Can't Connect To The Internet

After I figured out how to install OpenWrt on my Asus AX 1800S router, I tried to actually using it. From what the wiki and all the tutorials online showed, I should just enable the Wi-Fi radios, set password, and save and confirm. Apparently, that should just work. I'm here because it wasn't like that?

Is it not just plug and play? If I install OpenWrt and plug in the modem to the WAN port and computer wired in at LAN 1, it should work, right?

I think I read something about firewall settings and try and see if turning it off makes a difference. Every time I try to mess with the firewall it kinda gets worse, so if anybody has any advice, suggestions, comments, anything, just let me know in the comments below.

There was another tutorial that explained that you needed to switch WAN to use PPPOE instead of DHCP. However, I think either of these should work, so I kept it as DHCP by default. Honestly, I have no clue what more I could be doing here.

Also, it's not a problem with the modem, it works fine with my old TP-Link router.

Not if you have a gateway and not a modem and the gateway is in the 192.168.1.1 subnet (default for Openwrt). But let's see what is going on.


Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
1 Like

Oh, I saw your other thread.

When you use the firmware selector did you click on "Customize installed packages and/or first boot script"?

But still: do the cat-calls.

1 Like

No, I did not install any extra packages, left everything as default.
Don't think I found any sensitive information in here. What's the worst that could happen, hee hee.

Thanks for the quick response.

root@OpenWrt:~# ubus call system board
{
        "kernel": "5.15.137",
        "hostname": "OpenWrt",
        "system": "MediaTek MT7621 ver:1 eco:3",
        "model": "ASUS RT-AX54",
        "board_name": "asus,rt-ax54",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "23.05.2",
                "revision": "r23630-842932a63d",
                "target": "ramips/mt7621",
                "description": "OpenWrt 23.05.2 r23630-842932a63d"
        }
}
root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd2a:3881:95fd::/48'
        option packet_steering '1'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'

config interface 'wan6'
        option device 'wan'
        option proto 'dhcpv6'

root@OpenWrt:~# cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
        option channel '1'
        option band '2g'
        option htmode 'HE20'
        option disabled '1'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'none'

config wifi-device 'radio1'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0+1'
        option channel '36'
        option band '5g'
        option htmode 'HE80'
        option disabled '1'

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'none'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option filter_aaaa '0'
        option filter_a '0'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

root@OpenWrt:~# cat /etc/config/firewall
config defaults
        option syn_flood        1
        option input            REJECT
        option output           ACCEPT
        option forward          REJECT
# Uncomment this line to disable ipv6 rules
#       option disable_ipv6     1

config zone
        option name             lan
        list   network          'lan'
        option input            ACCEPT
        option output           ACCEPT
        option forward          ACCEPT

config zone
        option name             wan
        list   network          'wan'
        list   network          'wan6'
        option input            REJECT
        option output           ACCEPT
        option forward          REJECT
        option masq             1
        option mtu_fix          1

config forwarding
        option src              lan
        option dest             wan

# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
        option name             Allow-DHCP-Renew
        option src              wan
        option proto            udp
        option dest_port        68
        option target           ACCEPT
        option family           ipv4

# Allow IPv4 ping
config rule
        option name             Allow-Ping
        option src              wan
        option proto            icmp
        option icmp_type        echo-request
        option family           ipv4
        option target           ACCEPT

config rule
        option name             Allow-IGMP
        option src              wan
        option proto            igmp
        option family           ipv4
        option target           ACCEPT

# Allow DHCPv6 replies
# see https://github.com/openwrt/openwrt/issues/5066
config rule
        option name             Allow-DHCPv6
        option src              wan
        option proto            udp
        option dest_port        546
        option family           ipv6
        option target           ACCEPT

config rule
        option name             Allow-MLD
        option src              wan
        option proto            icmp
        option src_ip           fe80::/10
        list icmp_type          '130/0'
        list icmp_type          '131/0'
        list icmp_type          '132/0'
        list icmp_type          '143/0'
        option family           ipv6
        option target           ACCEPT

# Allow essential incoming IPv6 ICMP traffic
config rule
        option name             Allow-ICMPv6-Input
        option src              wan
        option proto    icmp
        list icmp_type          echo-request
        list icmp_type          echo-reply
        list icmp_type          destination-unreachable
        list icmp_type          packet-too-big
        list icmp_type          time-exceeded
        list icmp_type          bad-header
        list icmp_type          unknown-header-type
        list icmp_type          router-solicitation
        list icmp_type          neighbour-solicitation
        list icmp_type          router-advertisement
        list icmp_type          neighbour-advertisement
        option limit            1000/sec
        option family           ipv6
        option target           ACCEPT

# Allow essential forwarded IPv6 ICMP traffic
config rule
        option name             Allow-ICMPv6-Forward
        option src              wan
        option dest             *
        option proto            icmp
        list icmp_type          echo-request
        list icmp_type          echo-reply
        list icmp_type          destination-unreachable
        list icmp_type          packet-too-big
        list icmp_type          time-exceeded
        list icmp_type          bad-header
        list icmp_type          unknown-header-type
        option limit            1000/sec
        option family           ipv6
        option target           ACCEPT

config rule
        option name             Allow-IPSec-ESP
        option src              wan
        option dest             lan
        option proto            esp
        option target           ACCEPT

config rule
        option name             Allow-ISAKMP
        option src              wan
        option dest             lan
        option dest_port        500
        option proto            udp
        option target           ACCEPT


### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
#       option src              lan
#       option src_ip   192.168.45.2
#       option dest             wan
#       option proto    tcp
#       option target   REJECT

# block a specific mac on wan
#config rule
#       option dest             wan
#       option src_mac  00:11:22:33:44:55
#       option target   REJECT

# block incoming ICMP traffic on a zone
#config rule
#       option src              lan
#       option proto    ICMP
#       option target   DROP

# port redirect port coming in on wan to lan
#config redirect
#       option src                      wan
#       option src_dport        80
#       option dest                     lan
#       option dest_ip          192.168.16.235
#       option dest_port        80
#       option proto            tcp

# port redirect of remapped ssh port (22001) on wan
#config redirect
#       option src              wan
#       option src_dport        22001
#       option dest             lan
#       option dest_port        22
#       option proto            tcp

### FULL CONFIG SECTIONS
#config rule
#       option src              lan
#       option src_ip   192.168.45.2
#       option src_mac  00:11:22:33:44:55
#       option src_port 80
#       option dest             wan
#       option dest_ip  194.25.2.129
#       option dest_port        120
#       option proto    tcp
#       option target   REJECT

#config redirect
#       option src              lan
#       option src_ip   192.168.45.2
#       option src_mac  00:11:22:33:44:55
#       option src_port         1024
#       option src_dport        80
#       option dest_ip  194.25.2.129
#       option dest_port        120
#       option proto    tcp

Your config appears to be effectively the default. So I don't expect any issues there.

  • What is upstream of your OpenWrt router? Is it a modem? modem+router combo device?
  • What type of ISP connection do you have (cable, DSL, fiber, cellular, or ethernet provided by your building, etc.)?
  • What is the expected connection protocol for your ISP (PPPoE, DHCP, static)? (have you checked your old router for the wan connection settings?)
2 Likes
  • It's just your standard SOHO router. It's this one
  • DSL Modem
  • DHCP. Old router uses DHCP and just double-checked its web portal and confirmed it's DHCP.

All defaults should work. I have no idea what's going on. I thought it was my VPN or DNS for a second, but I reinstalled OpenWrt again, so my DNS server changes were wiped to default. VPN on my devices weren't an issue, as all other devices without VPN also weren't able to connect to the internet.

Are you saying that you've got the following configuration:

DSL modem > Asus RT-AX54 > computer + lan devices

Or is there something between the DSL modem and the RT-AX54?

1 Like

I tested it with this configuration

DSL modem > Asus RT-AX54 > computer

and this configuration

DSL modem > Asus RT-AX54 > lan devices (all 4 lan devices with my computer)

The number of downstream devices should not matter here.

Assuming that your DSL modem and service does indeed use DHCP, you might need to reboot your DSL modem so that it will clear the association with your previous router and then it can 'learn' the new one. Cable modems are known to need this type of action.

Try unplugging both your DSL modem and the router. Then plug the DSL modem back into power and let it fully boot. Once it is up, then connect your router's power.

1 Like

I actually read another forum post here of another guy who just had to reboot the modem and router, so I thought I'd give it a shot. For some reason, that did not work for me. Maybe I'll give it another go later, as there are people needing to use the network right now with the old router.

Are there any possible solutions to this issue if this doesn't work? Perhaps I didn't reboot correctly, I just unplugged and replugged both devices and waited for something to change.

can you show a screenshot of your other router's wan config (the router that is working)? Just to make sure we're talking about the same thing. The lan config could also be useful so that we can see how that was setup.

1 Like

Well, the LAN config was just me directly plugging my computer into the router to simplify the test.

Ok... and just to double check... you don't have to reveal anything beyond a yes/no here:

under the redacted section, is there possibly an address that looks like 192.168.1.x?

1 Like

The redacted part is a 172.248.x.x address. Didn't look familiar to me, so it might be public.

that should be a public IP. 172.16.0.0/12 (172.16.0.1 - 172.31.255.254) is the RFC1918/private IP range.

2 Likes

Plug in the ASUS and tell us if it pulls the same public ip address.

1 Like

Network is a bit busy rn. Let me wait for my family members to take a break and then sneak in. Could be a while.

So those are the two options I gotta do?

  1. Unplug and replug both router and modem
  2. Check if router pulls a public ip address

All the configs look good on the router? Nothing else to do?

1 Like
  • Where is 192.168.0.3 and 192.168.10.1?
  • Maybe the issue is the DNS servers?
  • Where did you get those DNS IPs from?

Maybe you can try specifying WAN DNS servers in the OpenWrt (e.g. 8.8.8.8 or 1.1.1.1).

1 Like
  • 192.168.0.3 and 192.168.10.1 are addresses to my local dns server
  • That's a screenshot from the router settings of my current network that is working fine.
  • Me, I set up an adguard home dns server

The OpenWRT default configs didn't work, so I doubt that changing it to require a specific DNS would work. Nonetheless, I did attempt to use 9.9.9.9, and it didn't work either.

Where would I find it? Would it be in this box?