I have a TP-Link Wr1043n-v5 with latest Openwrt 22.03-rc6 (I like using being on latest versions). All seems fine. This TP-Link is acting as "extender" for my main router. Scheme as following:
Fiber -> Fiber multi-purpose router --(lan1)----very long cable----(lan1)--TP-Link
The TP-link has nothing on WAN port and internet enters into TP-Link via Lan1 port and Lan2-3-4 have ethernet cables for computers. All computers on this config use 192.168.1.x. My fiber router is 192.168.1.254 and TP-Link uses 192.168.1.1.
I can setup a guest wifi network on my fiber router normally, just need to enter into wifi config, select edit, scroll down, enable and configure the guest settings and that's it. The guests will have 192.168.4.x. However, I can't control bandwidth and the recent firmware changes won't allow me to just set guest for 2.4Ghz or just for 5Ghz.
But I wan't my TP-Link that only has 2.4Ghz to handle a guest wifi without access to local computers/routers, only net and if possible to traffic shape all guest clients to 4mbps each or in bulk.
I tried to follow Openwrt guides but they seem complicated, no updated images, I can't find "change protocol" and so on. I feel stupid.
I wish Openwrt team added an option to automatically set things for us based on defaults or info provided by us.
From TP-Link, I login to Openwrt 22.03, choose Network at top and select Wireless. I have radio0 and the local wifi. I click Add at right of radio0 and fill the info the best I can and it creates another wifi network but I don't what to do next.
The goal is to create a guest wifi under 10.0.0.x or 192.168.1.x and the clientes to be unable to access local resources, except internet, and all clients to have upto 4mbps.
connect the WAN port for the 1043, and use a separate subnet for the LAN side.
set a rule in the firewall blocking all traffic but to the IP (and certain ports ?) of the fiber device.
you can use QoS over nftables to cap the traffic to whatever speed you set, but the
solution is reactive, and will let it spike (< 1 sec), before applying the cap.
you can probably set the WAN port to run at 10mbit, using ethtool, then the spikes
will never exceed 10mbit.
Isn't there another way? I mean, nothing connected to the wan port of 1043 and both local wifi on fiber and tp-link sharing same 192.168.1.x and guest wifi being added to 1043 with 192.168.2.x or 10.0.0.x?
The TP-Link 1043n v5 has 3 freaking big wifi antennas. Only one is used I think.
Perhaps it's possible to assign one of the radios to another zone, but I haven't tried it...
OpenWrt is intended for advanced use with full control of all facilities, rather than running canned "recipes" to meet various use cases.
The configuration you have in the 1043 now is generally called a dumb AP. If you make a bridge for WAN then you can still put an AP on it as a dumb extension of the ISP router's LAN. Then you can add a guest network conventionally that routes guest->wan and add bandwidth control to the guests.
Actually you could also SQM / bandwidth control the trusted users on the direct to wan AP as well, but your fiber is probably faster than what 2.4 can achieve anyway.
- To do this:
Reset to default configuration
Plug the cable to the main router into wan. Plug your PC into a lan port.
Log in and change the lan IP to something outside the main router's lan, e.g. 192.168.2.1/24.
Log in again on the new IP
Go to network-interfaces and edit the wan network to detach the Ethernet system from it. Remember the port name (probably eth0.2)
Go to network-interfaces and click devices, create a br-wan of type Bridge. Add the port that you removed from the wan directly.
Go back to Interfaces and edit wan again, making its device br-wan.
Configure trusted wifi AP with wan as its network.
You're now back to having a dumb AP which will link its users directly to the main router. But there's also a conventional lan-wan router behind it, where you can use the wiki directions to add a guest network.