Need guidance on setting up your network? Two routers are being used to check if everything is working properly.
Need guidance on setting up your network? Two routers are being used to check if everything is working properly.
Hello everyone, I’m feeling quite anxious about networking. It’s often the case that things don’t work out as expected in software. At my place, I have a somewhat complex setup: my internet service provider provides a router and modem about 100 feet away. I connected a very long cable to a second router, which then connects to my home Wi-Fi. My main concerns are: am I exposing anything risky online? Is it safe to separate the first router from the second by only opening the necessary ports? Does my current DMZ configuration make sense for hosting a server? Specifically, I’m planning to forward ports from router 1’s DMZ to the external IP of router 2, directing those ports to my computer. How do I configure static IPs on both routers? Do I really need them? I have software that can lock IP addresses, but I’m not sure about the router settings themselves. For router 1, should I use port triggering or port mapping for forwarding? (Assuming I won’t be using DMZ). On router 2, should I set up virtual servers for port forwarding, or should I cover a range? Also, regarding the game I want to run—Terraform’s port 7777—I’m not sure whether it’s internal or external. Long Version – If you don’t need much detail, I wasn’t sure how much information was necessary. Company’s router and modem info: https://carrier.huawei.com/en/products/f...ts/hg8245h My setup image: https://www.amazon.com/gp/product/B079JD...UTF8&psc=1 I followed this guide: https://portforward.com/help/doubleroute...arding.htm. I’m trying to minimize interaction with the admin and keep my second router in a simple mode, so it doesn’t require complex UI later. I need to know which IPs are internal versus external. From what I see, Router 1’s internal IP is shown in its tool, while Router 2’s external IP appears when DMZ is enabled. My image suggests the external IP for router 2 is 10.0.0.XX, possibly its public address. When I run the internal IP check, I’m trying to map ports correctly. Should I use port triggering or port mapping on router 2? Also, should I forward only the specific port from router 1 to router 2, or a range? If I don’t use DMZ, is this configuration still valid? The game’s port 7777—should it be treated as internal or external?
The netmask and internal IP addresses remain confidential; they are meant to stay hidden. The external IP should be blocked to protect access. DNS settings and gateway information aren't highly sensitive, especially if the gateway uses an internal address. Exposing ports to the public network always poses a risk, as it enables connections to potentially insecure internal services. Introducing a second router doesn’t inherently raise security concerns. Still, double-NAT isn’t optimal—consider switching the second router to bridge mode, which simplifies port forwarding to just one device instead of two. You can't assign a static IP on the external side of router 1, because that number comes from your ISP and usually costs more. If router 1 uses DHCP, you might configure it to assign a static IP to router 2 based on its MAC address, provided the DHCP option exists. The same applies to PCs on your network. If the game runs on port 7777, forward that port from the outside to router 2, then route it from the second router to the PC. You might select different ports for external traffic, but most clients expect default ports like 7777 for such services.
I would configure the second router solely as an access point (turn off DHCP, use LAN ports only, exclude WAN). Then direct your 7777 port straight to your computer. Using two routers with double NAT isn't recommended and could cause connectivity problems. Avoid DMZ forwarding—just open the necessary ports.
The only rule that applies here is this: if the main router isn’t using bridge mode, putting DMZ on the second router will let you set up port forwarding there instead of on the first router. This can be handy because sometimes actions like pinging from the WAN side of router 1 also go to the second router, a feature port forwarding usually doesn’t support. Even though adding a second router offers no advantage at first, it’s better to have it in Access Point mode or with a real access point setup.