StanL
February 15, 2024, 9:06am
1
I have a WAX202. Although I was previously using my router as a complicated load balancing multi VLAN device, it's no longer needed for that. I decided to use it as a dump AP since it has better wifi than the gateway from my ISP.
I've followed the guides here for configuring a dumb AP and Guest Wifi on it.
Logging into the guest wifi results in my phone telling me 'connected, no internet'.
Any suggestions?
frollic
February 15, 2024, 9:08am
2
did you reset your 202 before attempting to set up the guest wifi ?
which guide did you follow, specifically ?
StanL
February 15, 2024, 11:42pm
3
Rebooted a LOT along the way. Not sure if I did between configuring the AP and the Wifi.
https://openwrt.org/docs/guide-user/network/wifi/dumbap https://openwrt.org/docs/guide-user/network/wifi/guestwifi/guestwifi_dumbap
Do you have a current config that is theoretically complete but not working?
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
StanL
February 16, 2024, 12:52am
5
Yup:
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
option ula_prefix '::::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'wan'
config device
option name 'lan1'
option macaddr ':::::'
config device
option name 'lan2'
option macaddr ':::::'
config device
option name 'lan3'
option macaddr ':::::'
config device
option name 'wan'
option macaddr ':::::'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.0.3'
option netmask '255.255.255.0'
option ip6assign '60'
list dns '192.168.0.1'
option gateway '192.168.0.1'
config device
option type 'bridge'
option name 'br-guest'
option bridge_empty '1'
config interface 'guest'
option proto 'static'
option device 'br-guest'
option ipaddr '192.168.4.1'
option netmask '255.255.255.0'
config wifi-device 'radio0'
option type 'mac80211'
option path ''
option band '2g'
option country 'US'
option cell_density '0'
option htmode 'HE20'
option channel '4'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option network 'lan'
option ssid ''
option encryption 'psk2'
option key ''
config wifi-device 'radio1'
option type 'mac80211'
option path ''
option band '5g'
option country 'US'
option cell_density '0'
option htmode 'HE80'
option channel '100'
config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option network 'lan'
option ssid ''
option encryption 'psk2'
option key ''
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'ap'
option ssid ''
option encryption 'psk2+ccmp'
option key ''
option network 'guest'
option isolate '1'
config dnsmasq
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
option confdir '/tmp/dnsmasq.d'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ignore '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'guest'
option interface 'guest'
option start '100'
option limit '150'
option leasetime '12h'
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
list network 'lan'
config zone
option name 'guest'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'guest'
config rule
option name 'Guest_DHCP'
list proto 'udp'
option src 'guest'
option dest_port '67-68'
option target 'ACCEPT'
config rule
option name 'Guest_DNS'
option src 'guest'
option dest_port '53'
option target 'ACCEPT'
config rule
option name 'Block_Guest_from_Lan'
option src 'guest'
option dest 'lan'
option target 'REJECT'
list proto 'all'
list dest_ip '192.168.0.1'
You have two problems (both in the firewall):
Change the dest_ip to 192.168.0.0/24
You're missing a forwarding rule:
config forwarding
option src 'guest'
option dest 'lan'
Then, reboot and try again.
StanL
February 16, 2024, 2:14am
7
Is there a Luci setting for that forwarding rule? I didn't see it in the guide.
Yes. See this section in the guest WiFi on a dumb ap guide:
Second screenshot.
StanL
February 16, 2024, 2:33am
9
Yup... that works. I had set the forwarding, but when I performed the zone cleanup at the end, it must have changed it and I didn't notice.
I had seen the 192.168.0.0/24 in the guide, but it was a manual entry and it didn't seem to affect the situation. Without that though and fixing the forwarding gives guests access to the main network.
Thank you again.
system
February 26, 2024, 2:33am
10
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
