Simple subnet and file sharing


good morning,

very briefly

We have a network: 192.168.1.X

And we have to create a subnet with Peplink Balance 20, we put: 192.168.11.X

Now, if we share a folder in the 192.168.1.X network we can see it from the 192.168.11.X network

Unfortunately the reverse does not work.

The problem is therefore that if we create a shared folder on 192.168.11.X the 192.168.1.X network does not see it !!

From the computers in the 192.168.1.X network you can not PING the PCs in the 192.168.11.X network

Can you help us?

Thank you very much


Is the subnet a VLan? If so, is the Inter-Vlan checked in both and


Thanks for the reply

no vlan

simple network … I wanted to see two shared folders in both networks and stop

Thank you


Ok, so you have two separate routers like this:

If this is the case, through double NAT it will not happen, not easily to say the least.


Simple perhaps but how are they conected? I suspect the WAN of the balance 20 is connected to the 192.168.1.x LAN? If so then NAT is getting in the way.

Assuming this topology you would need to make two changes, firstly turn off NAT on the WAn of the balance 20 so that it is using IP Forwarding. Then add a static route to the router that is the default gateway of the 192.168.1.x LAN so it knows how to route traffic back to 192.168.11.x via the Balance 20 WAN IP.

It would look like this:



I send a photo

we need the shared folders to be seen among each other


Ah OK.
So you need WAN1 of Balance 20 to have a static IP (eg and change the WAN to IP forwarding from NAT. Then you need to add a static route on the CISCO router for with a next hop of (or whatever you have set the WAN of the peplink 20 to.

When you change WAN1 to IP forwarding all traffic will be allowed to pass between the 192.168.1.x and the 192.168.11.x network, if you don’t want that you will need to set firewall rules to block unwanted traffic.


ok, thank you very much for your reply

first question

is it strictly necessary that the WAN1 of the peplink is in Static IP?

Because we would need to use peplink in hundreds of networks of our customers and we would be interested in bringing a configuration ready for everyone.

You understand that if I can keep the Dhcp Client somehow it’s much easier for installers

thanks thank you


It doesn’t need to be statically assigned - you could use a DHCP reservation on the CISCO for the balance WAN IP, but if you add a static route to the CISCO to enable traffic to route back from the network to the network, then by its very nature the balance 20 wan IP can’t change otherwise the static route becomes invalid.

The other option is to use a routing protocol so that the Balance 20 automatically updates the CISCO when its IP changes. With RIP enabled on the WAN, the balance 20 could have a dynamic WAN IP as it would afvertise what Routes are available to the CISCO (and so the CISCO would know what its IP address is).

However potentially getting a static route and static IP (or DHCP reservation) configured will be less painful than ensuring the CISCO has RIP configured correctly… guess it depends on your deployments.


Thanks for your information, you are helping us a lot

Our plan is to distribute many peplink balance 20, and our intent is to simplify installations as much as possible.

the project is very simple: create a subnet from the customer and install our server and our software.

We must avoid touching the customer’s LAN network.

I carefully read your explanation. We thought that setting up DHCP reservation on the customer’s cisco is not a great idea … we do not want to touch the customer’s network and routers.

let’s proceed with changing the WAN of the peplink balance20 in IPFORWARDING. Now let’s do a trial … thanks


Ah. Is it only ever a single server behind the Balance 20? If it is just a single device then you could potentially use IP Passthrough on the Balance. That would turn the balance into a transparent bridge so your server would get an IP of 192.168.1.x even though it is on the LAN of the Balance.

The thing I’m not sure about is if the balance 20 supports IP passthrough. I know the SOHO does…


Thanks for the speed with which you answer

I made this:

Changed the WAN from Dynamic IP to Static IP

IP WAN Balance = / / / /

Later I moved from NAT to IP FORWARDING

Currently she interrupted me surfing on the LAN Balance20

Now I read … tell me to work on the cisco …

can I somehow avoid that phase?

because I would not like to touch the client’s device …

Sometimes our technicians on the other side find themselves different routers … tplink, netgear, cisco …: '(


Actually … our software currently has only one server

so … I would say yes …


i find that


but … I do not know if I’m able to set it up …


Seems the Balance 20 does not support IP Passthrough.

You either need a BR1 or a SOHO to be able to use IP passthrough on a wired WAN. If you used IP passthrough your Server would get the IP address assigned to the WAN of the peplink device from the CISCO network (192.168.1.x).


Thanks for your answers

I understand that if I want to use my balance 20, to do what I want I have to intervene on the customer’s router, right?


Dear Martin,

I apologize for the delay but I was away for work

So, as per your instructions, we have done so:

  1. On the peplink we have set IP FORWARDING

see screenshot 01, named:

01-Screenshot01-From NAT to IP Forwarding

  1. As a LAN we have set Range 11.X

see screenshot 02, named:

02-Screenshot 02

So doing the computers in the 192.168.11.X network do not connect anymore to the internet!

Sifting on the web we also tried to insert rules (see screenshots 3 and 4, but nothing)

We just need to share a folder … and we would like to work with peplink


I dont know why…

I only include an image for post


I do not want to fill the post … the fourth image does not insert it


OK. I think we need to go back to the beginning on this and think it through.
This is my understanding and some assumptions (correct them as needed):

  1. You want to be able to quickly deploy a file server in any guest/foreign/unmanged network - independent of that networks administrator. (so you don’t want to need any assistance from the remote networks admins)
  2. I assume you are looking to use a Peplink Balance device to allow for easy remote access over PepVPN to the deployed servers - wherever they might be installed.
  3. An added benefit of using a balance (or even a MAX) is that you can add additional connectivity to allow for remote administration (ie USB dongles / dedicated DSL).
  4. You only plan to have a single server deployed per customer/end location.
  5. You don’t say what type of file server you are using so I will assume windows SMB/CIFS file shares.

So lets picture a scenario:

  • Customer Network is with DHCP enabled.
  • Your balance has a LAN IP of and is issuing DHCP addresses on 11.1 - 11.253
  • Your file server is a DHCP client and gets assigned the first available IP (
  • Your balance WAN is connected to the customer LAN and has been assigned the next available IP in the DHCP scope (for this example It is set to use NAT (not IP forwarding)
  • you would then forward ports from your Balance WAN to the LAN IP of your server to allow the SMB shares to be accessed. To do this you forward ports 137-139 which are used for NetBios/Name Resolution (optional if you are prepared to use the WAN IP address of the balance instead of a server name eg \\share_name) and port 445 for SMB itself.

That configuration would look like this:

The only issue you might have is if and when the WAN IP of the balance router changes.

What you really want is for the WAN IP to be statically assigned or at the very least for it to have a DHCP reservation on the customer network, as if it changes you would be relying on WINS to work over NAT (which I have never tried) if you want them to connect using a server name (ie \your-file-server-name\file-share).

Or you would need your customer to access it using the IP assigned to the WAN of the balance (\\share_name) so when that changes your clients will need to change the IP also.

I guess the perfect way would be to get the customer to set a DHCP reservation and add a DNS entry to their router for it so that they could access it using a name.