Few topics, one, two, on this forum are pointing to almost the same issue, the wiki and user-guide step-by-step instructions on how to configure a Guest Wi-Fi access point leads to a functional Wi-Fi, without actual internet connection.
The reason of disfunctionality is beyond my comprehention as well as why all the given information and efforts from involved persons, are not solving the intended purpose.
Followed pictorial guide, CLI guide, extra guide to no avail in having a functional Guest Wi-Fi.
Interesting fact, TP-Link AP's I have (EAP 110, EAP225, EAP245) with original firmware, are perfectly able to comply the Guest Wi-Fi with just few ticks.
No VLAN's, no extra managed switches etc.
For me, the only intend from a Guest Wi-Fi is to prevent reaching any local IP subnet.
Someone please step in and find/offer a working solution. Many thanks !!!
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
Very true. That is the most common issue with folks setting up a guest network - and calming they're following the guide. It would be good to Identify the documentation bug (if one exists).
This tutorial uses dhcp client on the lan interface, which means the information is obtained automatically from the upstream dhcp server. The difference in your case was that you were using static ip where you must specify everything (ip, subnet mask, gateway, and dns).
Hi,
as I put some rework in the dumb AP + GuestWiFi Guide, I would like to comment to make it easier for people who find this posting to understand what exactly happend:
edit:
-> wrong conclusion / needs rework <-
thx Peter Sherman for solving this sooooo quick!
hope the makes it easier to get it done
keep on rockin' with openWrt !
Sorry to get contradictory, the 3rd. point is not correct. The "dumb Wi-Fi AP", the Wi-Fi attached to lan interface, was perfectly functional before, as well as after guest interface Wi-Fi adition.
Main difference was that Wi-Fi attached to lan interface had internet access while Wi-Fi attached to guest interface did not.
Even at this moment, the lan interface having a static IP, does not have DNS configured.
It is only the guest interface that has been configured with a DNS server.
Different trials to add Guest Wi-Fi had always been done on a factory reset AP, all default settings, DNS remained unset for all interfaces.
All my AP's are configured with static IP's from the first setup.
Please let me know if I can be of help providing log files.
LE. This was definitely the fastest forum reply and working solution I have ever experienced. Hats off to such skill and commitment.
Hello radunre,
I took a look @ my config, its more or less the same as yours.
Neither LAN nor GUEST on my dumb AP + Guest WiFi have a custom DNS configured (similar to the screenshots you provided). Both of them seem to use the standard DNS on the router that is configured here
Could you check your config in the section the screenshot is showing ?
LAN and GUEST will use this .. at least in my case.
Never the less - the dumb AP guide advices to put a DNS Server into the custom DNS Section. I did not do as well, but at least I configured a "global" DNS Forwarding which seems to be used by "AP seen as a System" & GUEST (not LAN ..LAN is served by your master router / master DHCP with DNS info stored in the master router).
I am pretty sure that your "standard" DNS forwarder ist empty (see screenshot, nothing at the place where it shows 192.168.0.171). That means that the "AP as a System" in your case has no idea where to forward DNS requests. The interesting thing is - as you described, that the AP clients in LAN are served from the DHCP from your main router, and get their DNS Server from it - in most cases the IP of the main router that acts as global DNS Server.
When you add Guest WiFi, there is no friendly main router DHCP service for clients anymore. A new DHCP serves your guests, and this new DHCP needs to know where the DNS Server is. He can take this info from a "custom" DNS - as Peter Sherman advised you to add, or he can take the global defined DNS Server / Forwarding (screenshot: 192.168.0.171) in the DNS Settings of the router. If forwardings in the standard DNS configs are emty AND the custom DNS as well - no DNS service for your GUEST clients.
If my conclusions are right - I will doublecheck with Peter if possible - I will update the Guest WiFi Guide to make sure that the situation you came in is avoided upfront. You are not the first one who got into this situation for sure, but the first one to make this problem visible, thx.
The DHCP and DNS screenshot show no populated fields on my config.
Yet, somehow, the plain dumb AP configuration without Guest, has provided internet access.
If could be of help, I can factory default the test unit, create a dumb AP and post the configuration.
LE. Just seen your edited post and my thougths are identical.
The lan interface, being in the same subnet with main router, will place all clients (through DHCP) in same subnet and benefit from DHCP DNS service.
Thank you for taking your time to further analize this situation.
Peter analyzed the problem blazing fast & found a solution with the custom DNS.
Having a standard DNS defined solves the problem as well and maybe also avoids other / future problems.
I've been meaning to get back to this... sorry for the delay.
Thanks @mopsza for your edits to the wiki.
Some thoughts about your updates...
The guide overall has some inconsistencies for the upstream network -- 192.168.1.0/24 vs 192.168.0.0/24 -- in both the text descriptions and the screenshots. This might lead to some confusion.
The DNS forwardings method is fine and valid, but I personally prefer to put the DNS into the lan interface definition... it's possibly splitting hairs here, but the dns forwardings in the dnsmasq service are 'automatically' determined when the upstream network has DNS defined; including it in the lan interface is useful for that reason and for readability.
DNS forwardings (and/or inclusion in the lan interface definition) is only generally necessary when the lan address is set via static IP. In the screenshots, the lan interface uses DHCP which normally means that the upstream DHCP server will provide DNS server information.
A bit more explanation about the address used in the DNS forwardings (or DNS in the lan interface definition) could be useful to ensure that people understand that they may need to adapt to their own network (it does hint, but could be more explicit) and that they can alternatively use a public DNS server.
So, yes... this is clearly the missing DNS situation was an oversight in the previous iteration of the wiki page... but it would be useful to make sure that the text and screenshots are consistent and to make the options (and potentially required adaptations) more clear.
Other than those comments (maybe 'nit-picks' ), honestly a very good and useful update. Thank you!!
Hi Peter,
Very useful insights, thank you.
I think I understand all inputs and will put them into the guide.
A little bit incredible we all have not seen the DNS issue. In my case .. i came from a static lan main router config and had the standard dns value already put in standard dns config.
Hi,
I updated the LuCI screemshot guide regarding dumb AP + GUEST.
All dumb AP screenshots with LAN configuration visible now show a static setting, with dumb AP LAN IP 192.168.1.2
All IP adresses in screenshots and text are now openWrt Standard .
DNS server setting added, using "custom dns" in the interface configuration
added a little more info in the DNS section, making clear that openWrt nomally uses main router 192.168.1.1 as DNS Server, but e.g. 1.1.1.1 can be used as well.
In some far away future .. this dumb AP + Guest Network guide will be very good