After I figured out how to install OpenWrt on my Asus AX 1800S router, I tried to actually using it. From what the wiki and all the tutorials online showed, I should just enable the Wi-Fi radios, set password, and save and confirm. Apparently, that should just work. I'm here because it wasn't like that?
Is it not just plug and play? If I install OpenWrt and plug in the modem to the WAN port and computer wired in at LAN 1, it should work, right?
I think I read something about firewall settings and try and see if turning it off makes a difference. Every time I try to mess with the firewall it kinda gets worse, so if anybody has any advice, suggestions, comments, anything, just let me know in the comments below.
There was another tutorial that explained that you needed to switch WAN to use PPPOE instead of DHCP. However, I think either of these should work, so I kept it as DHCP by default. Honestly, I have no clue what more I could be doing here.
Also, it's not a problem with the modem, it works fine with my old TP-Link router.
Not if you have a gateway and not a modem and the gateway is in the 192.168.1.1 subnet (default for Openwrt). But let's see what is going on.
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </>
" button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
1 Like
Oh, I saw your other thread.
When you use the firmware selector did you click on "Customize installed packages and/or first boot script"?
But still: do the cat-calls.
1 Like
No, I did not install any extra packages, left everything as default.
Don't think I found any sensitive information in here. What's the worst that could happen, hee hee.
Thanks for the quick response.
root@OpenWrt:~# ubus call system board
{
"kernel": "5.15.137",
"hostname": "OpenWrt",
"system": "MediaTek MT7621 ver:1 eco:3",
"model": "ASUS RT-AX54",
"board_name": "asus,rt-ax54",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.2",
"revision": "r23630-842932a63d",
"target": "ramips/mt7621",
"description": "OpenWrt 23.05.2 r23630-842932a63d"
}
}
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd2a:3881:95fd::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
root@OpenWrt:~# cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
option channel '1'
option band '2g'
option htmode 'HE20'
option disabled '1'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
config wifi-device 'radio1'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0+1'
option channel '36'
option band '5g'
option htmode 'HE80'
option disabled '1'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option syn_flood 1
option input REJECT
option output ACCEPT
option forward REJECT
# Uncomment this line to disable ipv6 rules
# option disable_ipv6 1
config zone
option name lan
list network 'lan'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
config zone
option name wan
list network 'wan'
list network 'wan6'
option input REJECT
option output ACCEPT
option forward REJECT
option masq 1
option mtu_fix 1
config forwarding
option src lan
option dest wan
# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
option name Allow-DHCP-Renew
option src wan
option proto udp
option dest_port 68
option target ACCEPT
option family ipv4
# Allow IPv4 ping
config rule
option name Allow-Ping
option src wan
option proto icmp
option icmp_type echo-request
option family ipv4
option target ACCEPT
config rule
option name Allow-IGMP
option src wan
option proto igmp
option family ipv4
option target ACCEPT
# Allow DHCPv6 replies
# see https://github.com/openwrt/openwrt/issues/5066
config rule
option name Allow-DHCPv6
option src wan
option proto udp
option dest_port 546
option family ipv6
option target ACCEPT
config rule
option name Allow-MLD
option src wan
option proto icmp
option src_ip fe80::/10
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family ipv6
option target ACCEPT
# Allow essential incoming IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Input
option src wan
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
list icmp_type router-solicitation
list icmp_type neighbour-solicitation
list icmp_type router-advertisement
list icmp_type neighbour-advertisement
option limit 1000/sec
option family ipv6
option target ACCEPT
# Allow essential forwarded IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Forward
option src wan
option dest *
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
option limit 1000/sec
option family ipv6
option target ACCEPT
config rule
option name Allow-IPSec-ESP
option src wan
option dest lan
option proto esp
option target ACCEPT
config rule
option name Allow-ISAKMP
option src wan
option dest lan
option dest_port 500
option proto udp
option target ACCEPT
### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
# option src lan
# option src_ip 192.168.45.2
# option dest wan
# option proto tcp
# option target REJECT
# block a specific mac on wan
#config rule
# option dest wan
# option src_mac 00:11:22:33:44:55
# option target REJECT
# block incoming ICMP traffic on a zone
#config rule
# option src lan
# option proto ICMP
# option target DROP
# port redirect port coming in on wan to lan
#config redirect
# option src wan
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
# option dest_port 80
# option proto tcp
# port redirect of remapped ssh port (22001) on wan
#config redirect
# option src wan
# option src_dport 22001
# option dest lan
# option dest_port 22
# option proto tcp
### FULL CONFIG SECTIONS
#config rule
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 80
# option dest wan
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
# option target REJECT
#config redirect
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 1024
# option src_dport 80
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
Your config appears to be effectively the default. So I don't expect any issues there.
