Access webserver in a subnetwork

I have the following network:

          Modem/Router (#1)
WWW <--> +-----------------------+
         | 192.168.1.1 (bridged) |         Router (#2)
         +-----------------------+  <-->  +-------------------------+
                                          | 192.168.2.1   (Router)  |
                                          | 192.168.2.107 (HTTP)    |
                                          +-------------------------+

Any machine connected to router #2 can access internet. But from the Internet, none of the machine are reached. I've already added that IP:Port to port forwarding on router #2.

This was introduced recently. Before that, all the machines were connected to router #1 and there was no sub-network, and I could access from the internet the webserver on that machine.

How can I access from outside (i.e. Internet), that webserver on IP 192.168.1.107?
Is this a problem of the netmask?

EDIT

I've fixed the problem with router #2. It now has IP 192.168.2.1. See below detailed info of both routers:

Router #1 (The one that is directly connected to Internet)

IP Address     : 192.168.1.1
IP Subnet Mask : 255.255.255.0
DHCP           : Enabled

Router #2

IP Address     : 192.168.2.1
IP Subnet Mask : 255.255.255.0
DHCP           : Enabled

Webserver Connected to Router #2, HTTP running on port 80

IP Address     : 192.168.2.107
IP Subnet Mask : 255.255.255.0
  • If I connect a computer to router #1, I can't access router #2 nor any machine connected to it, therefore, I can't access the webserver.
  • If I connect a computer to router #2, I can access both routers and also the webserver. I have Internet, no matter what router I'm connected.
  • People from outside (Internet) still can't access the webserver.

You should setup Port Forwarding from public port 80 on router #1 to port 80, to address of the router no. #2. Then, as Þór Sigurðsson said, change network address of router #2 to e.g. 192.168.2.1. Then do another port forwarding on router #2 from port 80 to machine 192.168.(already)2.107.

EDIT: to Your edit, because comment area is too small.

Generally you CAN'T access any machine connected to router #2 from router #1. This is normal, because it is running NAT and all your machines connected to router #1 can see is the single IP of the router #2, 192.168.1.x (you did not mention what WAN IP router #2 has). You can't ping e.g. 192.168.2.1 or 192.168.2.107 in your situation, while being connected to rounter #1.

To get webpage on any comp connected to router #1 from server at 192.168.2.107, router #2 has to have port forwarding from it's WAN address (192.168.1.x where x you did not mention) on port 80 to machine 192.168.2.107 having web server on port 80. Then any computer can access web werver by typing ROUTER #2's WAN ADDRESS in the browser window

To also get webpage from your server while being connected on the internet side, you have to port-forward on router #1 port 80 to router #2's WAN address of 192.168.1.x (where x you did not mention) port 80.

                           port-forward                                  port-forward
INTERNET --> YOUR_WAN_IP:80 [router #1] 192.168.1.1 --> 192.168.1.x:80 [router #2] 192.168.2.1 --> 192.168.2.107:80

Other thing is this message you are getting, aboud CPE, I don't know if you should do that, I mean I don't know your internet provider. Do they log in to your router #1 to do something at times? Or is it your own router? You should ask them if it is OK to change CPE HTTP port. But if it is your router then this is OK, just remember you will have to connect to port 8080 to configure your router.

If they don't let you change to 8080, there are other options available - you can forward port 81 on router #1 to port 80 of router #2, if router #1 has that option. but then from the internet it will be necessary to type YOUR_DOMAIN:81 or YOUR_WAN_IP:81 to connect. From network connected to router #1, server at 192.168.2.107 will still be accessible on port 80 without change.

Forgot to mention something - if you did not set a static WAN IP for router #2, you have to do it. So that forwarding from #1 to #2 will be working. Also, this WAN IP of router #2 should be removed from DHCP on router #1. So set router #2 WAN IP to e.g. 192.168.1.200 and router #1 DHCP shall be from 192.168.1.2 to 192.168.1.199.

Hope i got everything right