2 routers on same subnet with DD-WRT VPN tunnel on second?

March 13, 2012 at 22:08:24
Specs: Windows XP
I read a thread here, where it is described how to set up a home network with 2 routers, where R1 acts as the DHCP server and R2 is basically a switch, connected LAN to LAN and everything is on the same subnet.

Currently I have a different setup:
Both routers have the DHCP server enabled and I connect R2's WAN port to R1 LAN. Therefore I have 2 subnets. Now my special requirement is that R2 is a DD-WRT router, which establishes a VPN connection to StrongVPN, so that all internet traffic via R2 is encrypted and goes through the StrongVPN server.

Now my question:
If I change my router setup to the same subnet, meaning R2 connects LAN to R1 LAN and I disable DHCP server on R2, will R2 still be able to establish the VPN connection?

I would like to get some advice before I mess everything up. THanks upfront!


See More: 2 routers on same subnet with DD-WRT VPN tunnel on second?

Report •

March 14, 2012 at 06:42:38
You wouldn't be going thru the router anymore so no it won't work.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

April 16, 2012 at 17:48:17
Had to think about this one.

So, on your DDWRT set your WAN to a static IP address in range of your R1 and turn off DHCP on your DDWRT. Now get two Ethernet cables and connect one to the WAN and one to a LAN connection on your DDWRT, connect both of those to the LAN side of your R1. Or you should be able to connect from your WAN to an empty LAN on the DDWRT, but let’s not complicate this right now.

There is a way to bridge the connections internally with the DDWRT, but I can’t remember now, you can play with that later.

Now on your R1, just for a temporary test, lets DMZ the IP address that you set up on your DDWRT and see if your VPN is working correctly. If it is remove the DMZ and set up the port forwarding of the VPN port to your static IP address.

I have a similar setup at my shop.

Let me know how it goes.

Report •

April 17, 2012 at 07:21:21
If you're moving R2 into the same subnet as R1 then a VPN tunnel to R2 is moot. You could make R1 the VPN Endpoint and serve the same purpose.

Remember, once you make R2 part of R1's subnet, all clients attached to R1 and R2 become accessible to each other because it's one subnet. So it matters little which router the VPN Tunnel's Endpoint is located.

In your case, I'd make R1 the Endpoint and all is good.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***

Report •

Related Solutions

April 17, 2012 at 11:42:47
Here is some interesting reading



Got to love the DDWRT its functionality is almost limitless.

Report •

April 17, 2012 at 11:56:20

I'm assuming that you are doing this because your ISP has issued you some sort of ADSL router that has limited functionality, right?

I too was issued some crap router for my DSLAM line so I did have to set this up for myself. What I did though was on my DSLAM router I DMZ my DDWRT, I left the the DHCP on and I run a 10. subnet on my DDWRT, and a 192. subnet on the DSLAM router.

VPN and all other functions work correctly.

Hope this helps

Report •

Ask Question