Allow Access to LUCI/ssh via wan Network

I just installed OpenWRT on my router, its a Tp-Link archer c60 v3, the problem is that v3 doesn't have an official release so i had to install a snapshot, this is the file that i used: openwrt-ath79-generic-tplink_archer-c60-v3-squashfs-sysupgrade.bin, i have been reading and came to the conclusion that snapshot factory configurations are different from an official release.
I installed LUCI, and SQM because i'm working on a university project to create the best cheap alternative for gaming over WiFi on your home network, i have to install lots of things and test multiple configurations, but the problem that i'm having is connecting to the router via WiFi, i can access easily via lan, but when i try to access via ssh my connection always times out, if i try accessing via the browser (yes, I've change the ip) i get a link saying LuCI - Lua Configuration Interface, but after some seconds i get a message that says: This site can’t be reached, what can i do?

Did this successfully install? Did you see any errors?

If you have successfully installed LuCI, it should be accessable via a wired LAN side connection. If this is not working, try clearing your browser history and cache or using another browser (or a private/incognito window). If those don't solve the problem, connect via ssh (which must clearly work on the wired LAN or you wouldn't have been able to install LuCI) and check that you have a running instance of uhttpd
ps | grep uhttp

Wifi is disabled by default, so I assume you've enabled it. Did you change the firewall zone for Wifi or is it on the same zone as your LAN? Is client isolation enabled?

Let's start with those, and then worry about your title question (LuCI/ssh via WAN) -- this is okay if the OpenWrt WAN is completely trusted (i.e. already behind a firewall and part of a trusted LAN), but it is absolutely a bad idea to expose those to the WAN if that network is public (such as the internet).

Luci installed without any errors, and i did setup my WiFi through it, i can access via wired LAN, how can i check if i have uhttpd enabled? im not sure if i changed the firewall zone, on my firewall i have this two zones

i dont know how to change the zone, but i just checked and client isolation is disabled

I said this earlier:

But it looks like it is already running since you provided a screenshot of the web interface (LuCI).

Your firewall zones look normal. I did forget to ask -- did you setup a separate network for your wifi, or is it essentially just the default (other than enabling and optionally changing the SSID/password)? If you didn't make any other changes, the wireless should be on the same network as the LAN, so there shouldn't be any issues with access.

Can you clarify the issue a bit, though? Clearly it appears that you can connect via wired connection to LuCI and you must have ssh access, right? So i the problem purely when you are on wifi that you are unable to reach LuCI or connect via ssh?

Yeah, that's it, i want to access via WiFi, i just checked and i did changed the network from lan to wan, i thought i had to do this, but i just added both networks, and now i'm able to access via WiFi, i created an admin SSID that has both networks so i'm the only one that can access, thank you very much, do you have any advice on how to configure the network for gaming, as i said earlier, this is for a university project, i have to implement QoS, currently i have SQM setup, also i have to be able to block certain webpages, also install an adblocker (the problem with this is that i don't know if some webpages might detect it, (i currently use Opera's Adblocker and i sometimes run into this problem), i also have to implement a VPN so that every device on the network may access it, (what VPN provider do you recommend?), thanks for you time!

@LordOTC -

That's a lot of questions! It is usually best to keep the thread on-topic... your extra questions don't really belong in this particular thread.

Please don't take this the wrong way, but with your stated goal, my guess is that you should be learning about all of these things. Rather than just following a few guides and/or asking generic questions for people to tell you 'use this' or 'do that,' I think you'll be much better served by searching the web and these forums for all the various options and figuring out what will work best in your specific situation and learning how to implement everything step-by-step. Exploring and researching will help you understand not just how to do these things, but also why they are done in certain ways, how certain technologies/packages/configuration options work, and which ones are better for your application than others.

The community here is happy to help and we can give you guidance when things are broken or when you need pointers or information about some of the details. But, especially since this is a project for school, I don't think it makes sense for us to kind of do it for you, if you know what I mean. Please feel free to open new threads for new topics as you make progress and need help -- we have a lot of knowledgable people here totally willing and able lend a hand.

1 Like