Access web page in bridge wan on lan

Hello friends
I enable rndis usb0 on lan as a bridge
By setting

ifname 'eth0,1 usb0'

I want to access the Luci panel without manual ip after applying the bridge
How do I do this?

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
2 Likes

ok thanks
this /etc/config/network that bridge wan to lan disable


config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdca:8938:0be4::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_dev'
	option name 'eth0.1'
	option macaddr '40:d6:3c:2c:fb:d9'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'

config device 'wan_dev'
	option name 'eth0.2'
	option macaddr '40:d6:3c:2c:fb:da'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 0 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'

config interface 'VPN'
	option ifname 'tun1'
	option proto 'pptp'
	option auto '0'

config interface 'VPNL2TP'
	option ifname 'tun0'
	option proto 'l2tp'
	option auto '0'

config interface 'wan1'
	option proto 'dhcp'
	option ifname 'usb0'

this is /etc/config/netowrk that wan to lan bridge enable


config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdca:8938:0be4::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1 usb0'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_dev'
	option name 'eth0.1'
	option macaddr '40:d6:3c:2c:fb:d9'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'

config device 'wan_dev'
	option name 'eth0.2'
	option macaddr '40:d6:3c:2c:fb:da'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 0 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'

config interface 'VPN'
	option ifname 'tun1'
	option proto 'pptp'
	option auto '0'

config interface 'VPNL2TP'
	option ifname 'tun0'
	option proto 'l2tp'
	option auto '0'

config interface 'wan1'
	option proto 'dhcp'
	option ifname 'usb0'

/etc/config/wireless :


config wifi-device 'radio0'
	option type 'mac80211'
	option hwmode '11g'
	option path 'platform/10300000.wmac'
	option channel 'auto'
	option htmode 'HT40'
	option txpower '23'
	option country 'US'
	option noscan '1'
	option legacy_rates '1'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid '******'
	option key '******'
	option encryption 'psk2+ccmp'
	option wpa_disable_eapol_key_retries '0'
	option wps_pushbutton '0'

/etc/config/dhcp :


config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '0'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'


/etc/config/firewall:


config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	list network 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	option network 'wan wan6 wan1 VPN VPNL2TP'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'






You are using usb0 in both lan and wan1 interfaces.

3 Likes

after set this config i have usb0 ip in lan port and i say this "bridge mode "
same other 4g modems that you can set bridge mode and get isp private ip in lan port
so i want set this and simultaneouly have luci web interface

I didn't understand that. The device should be part of one interface only. Decide if it is going to be lan or wan1, then post again the configs.

2 Likes

wan1 exists as the Internet interface inside the modem
Normally, when the modem is connected to a device, it receives an ip from lan. ip 192.168.1.x
But when I use usb0 In lan, you get the device connected to the ip usb0 modem, that is, the ip that the 4g lte module got from isp.

Something similar to this definition:

Is this understandable to you?
Now I want to be able to access 192.168.1.1 at the same time when I give ip usb0 to the device

Relative to your router it is still an upstream interface, so you should either replace the WAN ifname, or create another interface section, e.g. WWAN, and use both WAN and WWAN interfaces:

1 Like

thanks
I did not understand
I have a wan1 to connect to the Internet with ifname 'usb0' connected to the lte module
Now with what other interface can I enable my wan1 in mwan so that I can access the luci web interface on 192.168.1.1 while bridging?

Are you sure you know what you are doing? Bridging a local network to a WAN interface is quite unusual...

3 Likes

Especially when lan interface has an active dhcp server.

2 Likes

Yes
I want to have wan ip on the modem lan port
I mean, I want you to connect the cable to the lan port get wan ip instead lan ip
This feature is called bridge mode in 4G modems (such as huawei, green packet, etc ..)
You connect directly to the network ip
Now I want to access the luci modem panel when this is the case
Because I have seen this possibility in other modems and I want to implement it on my modem

in this mode just one device can connect to modem

Perhaps you should try to configure both dynamic and static IPs on your PC.

1 Like

A possible solution would be to use one port of the switch for the management by leaving it on lan interface. Then all the other ports, which will belong to vlan3, will be bridged to wan1. But you cannot have dhcp client and static IP on the same interface, nor you can assign the usb0 to multiple interfaces.

Yes it is possible with this method
But like the modems I've seen before, I wanted to be able to access the panel at the same time

It should be possible using aliases:
https://openwrt.org/docs/guide-user/network/network_interface_alias

2 Likes

Yes, exactly usb0 no longer works in wan when it connects to lan

That is, there is no way to have both the ip of the network on the port and access to the luci panel?

thanks i will check it now

I see what you want to do...

If you bridge both interfaces, the client on the LAN should get an IP address from the DHCP server on the modem.

If you configure a static address on that same bridge, the client on LAN should be able to access it, but will have the modem configured as a gateway, and packets will not reach the router. You should use an IP address on the same range as those issued by the modem.

1 Like