There shouldn't be two 192.168.1.1s, the EAP615-wall is currently 192.168.1.200, and my existing router is 192.168.1.1. Interestingly I've discovered that the EAP615-wall can't wget/curl 192.168.1.1 either so I'm starting with debugging that first. Looking at some tcpdump logs from the EAP615-wall while trying:
root@OpenWrt:~# curl -v --insecure https://192.168.1.1
* Failed to connect to 192.168.1.1 port 443 after 131826 ms: Operation timed out
curl: (28) Failed to connect to 192.168.1.1 port 443 after 131826 ms: Operation timed out
Results in these logs:
root@OpenWrt:~# tcpdump -v -i br-lan.2 -nn '(proto \tcp) and ((src 192.168.1.1 and src port 443) or (host 192.168.1.1 and dst port 443))'
tcpdump: listening on br-lan.2, link-type EN10MB (Ethernet), capture size 262144 bytes
14:57:31.939478 IP (tos 0x0, ttl 64, id 50545, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.200.48114 > 192.168.1.1.443: Flags [S], cksum 0x8448 (incorrect -> 0x159b), seq 3456882582, win 64240, options [mss 1460,sackOK,TS val 813637518 ecr 0,nop,wscale 4], length 0
14:57:31.940264 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.1.443 > 192.168.1.200.48114: Flags [S.], cksum 0x379d (correct), seq 2986799829, ack 3456882583, win 14480, options [mss 1460,sackOK,TS val 365684131 ecr 813637518,nop,wscale 6], length 0
14:57:32.930333 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.1.443 > 192.168.1.200.48114: Flags [S.], cksum 0x3739 (correct), seq 2986799829, ack 3456882583, win 14480, options [mss 1460,sackOK,TS val 365684231 ecr 813637518,nop,wscale 6], length 0
14:57:32.965245 IP (tos 0x0, ttl 64, id 50546, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.200.48114 > 192.168.1.1.443: Flags [S], cksum 0x8448 (incorrect -> 0x1199), seq 3456882582, win 64240, options [mss 1460,sackOK,TS val 813638544 ecr 0,nop,wscale 4], length 0
14:57:32.965817 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.1.443 > 192.168.1.200.48114: Flags [S.], cksum 0x3736 (correct), seq 2986799829, ack 3456882583, win 14480, options [mss 1460,sackOK,TS val 365684234 ecr 813637518,nop,wscale 6], length 0
14:57:35.045257 IP (tos 0x0, ttl 64, id 50547, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.200.48114 > 192.168.1.1.443: Flags [S], cksum 0x8448 (incorrect -> 0x0979), seq 3456882582, win 64240, options [mss 1460,sackOK,TS val 813640624 ecr 0,nop,wscale 4], length 0
14:57:35.045837 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.1.443 > 192.168.1.200.48114: Flags [S.], cksum 0x3666 (correct), seq 2986799829, ack 3456882583, win 14480, options [mss 1460,sackOK,TS val 365684442 ecr 813637518,nop,wscale 6], length 0
14:57:37.530328 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.1.443 > 192.168.1.200.48114: Flags [S.], cksum 0x356d (correct), seq 2986799829, ack 3456882583, win 14480, options [mss 1460,sackOK,TS val 365684691 ecr 813637518,nop,wscale 6], length 0
I'm not super familiar with this stuff, but I see the SYN, SYN-ACK, but then no ACK... and I'm not sure what's going on with that.
My current network config:
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan0'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
option vlan_filtering '1'
config bridge-vlan
option device 'br-lan'
option vlan '2'
list ports 'lan0:u'
config interface 'lan'
option device 'br-lan.2'
option proto 'dhcp'
option netmask '255.255.255.0'
option ipv6 '0'
config bridge-vlan
option device 'br-lan'
option vlan '1040'
list ports 'lan0:t'
config interface 'guest'
option device 'br-lan.1040'
option proto 'none'
But I had the same issue before I added the VLAN stuff, when I think the config was more like
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan0'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'dhcp'
option netmask '255.255.255.0'
option ipv6 '0'