- What is upstream of your OpenWrt router? Is it a modem? modem+router combo device?
- What type of ISP connection do you have (cable, DSL, fiber, cellular, or ethernet provided by your building, etc.)?
- What is the expected connection protocol for your ISP (PPPoE, DHCP, static)? (have you checked your old router for the wan connection settings?)
2 Likes
- It's just your standard SOHO router. It's this one
- DSL Modem
- DHCP. Old router uses DHCP and just double-checked its web portal and confirmed it's DHCP.
All defaults should work. I have no idea what's going on. I thought it was my VPN or DNS for a second, but I reinstalled OpenWrt again, so my DNS server changes were wiped to default. VPN on my devices weren't an issue, as all other devices without VPN also weren't able to connect to the internet.
Are you saying that you've got the following configuration:
DSL modem > Asus RT-AX54 > computer + lan devices
Or is there something between the DSL modem and the RT-AX54?
1 Like
I tested it with this configuration
DSL modem > Asus RT-AX54 > computer
and this configuration
DSL modem > Asus RT-AX54 > lan devices (all 4 lan devices with my computer)
The number of downstream devices should not matter here.
Assuming that your DSL modem and service does indeed use DHCP, you might need to reboot your DSL modem so that it will clear the association with your previous router and then it can 'learn' the new one. Cable modems are known to need this type of action.
Try unplugging both your DSL modem and the router. Then plug the DSL modem back into power and let it fully boot. Once it is up, then connect your router's power.
1 Like
I actually read another forum post here of another guy who just had to reboot the modem and router, so I thought I'd give it a shot. For some reason, that did not work for me. Maybe I'll give it another go later, as there are people needing to use the network right now with the old router.
Are there any possible solutions to this issue if this doesn't work? Perhaps I didn't reboot correctly, I just unplugged and replugged both devices and waited for something to change.
can you show a screenshot of your other router's wan config (the router that is working)? Just to make sure we're talking about the same thing. The lan config could also be useful so that we can see how that was setup.
1 Like
Well, the LAN config was just me directly plugging my computer into the router to simplify the test.
Ok... and just to double check... you don't have to reveal anything beyond a yes/no here:
under the redacted section, is there possibly an address that looks like 192.168.1.x
?
1 Like
The redacted part is a 172.248.x.x address. Didn't look familiar to me, so it might be public.
that should be a public IP. 172.16.0.0/12 (172.16.0.1 - 172.31.255.254) is the RFC1918/private IP range.
2 Likes
Plug in the ASUS and tell us if it pulls the same public ip address.
1 Like
Network is a bit busy rn. Let me wait for my family members to take a break and then sneak in. Could be a while.
So those are the two options I gotta do?
- Unplug and replug both router and modem
- Check if router pulls a public ip address
All the configs look good on the router? Nothing else to do?
1 Like
- Where is 192.168.0.3 and 192.168.10.1?
- Maybe the issue is the DNS servers?
- Where did you get those DNS IPs from?
Maybe you can try specifying WAN DNS servers in the OpenWrt (e.g. 8.8.8.8 or 1.1.1.1).
1 Like
- 192.168.0.3 and 192.168.10.1 are addresses to my local dns server
- That's a screenshot from the router settings of my current network that is working fine.
- Me, I set up an adguard home dns server
The OpenWRT default configs didn't work, so I doubt that changing it to require a specific DNS would work. Nonetheless, I did attempt to use 9.9.9.9, and it didn't work either.
Where would I find it? Would it be in this box?