Accessing 192.168.1.x device from 192.168.0.x device

networking router routing home-networking static-routes

11,606

Packets must go in both directions, so many kinds of configuration changes need to be done on both sides.

For example, if you change the netmask to /23 (255.255.254.0), it's not enough to do so on device A – yes, it will be able to reach the device B directly, but where will device B send a reply? If B still thinks it's on a /24, then it will keep trying to send a reply through a gateway.

Similarly: even if you add a correct route towards device B, that doesn't tell device B where to send a reply for device A. It will still use what it knows already.

Assuming you cannot reconfigure device B at all, but can at least read its configuration, there's 1½ ways of making this work.

If you know what "default gateway" IP address is configured in the offending device, add that address on your router's LAN interface – alongside the existing address. (This might be called an "alias" in some routers, or a "virtual IP" in others.)

For example, if the the device wants to use 192.168.1.254 as its gateway:
```
ifconfig en0 192.168.1.254 netmask 255.255.255.0 alias         # for FreeBSD

ip addr add 192.168.1.254/24 dev eth0                          # for Linux
```
The other common address is 192.168.1.1. One way to discover the correct address is to look what ARP requests the device is making.
If the device has no gateway configured at all, but you know at least its subnet size, you can 1) do the above with some arbitrary address in the same subnet, and 2) configure the router so that it'll masquerade (SNAT) all communications.

This way the device will think it's communicating only with its own subnet.

I don't know how to do that, but it'll involve pf or iptables NAT rules.

11,606

Josh

Updated on September 18, 2022

Comments

Josh over 1 year
I have one device with an IP address of 192.168.1.110 while the rest of the network is 192.168.0.x. The router is 192.168.0.1. 192.168.1.110 is cabled to this router. Other devices connect via WiFi to 192.168.0.5 (Raspberry Pi access point) which is cabled to the same router on 192.168.0.1.

I'm trying to access 192.168.1.110 from a device on 192.168.0.x. I've tried adding a route which I can see in the routing table but no dice.
Using sudo route -n -v add 192.168.1.110 192.168.0.1 pings and SSH timeout.
Using sudo route -n -v add 192.168.1.110 192.168.0.5 SSH times out and pings show the below
```
PING 192.168.1.110 (192.168.1.110): 56 data bytes
Request timeout for icmp_seq 0
92 bytes from pi.hole (192.168.0.5): Redirect Host(New addr: 192.168.0.1)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 1369   0 0000  3f  01 e4b7 192.168.0.202  192.168.1.110 
```
I've also tried changing the router mask to .254.0, taking the raspberry pi access point out of the loop but I'm still not able to access the .1.110 device.

If I change the router IP to .1.x and one of the .0.x devices then I can access the .1.110 device but none of the .0.x devices. I'm sure this should be simple but I can't work it out - what am I missing?
- LPChip over 5 years
  
  Is it trivial for that 1.110 device to have the 1 in it? If not, set one device to be in the same range, and change its ip address to a 0.110 and all will work. Otherwise, you will need to change the subnetmask to 255.255.254.0 on both the DCHP server AND the 1.110 device.
- Josh over 5 years
  
  No I can change it back - I was playing around trying to solve a particular use case for a friend. Their Pi is configured as .0.110 but their router is .1.254 subnet .254.0. Somehow (not entirely sure how given what I've learnt playing around this morning) they were able to access the Pi via SSH. Since they can access the Pi I can get them to update it to .1.110 to match their network. I'd like to still work out how to access both .1.x and .0.x devices though without having to access the Pi initially to change anything.
- halligan26 over 5 years
  
  You currently have two logical networks, which is why you can't access the one device. You will need to change the IP address of the ..1.* device to ..0.* in order to access it from any of the other devices on the ..0.* network. For additional information as to why, you'll need to research subnet masks and routing.
- Josh over 5 years
  
  Yes I understand there are two networks here. I'm trying to work out how to route between them (again not sure how my friend was able to without changing anything on his network). I've tried various different things without any joy which is why I'm asking for help.
- Josh over 5 years
  
  Yes that’s exactly what I mean
- Akina over 5 years
  
  The router is 192.168.0.1. Router must have at least 2 addresses... so you need to have one address from 192.168.0.0/24 and one address from 192.168.1.0/24. And 192.168.1.110 must have a route to 192.168.0.0/24 (and 192.168.0.x - to 192.168.1.0/24).
Josh over 5 years

Thanks for the reply. That's what I had thought/worked out about the route back. Odd though that my friend was still able to access it (the Pi was configured as static ip .0.110 and router .0.1 while his router is .1.254) - maybe he had an alias/virtual ip already on his router.
user1686 over 5 years

Possibly. A computer can have the same kind of "aliases/virtual IPs" too. There might be other situations in which this would work.