GAWD... those instructions are LAME!!

What they should be telling you to do is REMOVE the double NAT.. there is NEVER a freaking reason to daisy chain routers like that and double nat..

Use the secondary router as just a Accesspoint, which is ALL you needed in the first place. To use ANY wireless router as an access point, change the 2nd routes lan IP to be on the first routers network.. Turn off the 2nd routers dhcp server, then connect the first router to the 2nd one LAN PORT, not the wan.. An now you have a wirless access point vs a NAT router.

Now all your machines will be on the same network, all your port forwarding will only have to be done on router1

http://www.dslwebserver.com/main/wire...
How to Use a Wireless Router as a Wireless Access Point

Um yes I agree there are reasons to have multiple segements.. That is not what we are talking about -- we are talking about NATing between 2 private ranges!

If you want multiple segements, then route between them.. NOT NAT! If you want to control access between the segments, then fine do so.. NATing is not way to go about doing it, for starters is only a 1 way control

Um.. the WAN port would not have a address on the second router, since you WON'T BE USING IT!

As to having 2 routers -- there should be a reason, I agree.. An the reason is they do not have clue to what they are doing, and the guy at the store said I needed a router ;)

Most off the shelf soho routers do support just normal routing, it just when it comes to any type of access list, etc to they get a bit shaky. But with the right firmware there is not much you can not accomplish.

But its a lot easy to walk a user thru setting up the router as an access point, vs actually routing between multiple segments.. Which -- if they really had a need to do such a thing, they would not be here asking why their slingbox does not work ;)

Doing a NAPT, or PAT or NAT -- whatever you want to call it, NAPT is what most any soho router is going to be doing from 1 IP to many, etc. is NOT what they need to be doing, please give a reason why you have to NAT from 1 IP to many between private address ranges? You have a endless supply of them, you 10.x.x.x if your short, etc..

To be honest, most of the time a router would be cheaper than a true access point, so yeah go ahead an buy the router.. Just use it as an access point!

MegaZone said:

it is usually done for security, separating one group from the other, and not at all for address allocation issues. One example - roommates share a house. Roommate one has the broadband connection and a router on it. Roommate two wants to keep their machines/devices on a different network so the two groups of machines don't see each other as local.

Thats all fine an dandy.. Is that what this user is trying to do?? Clearly not - since if he would of set it up for any of those reasons, he would of known what needed to do to access something..

And that protects the room mates machines from traffic from the first network, but it sure does nothing to protect the first routers network from traffic from the second one!

If you WANT security.. then SET IT UP!! Daisychaining NAT router together is NOT a way to accomplish any type of security. And all it causes is GRIEF when trying to allow tarffic from between the 2 network, an or from the internet to machines behind a double NAT.

Try allowing windows file sharing to more than 1 machine behind a NAT?

Another reason NOT to suggest it to users, is more than likely your going to end up with a 192.168.1.0/24 network on the wan interface of the 2nd router, and 192.168.1.0/24 network on the lan.. An then they wonder why things don't work at all ;)

Most routers now a days support client Isolation, or for that matter any decent router - or one running some 3rd party firmware would support vlans or firewall rules between lan IPs.

The same type of protection your talking about is no better than what you could accomplish with setting the 2nd router as just a router! The machines on the 1st segment would not have routes to get to the 2nd segment.. If you wanted to a specific machine to access a specific machine on the network, then create the route on their machine. If you want all of them to access a specific machine on the 2nd network, then create the specific route on the 1st router.

In both of your examples.. If done for the specific reason of security, then the persons involved in said security would know how to allow the traffic they want..

BTW -- your forward does not solve the OPs problem.. Nor is there any reason for them to have to foward anything at the second router.. He is trying to access a sling on the 1st network! His machine from the 2nd natted network would not be blocked from accessing the slings IP. he is going outbound from the NAT, ie my point about 1 way security.

He would be able to access the sling from the 2nd network by IP no problem. If his second Natted network is the same as the 1st routers network -- he is never going to be able to do it, no matter how many forwards he puts into the 2nd router ;) An unless his first router supports loopback.. he will never be able to get there either using the finderID service from sling either.

If his slingplayer from 2nd network contacts sling, finds that his finderID = his 1st routers public IP.. so he tries to go there.. So his 1st router will see traffic from the private side trying to go to the public interface, so that it can forward back inbound to the sling.. Many a soho router have issues with this kind of traffic.

Now if I recall correctly the slingplayer does a broadcast on the local network to port 5004 to find the slingplayer?? Not sure on this -- but it has to find the sling somehow, either by IP or talking to sling. or broadcasting

So the reason he can not find his sling is his 2nd router is not going to forward a UDP to private.255 out the wan interface of his router - now is it ;) do we want all the soho routers sending all their local network broadcast traffic to the public net?

If the user was accessing his SLING by ip from his 2nd routers nated network, it would not be a problem -- unless the networks are the same.

Double natting causes nothing but user issues.. Anyone that would be doing it for security reasons would know better than use a double nat.. Users that do not understand network will only have issues it is setup that way -- that will outway any possible security.

Now since we do not have any real details of this users network or how he is trying to access his sling. But I can assure you -- if he would remove the double nat -- which I HIGHLY doubt he did on purpose.. then he would no problem accessing his slingbox, and woudl allow for many other things he might want to be able to do between machines connected to both routers, ie file sharing, games, etc.. etc..

@OP.. if you post the details of your setup, ie what network is on 1st router, what network is behind second router. I can help you connect to your sling - if you could not gather it from the above info.. But I would suggest you remove the double nat!