Allow livebox6 guest wifi traffic to the internet

m4ri0g · February 11, 2024, 4:50pm

i use openwrt router as my main router. i connect the openwrt router to the ONT port and get a public ip address and can browse the internet etc.

i would like however use the isp provided livebox6 (Orange) to serve as a simple AP including a guest network that i use for working from home. as my lan is connected to a vpn in my home country and the work computer refuses to connect.

I disabled dhcp on the livebox and on the lan everything is working. the devices are obtaining the address from the openwrt router
BUT when I connect a device to the guest network that i configured on the livebox i do not get internet.

the devices on the lan use a 192.168.1.x/24 address.

the devices connected to the guest wifi have a 192.168.128.0/24 address with 192.168.128.1 as default gateway and dns.

this is the topology

INTERNET --> ONT---> OPENWRT---LIVEBOX

no devices are connected the livebox. it is there just to server as a wifi6 access points for lan and iot devices/work connected to the guest network.

the livebox appears to have running a separate dhcp server for the guest wifi... I do not know if that traffic is vlan tagged as the livebox is a blackbox and i cannot configure anything aside disabling dhcp and created basic nat rules.. etc

can i simply create a interface on the openwrt with ip address in the 192.168.128.x range and all it to a firewall zone guest so that i can access the wan? and nothing on the lan?

psherman · February 11, 2024, 4:57pm

Chances are that the livebox requires that its uplink is via the wan for the guest network to function. But doing that would cause your current usecase (dumb AP) to fail to work. I don't think that the livebox can do both... but that is out of scope and off-topic for these forums.

But... why not put a guest network on the OpenWrt device instead?

https://openwrt.org/docs/guide-user/network/wifi/guestwifi/configuration_webinterface

m4ri0g · February 11, 2024, 5:05pm

because the livebox is wifi6 and my openwrt router does not have wifi enabled/configured.
i normally use an old netgear router for wifi.. but since i just got this new livebox i would like to test it.
is there a way to sniff traffic to see if the guest network traffic is passing through the openwrt?

psherman · February 11, 2024, 5:17pm

Well, the details of how the livebox achieves its guest network is out of scope for this forum, but I can guess with reasonable certainty that it will only work if the device is connected via its wan port. Sniffing traffic won't likely work because it is highly likely that it is attempting to use the wan for this purpose so the traffic will never hit the OpenWrt device (which is connected lan-lan).

But... wireshark would be the way to sniff...
https://openwrt.org/docs/guide-user/firewall/misc/tcpdump_wireshark