I'm really trying to learn this stuff so sorry if this question is essentially basic 101 stuff. Here are 2 scenarios:
At work, we use a Cisco ASA with multiple interfaces, each connected to different VLANs. Essentially, each VLAN has their own DHCP server (combo of Linux and Windows). I even had to rebuild the DHCP on one of the networks and got it working with no issues. The Cisco router is able to easily route traffic from one network to another. For example, I can ssh to a machine on 192.168.100.0/24 from a machine on 100.0.100.0/24 or any of the other networks. I can also edit rules to forward ports from the WAN to any of the IP addresses.
At home, I have an EdgerouterX. If I were to set up two different networks, each with their own DHCP (not being done by the ERX) then the traffic will not route to each other. I can not ssh from one network to another because of what I understand as double NAT issues. For example, I used the EdgerRouter's DHCP for one interface and on the other, a WiFi Router using its DHCP, creating a Double NAT issue. I was able to create masquerade rules to allow the WiFi network to ping anything on the ERX's network, but not the other way around. I also could not forward ports from the WAN to anything behind the WiFi router.
Conceptually to me, these two scenarios are the same but obviously the Cisco Router has no issues routing the networks. Yes, one is a >$1000 and the other is $50, but what word should I be Googling to understand this black magic?
No comments:
Post a Comment