Network setup

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Network setup

xormin

14 posts

Geek

#192048 25-Feb-2016 11:57

Hi all, I need a little help configuring my home network.

I live in a remote location, and to obtain internet access I have built a wifi system. This uses a series of Ubiquiti M5-400 radios to transmit from my house to a solar powered repeater on the top of a 3000 ft hill 8 km away, and from there to a friends house another 18 km away where I join his home network. He has 1000 mbs fibre access to the internet. I have a remote camera and weather station located on the hilltop as well. I want to be able to set up a VPN from within my house, and I want to set this up on my router which is a Ausu RT AC68U. I currently use a VPN by using an old laptop and sharing the port which is clumsy. My speeds are good at around 250 - 300 MB/s at the moment.

Currently I am using my router to connect to the network via a LAN port, but to enable the VPN I think I need to use the WAN. I obviously want to be able to access my remote radios, switch and camera after the change.

At my friends house he has a Huawei HG630b however these are quite limited in configuring the VPN. I guess I could swap our routers, but I like my Asus.

It is said that a picture is worth a thousand words, I guess whoever said that never saw my drawing, but I have a bit of a picture to show you what it looks like.

Any help would be appreciated.

DarkShadow

1647 posts

Uber Geek

#1499079 25-Feb-2016 12:26

- Where do you want the VPN to connect to?

- I don't think your friend has a HG630b, that can only handle 100Mbps not gigabit.

Sideface

9362 posts

Uber Geek

Trusted

Lifetime subscriber

#1499128 25-Feb-2016 13:19

Your image is unreadable - can you post a better one please?

Sideface

xormin

14 posts

Geek

#1499152 25-Feb-2016 13:46

Your right, it is not a HG630b it is a HG659b, my bad.

I use several VPN's, they connect all over the place so it shouldn't matter.

This is a higher resolution image.

nbroad

320 posts

Ultimate Geek

#1499162 25-Feb-2016 13:59

i can see what you are wanting to do.

can you put IP addressing on your diagram?

here's an example setup if for instance your mates router LAN IP is 192.168.1.1/24

you'll need to use a new private subnet for your LAN, e.g 192.168.2.0/24 and make your router LAN IP 192.168.2.1, and run DHCP for your clients

set an address on your router wan port, for example 192.168.1.254, next hop / default route is your mates router at 192.168.1.1

you want your router to route, not NAT.

your mates router will need a static route to your network, eg. 192.168.2.0/24 via 192.168.1.254

you can probably get rid of the switch at your house and your mates house with this setup, unless there are other devices on it that aren't in the diagram

well done on the awesome wifi links too!!!!! very impressive.

nbroad

320 posts

Ultimate Geek

#1499173 25-Feb-2016 14:22

edit: error on diagram, static route on huawei should be via 192.168.1.254, not 192.168.1.25

xormin

14 posts

Geek

#1499191 25-Feb-2016 14:37

OK I see. I will try that when I get home tonight. Will this still allow me to access my section of the network on the 192.168.1.x subnet? What happens when the radio link goes down with the router sitting on the other side of the radio link?

nbroad

320 posts

Ultimate Geek

#1499206 25-Feb-2016 14:45

yeah, the trick is going to be getting the static route on the huawei... who knows how flexible the GUI is on that.

the static route to 192.168.2.0/24 will need to have the LAN as the outbound interface for the route

your radios, camera and weather station will have the huawei as their default gateway (if you want them to retain access to the internet), so when they want to get to 192.168.2.0/24 (your new LAN at your house) they will ask the huawei, and the huawei will tell them to go via 192.168.1.254, which is your router. it's an ICMP redirect which is not ideal, but will work.

ummm, when you say radio link goes down, which one?

Sharesies

Trade NZ and US shares and funds with Sharesies (affiliate link).

nbroad

320 posts

Ultimate Geek

#1499208 25-Feb-2016 14:49

you will have to plan this out quite methodically, as you don't want to end up losing access to your remote devices on the hill!

you'll need a step by step implementation plan really, which is beyond the level of advice I can give on here i'm afraid.

xormin

14 posts

Geek

#1499213 25-Feb-2016 15:06

Yes, the Huawei does seem to be limited in options one can use. How about if I made a subnet for the wireless section and routed that through the Asus router?

I seem to get a few dropped links on the 18km link, this occurs only on some channels. When I set it up I enabled frequency hopping and have not been able to successfully switch this off. I have it set-up to reconnect, but it can take up to a couple of minutes to re-establish the link. As it takes me up to an hour to access the remote site I am reluctant to touch it too much, but I guess I should before winter when it becomes unassailable.

nbroad

320 posts

Ultimate Geek

#1499215 25-Feb-2016 15:14

nah i wouldn't worry about another subnet... if you leave the wifi devices as they are, then you can always plug a laptop into the radio segment of the network at your house, or your mates house, give the laptop a 192.168.1.x address and access your radios.

webwat

2036 posts

Uber Geek

Trusted

#1500160 26-Feb-2016 20:33

Don't know whether you Asus can terminate a VPN, most consumer-grade gear only supports VPN passthrough as far as I know. Also most will probably only pass 1 VPN at a time.

Time to find a new industry!