DD-WRT Bridge

[RadiclDreamer]

Ok, heres what I'm trying to do. I have a wireless AP running DD-WRT that I have set to client bridge mode to connect to my standard linksys AP upstairs. From that it is connected to an older microsoft switch and then to my modded xbox and xbox 360.

The issues are:

1: Can't get DHCP, but if I put in static info I can connect.
2: Once connected I try to ftp to my modded xbox and get

230 User xbox logged in , proceed.
ftp> dir
425 Can't open data connection to 192.168.1.104:26898

I can change directories, get remote help etc, the only thing I CANT seem to do is get an FTP directory listing

Is there a way to fix this? What am I missing?

 

[RadiclDreamer]

I forgot to mention I can also ping both the Xbox and the Xbox360 and if I connect to the switch that is on the same side as the wireless bridge I can do everything fine even hit the net, so it seems to me there is some sort of weird routing going on but I cant put my finger on it.

 

[spidey07]

Sounds like your workgroup bridge is still doing NAT somehow. That's what is breaking FTP - your control channel is fine but your data channel isn't. This would also make sense for why your DHCP isn't working.

There are many different modes your "bridge" can operate in. Pick the one that functions as a true workgroup bridge.

Also, this microsoft "switch" may not be a switch and could be doing some NAT.

 

[RadiclDreamer]

Originally posted by: spidey07
Sounds like your workgroup bridge is still doing NAT somehow. That's what is breaking FTP - your control channel is fine but your data channel isn't. This would also make sense for why your DHCP isn't working.

There are many different modes your "bridge" can operate in. Pick the one that functions as a true workgroup bridge.

Also, this microsoft "switch" may not be a switch and could be doing some NAT.

Pulled the MS Switch out of the picture and I'm still getting the same thing.

My next question would be why I can hit the net, ping in and out etc but FTP directory listing doesnt work ?

 

[spidey07]

Because of NAT. Get a packet trace to make sure - one on the FTP server side and one on the client side. That will make everything clear.

I'm making a lot of assumptions here without knowing all the addressing but a control channel that works with FTP and not the data channel screams NAT/PAT.

 

[RadiclDreamer]

Well, I've turned off every routing feature I can find. Even an oddly named one called

"WAN Port: Assign WAN Port to Switch"

Which from the DD-WRT wiki page says that explains that it simply disables all level 3 routing and turns it into a layer 2 only device. Maybe its just not meant to be.

 

[spidey07]

You wanted to learn...get busy on those packet traces.

 

[RadiclDreamer]

Lets see if I can provide some more info that would help

Main router/wireless ap - 192.168.1.111 subnet 255.255.255.0

My PC 192.168.1.104 subnet 255.255.255.0 default gateway 192.168.1.111

Remote Bridge 192.168.1.1 subnet 255.255.255.0 with default gateway of 192.168.1.111

MS Switch 192.168.1.200

Xbox 192.168.1.201 255.255.255.0 192.168.1.111

Also note that the MS switch is set to:

The bridging mode turns the base station into a basic switch or access point. As a result, it disables the following features: DHCP server, Network Address Translation, firewall, client filtering, port forwarding, virtual DMZ, and base station log. To learn more about bridging mode, see Help in the Microsoft Broadband Network Utility or your User's Guide.

 

[RadiclDreamer]

Originally posted by: spidey07
You wanted to learn...get busy on those packet traces.

What do you suggest to get them?

 

[RadiclDreamer]

If wireshark, here ya go. Any ideas, from my limited knowledge of wireshark it appears that its never getting a response.

http://i35.tinypic.com/be9a1w.jpg

 

[RadiclDreamer]

And more

http://i33.tinypic.com/2rxfuaf.jpg

what exactly is it you want to capture. Sorry if that seems a stupid question, but I'm really trying to learn this properly.

 

[spidey07]

Look at the PORT command. your 9:25 post doesn't get anything after ACKing the port command and the sequence number don't match up on your 9:30 post - that looks like two different transactions. You need to capture both sides for the same transaction/session at the same time.

Also pay attention to the times in your 9:25 post. You hit the magical 30 second timeout.

 

[kevnich2]

On your wireless bridge, make sure the settings are as follows:
1. In the setup tab, make sure connection type is disabled.
2. Make sure DHCP server is set to disabled
3. Check the checkbox for Assign WAN port to switch

In the wireless tab, basic settings
1. Make sure the Wireless Mode is set to client bridge

In the security tab
1. Set SPI Firewall to Disable

I will be honest, after looking at your choice of IP's, why on earth did you set those like that? The gateway is usually the 192.168.1.1 address, then all other devices come after that. That's just the typical scheme that is used to avoid confusion.

 

[RadiclDreamer]

I know its weird, no idea why I picked it but I set things this way long ago and havent had a reason to change it, other than being nonstandard it should work the same.

All settings are as you have them listed

 

[RadiclDreamer]

It is two seperate attempts. And its going to be hard to capture that from the xbox side isnt it?