typo on your diagram - but try again with 192.168.0.100

[hkjz]

Yes, that was a typo here in the post (edited)
but in terminal there were no typo,
problem is still real, and i work on it already quite some time(days)

[timkb4cq]

I'm not sure that your configuration makes sense going forward - but it's what you have so...

Since Router 2 sees anything coming from Computer 1 as coming from a different network you will need to forward incoming port 22 to 192.168.1.100 in router 2 for the ssh replies from Computer 1 to be seen by Computer 2.

I assume you are getting internet access on Computer 2. If not then you have bigger configuration problems.

[hkjz]

Ok,
thank you for your presence,

to remind about mission : is to connect both computers via SSH

by different network you mean subnets or area designed by routers? (is it always the same?)
yes, internet access is on every device

you will need to forward incoming port 22 to 192.168.1.100 in router 2 for the ssh replies from Computer 1 to be seen by Computer 2.

i need to figure out how to do that
so far in TP-Link settings i can see:

Forwarding
|-Virtual Server
|-Port Triggering
|-DMZ
|-UPnP

In Virtual server i add 22service port 22 ip address
Port Triggering ive open on 22
DMZ ive done as computer1 = host
UPnP is Enabled

but let me admit it shamelessly that i have not a total round idea - based on previous experience, which means im doing it for first time - what i'm doing - Science!

pinging computer2 from computer1 give no answer

EDIT :
=====
I can ping router2 ! which is ascent of the story
EDIT 2:
=====
actually ive disabled all of those 4 options and i still can ping router2 ... hmmm
pinging computer2 though (not saying about connecting with SSH) does not work

[antiX-Dave]

Uhm... your address scheme seems quite odd.
I am thinking that computer 1 (0.100) is going to route to router 1 (0.1) as it is its gateway, but it will always see the next route being the wan because it is the same network as the lan of router 2. So in actuality you are likely pinging your modem at address (192.168.1.1) which is feeding dhcp address to the wan of router 1 of 1.100. (I am guessing on the wan side of router 1).

You likely need to setup a different network / subnet for router 2 lan. This will likely need to be in the range of 2.0/24 or similarly as you likely cannot change the subnet of the modem, which is likely 255.0.

Also after doing so router 1 may not be smart enough to notice the sub network of router 2 and therefore will still not send any traffic that way ; continuing to send it to the wan to find that network. So you may need to manually set a route in router 1 to router 2 for any address that falls into the subnet of router2's lan.

[hkjz]

@antiX-Dave

OK, your answer is on the edge of my present comprehend possibilities, which is great,
but I may need some additional explanations.

seems quite odd.

What is ONE odd thing about it? There is gateway cable, gateway router(1), from which are cables to different machines : computer1, and because of wifi signal strenght router2, from which computer2 is connected. I though about it as quite organic setup, but definitely there are many details

I am thinking that computer 1 (0.100) is going to route to router 1 (0.1) as it is its gateway,

so far so good

but it will always see the next route being the wan

what excatly this means? ‘rout being the wan’...

because it is the same network as the lan of router 2.

yes, they are parallel.

So in actuality you are likely pinging your modem at address (192.168.1.1)

but how if this is computer2 address?

which is feeding dhcp address to the wan of router 1 of 1.100. (I am guessing on the wan side of router 1).

wan of router1 is (10.1xx.x.19) – but i dont get the whole above sentence :…

You likely need to setup a different network / subnet for router 2 lan.

If i have to do it i will, but implementation of my will can be tricky

This will likely need to be in the range of 2.0/24 or similarly

What you mean by 'this'? Address of router2? 192.168.2.0/24?

as you likely cannot change the subnet of the modem, which is likely 255.0.

i dont know, should i know? :)

Also after doing so router 1 may not be smart enough to notice the sub network of router 2 and therefore will still not send any traffic that way;

long way to get there and figure that out

continuing to send it to the wan to find that network.

what is ‘it’?

So you may need to manually set a route in router 1 to router 2 for any address that falls into the subnet of router2's lan.

manually to the router or manually to every device that gets connected to the router? (thing about wifis that comes and goes. But most probably, this stage of the proccess is right now far away.

=================================================

OK! I made my best, to read your quite compressed message, with best (possible for my present circumstances) possible understanding. Thank you for forcing me to stretch my mind.
That would be great if you can clarify some of those things above, and guide me a little bit through,
many thanks


EDIT:
Ok I've got some base knowledge about CIDR from tutorial videos which are present at https://invidio.us/,
that explained me something, even if it is not practical approach yet

[antiX-Dave]

I had made a draft which explained in detail point for point to your last post. I am not certain what happened to it. (should have saved a text file as normal :/)

I read your diagram wrong due to line wrapping or something and I thought it said Internet *line wrap here* (192.168.1.100) which I took to mean that you had two subnets of the same. So a little less messy and more understandable for what is trying to be done.

Basically I thought
Computer 2 (1.100? ) -> (1.1) router 2 (0.2) -> (0.1) router 1 (1.100) -> (1.1) modem?
When actually you had
Computer 2 (1.100 ) -> (1.1) router 2 (0.2) -> (0.1) router 1 (public ip)

Anyway router 1 will not know the network of router 2. So the same problem exists, it just will not be conflicting networks with duplicate ips and doing all sorts of weird things. Router 1 will need at manual route mapped pointing to router 2 for any address that would fall in router2's subnet. Otherwise router 1 will forward the address of computer 2 from computer 1's query to router 1's gateway as computer 2's address is unknown to router 1.

Computer 2 will be able to talk with computer 1 as router 2's gateway is router 1 who knows about computer 1's address as possibly being on its lan network.

(wow that is a lot of "stuff" like a TV episode of a school gossip train :P)

/24 is a notation of the 255.255.255.0 subnet mask. Which is default in most routers.

However if this is just to share the wifi. Turn off the nat service in one of the routers and make it router 2. That way all will be on the network of router 1 without a sub network.

Edit:
Here is a more real world type explanation from a Google search which should explain a little bit about networking in the way you currently have it.
http://www.steves-internet-guide.com/su ... explained/

[figueroa]

This is a difficult and probably impractical networking setup. The normal reason for having two different subnets is to keep the computers on subnet 1 out of the computers on subnet 2.

What outcome are you trying to achieve by having two routers and therefore two subnets? Are you trying to provide more than one wireless access point? If that is your main objective, your setup is impractical if you still want computer 1 to communicate with computer 2.

[galaxysurfer]

If you want to isolate computers/devices from each other on a network, it is doable via an Asus router using dd-wrt firmware. I currently run an Asus router with merlin & Yazfi custom script discussed here. https://www.snbforums.com/threads/yazfi ... ent.45924/ I dont know how the ssh would factor in the mix. Check out the forum there. It may give you some ideas to help with your networking TODO lists. I use it successfully to isolate my snoopy Roku devices. Best of Luck!