I'm using OpenWRT as a 5Ghz access point, and I have a separate broadband router and DHCP server on my network. I'm wanting to use the 2.4Ghz wifi to bridge across to my solar inverter. My main network is 192.168.1.0/24.
The solar inverter has a built in access point with its own SSID and DHCP server, with IP of 11.11.11.1.
I can join the OpenWRT with the solar inverter's network - but how do I then access the solar inverter from within my main network? Is this relayd I need to configure and, if so, how - as the diagram suggests that this should sit on the bridged network not the primary network?
With its IP address?
The inverter is on 11.11.11.1.
The OpenWRT device has been assigned IP of 11.11.11.100 by the solar inverter, and is 192.168.1.35 on my LAN.
For now, place the inverter network in the lan firewall zone for testing. Later you can set up a more IoT like firewall and not fully trust it.
OpenWrt creates a route to the networks that exist in it, such as this inverter network. However the rest of your network is so far unaware of the inverter network. In the main router, install a static route 10.11.11.0/24 via 192.168.1.35. Then you should be able to access the inverter from any LAN computer as 10.11.11.1.
1 Like
If the OpenWrt is the router, this already exists. If it't not the router, the route should be added to client - or the router in between.
That router will be the default route for the LAN computers. The simplest way is to have it direct 10.11.11.X back to the OpenWrt router which holds the inverter network. Other ways are to manually install this route into the LAN computers that need inverter access, or configure the DHCP server to advertise the route so the computers will install it automatically. Those ways have the potential to be very slightly faster but that isn't an issue with an IoT.
First: are you sure you need to join your Solar AP and not have to Solar wifi Join your home network? For most IoT type devices you only need to join "their own" AP for initial setup. Having it join the other way around automatically solves your problem.
When not: like @lleachii said: via its own IP (11.11.11.11). When your OpenWrt device joins the AP it will get 11.11.11.100/24 (which means it will insert a route 11.11.11.0/24 automatically). If you can manually add a route on the Solar device that's the way I would do it: add 192.168.1.0/24 via 11.11.11.100. (I can imagine you can't).
So: make a new firewall zone (as if its another WAN): I would say: reject INPUT, accept OUTPUT and accept FORWARD. And tick "masquerade". This will do NAT between your 192.168.1.x and 11.11.11.x so your Solar device will know how to send traffic back to your local (LAN) devices.
Assign this Zone to the Wifi device that was created when you joined the Solar AP (phy0-sta0 or similar).
The above assumes you are using the OpenWrt devices as main router. Since you are not: you would need to add to your main gateway/router a static route like mentioned by @mk24 (11.11.11.0/24 via 192.168.1.35)
1 Like
Just to state the obvious, but 11.0.0.0/8 is not a private IP range, but a public one (owned by the US DoD). Any vendor trying to re-use this IP block for their own purposes is incompetent at best…
2 Likes
The LAN PCs' default route will be through that router. Having it point 10.11.11.X back to the OpenWrt router, which hosts the inverter network, is the simplest solution. There are alternative methods, including manually installing this route into the LAN computers that require access to the inverter or configuring the DHCP server to advertise the route, which will cause the computers to instal it automatically. Those methods might be only a tiny bit quicker, but an IoT doesn't have a problem with that.
For testing purposes, currently install the inverter network in the lan firewall zone. Later, you can install a firewall that is more like an Internet of Things (IoT) device while still having some doubts about it.