I have installed openwrt 18.06 succesfully with luci webgui in my tplink 3020 v1.
I want to use it like this scenario:
+connect via lan port to corporate proxy with a static ip connected to internet exemple 192.168.124.60
+route that trafic to wireless hotspot as AP with dhcp capabilities so 192.168.0.254 is the luci adress of my tplink and any client connected to wifi has a local adress in the 192.168.0.x format and a the same local adress to the eyes of corporate lan. This is because I could connect to proxy using my phone or pc with credentiels that are bound to the static ip.
This is example setup similar to mine
Thank you very much
OK, simply do so and assign a static address, DNS and Gateway to the WAN.
done
You just said you want a hotspot...and it should have an IP of 192.168.124.0/24 range (i.e. 192.168.124.60), correct?
correct but my hotspot has to have this Static IP = 192.168.124.60
So please explain this 192.168.0.0/24 IP you want.
I connect through wifi
my pc and will have 192.168.0.100 adress
my phone will have 192.168.0.101 adress
both will connect to the proxy through the same static wlan adress 192.168.124.60
so my credentiels work
Also I can acces 192.168.0.254 (webgui config of tplink) wirelessly
This was working in Tplink stock firmware and in DD-wrt
using trace route
192.168.0.100 (pc) ---> 192.168.0.254 (Tp link ) ---> 192.168.124.1 (proxy LAN ) ---> internet
Is it possible ?
I want to use open wrt because of adblocking functionality and transparent proxy through privoxy for phone applications that don't provide proxy settings
so basically you are trying to transparently route all the NAT traffic on the local subnet through an upstream proxy that requires some authentication?
you mention privoxy as an intercepting proxy, so i assume the forward feature built in to privoxy is unable to do the authentication (been awhile since i used privoxy and never needed forwards when i did).
without knowing details on the upstream proxy and looking at the current openwrt package table, i think redsocks ( https://openwrt.org/packages/pkgdata/redsocks ) should work. it looks like it will require setting up some firewall rules for intercepting. some web searches pointed me to what seems like a good start at https://gist.github.com/afriza/1097210
i have no hands on experience so can't offer much help. maybe someone with insights will comment. if you have trouble setting it up you might want to start a thread with a relevent title.
so basically you are trying to transparently route all the NAT traffic on the local subnet through an upstream proxy that requires some authentication?
yes but I didn't succeed to do it , Any help like configuration in these files
/etc/config/network
/etc/config/wireless
checked the device page ( https://openwrt.org/toh/tp-link/tl-mr3020 ) and got an idea of the hardware and instructions (under "Install Snapshot Image" seem to be the reverse of what you want, ie wifi is sta (client) on wan and ethernet is static with dhcp server)
not knowing what the stock config on the board looks like and based on the instruction. i would start with /etc/config/wireless
config wifi-device radio0
option type mac80211
option channel 9
option hwmode 11ng
option path 'platform/ar933x_wmac'
option htmode HT20
list ht_capab SHORT-GI-20
list ht_capab SHORT-GI-40
list ht_capab RX-STBC1
list ht_capab DSSS_CCK-40
option disabled 0
option txpower 27
config wifi-iface
option device radio0
option network lan
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'psk2'
option key 'LongSecretPassword'
assuming your "lan" interface is configured to run a dhcp server. restart the network ("/etc/init.d/network restart"). then make sure you can connect to the wireless, reach the router and edit /etc/config/network
honestly this should be pretty close to (what i imagine should be) the stock config aside from a static address configuration on the "wan" interface and a change of ip address on the "lan" interface.
Good morning
Thank you very much , it is working as I want .
All I did , is copy/paste using winscp to
/etc/config/network
/etc/config/wireless
save and reboot
but there is 2 problems:
1--when I ssh wirelessly using Putty , I lose internet acces through browser with loosing internet through Putty.
2--I am unable to access 192.168.0.254 i using cable so the static network 192.168.124.* must be working for configuring my Tpink , is there any config that I can add to access 192.168.0.254 through cable to pc if I change networks (like in my home for package updates for ex)
SO I changed my config to be able to access internet at my home for packages update/install to the following :
I couldn't setup redsocks .It didn't appear in luci -> services. Install was successfull and redsocks started. But there is no wiki for setting it through ssh (putty). The page from
doesn't precise the redsocks.conf nor run.sh or setup-iptables.sh locations.
Any help ?
I have no idea what that means. You're making a local ssh connection with PuTTY there is no concept of Internet access there.
You would open the firewall so you can connect to the device on its 192.168.124 IP. Do consider that this exposes you to potential hacking by anything on the upstream (192.168.124) network.
Two general points about the single-port travel router: first it is usually segregated into the user/administrator on wifi and the untrusted upstream network wired.
Making WAN a DHCP client is more flexible if you connect to different WAN networks. If the network has a local DNS implementation you can refer to it by name from that network.
I a gratefull for your help . It was the solution that I searched for.Thanks
Redsocks doesn't have a luci-app which hardens configuration.
Any help concerning using github link ?
1-- This was temporarily , I explain if I use opkg update in ssh to download package , my browser on pc connected wirelessly looses internet.
When I reboot tplink through Putty , internet comes back.
2--I resolved this problem using wireless to connect to tplink for change in configuration , If I use cable , I am unable to access luci nor ssh because my pc is not the static company network that it expects.
I have new question : Is it possible to use 2 confirguration one in internal memory (root/etc/config) and one in root/overlay/upper/etc/config so when I unplug my sd card , it returns to internal configuration ?
1-Setting the wan network as DHCP client was my error that I was doing before asking here (@lleachii ) giving me headache to set my tplink in company network. It needs to be DHCP server
2-I tried to change subnet before and I was unable to acces my tplink .
I will always change setting by wifi as you said and connect my tplink with ethernet port to internet even at home.
Any possible help with redsocks ?
) giving me headache to set my tplink in company network. It needs to be DHCP server