Help with configuration : indentify the need

I just tried, the dumbap conversion seems good (no error with commands) but now i can't connect to the OpenVPN server.

The ip of the ropouter changed (from 192.168.4.24 to .22), the provider's router detect it as DumbAP1 so i redone the forwarding but i'm getting a server timeout when trying to connect to OpenVPN.

And now i can't even see the openwrt on my network, unreachable via IP or anything.... And a tracert 8.8.8.8 isn't showing the openwrt.

I suspect the gateway is wrong, but post here the output of these to verify:
uci export network; uci export wireless; uci export firewall; uci export dhcp

I can't access the router anymore... I can't find it's IP

I 've just perform a reset thanks to the reset button.

Take it step by step. First make the router dumbAP and after it is done properly you can make the modifications to add the vpn server.
For the latter you'll need to assign the OpenVPN tun interface in LAN firewall zone, add masquerade so the traffic from VPN uses the router IP, and restart firewall.

Ok, so first a firstboot -y && reboot now

Then I install all my packages, configure my WiFi.

Switch from WAN to Lan port as suggested in the guide?

Finally configure the dumbAP and if all is good add the OpenVPN config ?

In step 3 remove wan zone from firewall and wan interface.
Assign a static IP in lan interface or change protocol to dhcp.
Follow the rest of the instructions in the guide and when it is time to install VPN server touch base with us.

so in order to do it properly,

step 1 :

uci set network.@switch_vlan[0].ports='1 2 3 6t'
uci -q delete network.@switch_vlan[1]
uci commit
/etc/init.d/network reload

step 2 nothing.

step 3 :

uci -q delete network.wan
uci -q delete network.wan6
uci commit network
/etc/init.d/network reload
uci -q delete firewall.wan
uci set firewall.lan.masq=1
uci commit firewall
/etc/init.d/firewall restart
uci set dhcp.lan.ignore=1
uci commit dhcp
/etc/init.d/dnsmasq restart

step 4 :

/etc/init.d/odhcpd disable
/etc/init.d/odhcpd stop

final step

/etc/init.d/network reload
reboot now

Then i come back, right?

And do i have to move wan rj45 cable to lan port ? if yes when?

You are missing the part of the lan ip address in the 192.168.4.x/24, GW 192.168.4.1, NS 192.168.4.1 (or dhcp client)
It is at the beginning of step 1.

Yes, install vpn server and get back here.

You can keep the cable connected to a lan port all the time. Or connect by wifi. At the end of step 1 that you change the IP address, you need to change the IP on your PC that configures the router too. Otherwise you'll lose connectivity. If you select dhcp client, then you'll connect wan port of your router to the lan of your provider, in order for the router and your pc to get the new IP.
If you don't feel so comfortable with uci commands, it is perfectly fine to use the web interface too.

it's something to do on the openwrt or not because the openwrt already has a static ip adress given by my provider's router ?
If yes do you have teh uci commands for that ?

for the second part of your message i think i didn't explain correctly :
Here is the actual physic port configuration on the openwrt.

  • WAN port : directly connected to a LAN port of my provider's router
  • LAN1 : connected to my main computer
  • LAN2 : connected to nothing but will be connected to my nintendo switch or a freenas server (temporarly)

I want to know if i have to move the cable plugged on the WAN port to the LAN2 in order to have a LAN-LAN connection between the 2 routers.

From your previous post with the configs the wan interface takes settings from the isp router by dhcp and lan has static 192.168.1.1/24. After you delete the wan interface, the lan interface must either be dhcp client or configure static ip in 192.168.4.x/24 space.

The line

uci set network.@switch_vlan[0].ports='1 2 3 6t'

is assigning the wan port to the lan vlan so the router acts like a switch. So you won't need to move the cable.

ok so

uci set network.lan.ipaddr='192.168.4.25'
uci commit
/etc/init.d/network reload

Here is the list of all commands used :

uci set network.lan.ipaddr='192.168.4.25'
uci commit
/etc/init.d/network reload
uci set network.@switch_vlan[0].ports='1 2 3 6t'
uci -q delete network.@switch_vlan[1]
uci commit
/etc/init.d/network reload

uci -q delete network.wan
uci -q delete network.wan6
uci commit network
/etc/init.d/network reload
uci -q delete firewall.wan
uci set firewall.lan.masq='1'
uci commit firewall
/etc/init.d/firewall restart
uci set dhcp.lan.ignore=1
uci commit dhcp
/etc/init.d/dnsmasq restart

/etc/init.d/odhcpd disable
/etc/init.d/odhcpd stop

/etc/init.d/network reload

all seems good except that i can't install any package of use internet in general (ping/ wget aren't working)

Most likely because you didn't add subnet mask, gateway and dns for the lan interface.
Isn't Luci working for you? It would be much faster and you can always inspect the uci changes before you commit them.

It's because luci is super slow for no reason i always get à timeout (when loading the interface not the Web page itself), it takes arround 5-10min To load a Page but i'll Wait on my next Attempt tomorrow To do it via luci.

Hello,
I just retried with the following list of commands :

uci set network.lan.ipaddr='192.168.4.25'
uci set network.lan.gateway='192.168.4.1'
uci set network.lan.broadcast='192.168.4.255'
uci add_list network.lan.dns='192.168.4.1'
uci commit
reboot now

uci set network.@switch_vlan[0].ports='1 2 3 6t'
uci -q delete network.@switch_vlan[1]
uci commit
/etc/init.d/network reload

uci -q delete network.wan
uci -q delete network.wan6
uci commit network
/etc/init.d/network reload

uci -q delete firewall.wan
uci set firewall.lan.masq='1'
uci commit firewall
/etc/init.d/firewall restart


uci set dhcp.lan.ignore=1
uci commit dhcp
/etc/init.d/dnsmasq restart

/etc/init.d/odhcpd disable
/etc/init.d/odhcpd stop

/etc/init.d/network reload

I probably missed something because i'm still getting Network is unreachable.

P.S : i got the commands from luci for the dns, mask, broadcast, gateway and here is the new lan config :

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.4.25'
        option gateway '192.168.4.1'
        option broadcast '192.168.4.255'
        list dns '192.168.4.1'

a reboot seems to habe fixed the issue.

Now i have another problem...

I'm able to connect to OpenVPN (i'm in 192.168.8.2) but i'm unable to reach any IP on 192.168.4.X

i thinki it's due to those lines...

uci rename firewall.@zone[0]="lan"
uci rename firewall.@zone[1]="wan"
uci rename firewall.@forwarding[0]="lan_wan"
uci del_list firewall.lan.device="tun0"
uci add_list firewall.lan.device="tun0"
uci -q delete firewall.vpn
uci set firewall.ovpn="rule"
uci set firewall.ovpn.name="Allow-OpenVPN"
uci set firewall.ovpn.src="wan"
uci set firewall.ovpn.dest_port="1194"
uci set firewall.ovpn.proto="udp"
uci set firewall.ovpn.target="ACCEPT"
uci commit firewall
/etc/init.d/firewall restart

Maybe replace uci set firewall.ovpn.src="wan" by uci set firewall.ovpn.src="lan"?

SPOILER : no :sweat_smile:

edit n°idk : rerun :

uci -q delete firewall.wan
uci set firewall.lan.masq='1'
uci commit firewall
/etc/init.d/firewall restart

made it work ^^

So I presume everything is working fine now?

1 Like

Yes everything is now perfectly working, Thanks a lot to you and @lleachii ! Sorry for the time you used to help me ^^'

2 Likes

If you could also mark the topic as solved.

3 Likes