How to access second openwrt router

i have two openwrt router with different IP
Router 1 (192.168.2.1)
Router 2 (192.168.3.1)

how to access router 2 if i access it from router 1 network?
(let say i want to acess router 2 from computer 2)

Are you trying to access router 2 itself, or the network behind router 2?

Also, what is the purpose of router 2? Since both devices are running OpenWrt, you may be able to simplify your configuration.

1 Like

i want to access router 2 (it has rtsp viewing app installed on router 2, as it has enough cpu and ram power to process it, but only have 1 lan port)

router 1 has weaker cpu is used to spread internet across my device

Since router 2 is behind router 1, and therefore presumably on a trusted network, you can set the wan zone's input rule to ACCEPT in the firewall. (this should never be done if the wan is connected to an untrusted upstream network).

You can, however, consider a few options:

  1. Make router 2 a member of your main LAN (similar to a dumb AP config) rather than the current cascaded configuration where it is connected lan-wan.
  2. disable masquerading on your 2nd router's wan firewall zone, and add a route on the main router (192.168.3.0/24 via 192.168.2.x where x is the IP address of router 2's wan)
  3. Make router 2 your main router, and then connect router 1 as a dumb AP and switch.
2 Likes

I usually have 3-4-5 routers set up like your "router 2", all subnet routers, and I just open up the three ports I care about to the "router 1" zone. Note that this is on the router that is inside the local network, and doing this on your "router 1" would be very dangerous.

EDIT
My use case is not a production one, it's to test the subnet routers and their configurations, so I need to control the WAN side traffic. Your use case appears to be quite different than mine, so pay attention to @psherman's response and only glance at mine.

i need help on doing firewall setup, since i don't know much about openwrt

i've done the first step (dumb ap config), and make the router 2 ip in the same segment as router 1 ip

router 2 ip is now 192.168.2.3 (static ip instead of dhcp)
router 1 ip is 192.168.2.1
router 2 wan is connected to router 1 lan port

but i still can't access router 2 ip address from router 1 (i can't ping to 192.168.2.3 either), is it firewall issues?
is there any detailed guide for a newbie like me?

you talk to it via it's ip ether 4 or 6
but what you really need to do is make router 2 a dumb device & not double nat
what is router 2 and will a dumb device do the thing you want ?

i forgot to set router 2 dns...
now i have set router 1 ip as router 2 dns

and now i can ping router 2 ip from router 1
i can also ping router 1 ip from router 2

i can access router 1 luci interface from router 2
but i still can't access router 2 luci interface from router 1

what do i need to solve this? and what is double nat?
i want to use router 2 as cctv server, since it has enough cpu power to process some rtsp streams.... but it only has 1 wan port & 1 lan port (and the device doesn't use gigabit ethernet... so if i put router 2 as main router it will slow my ethernet speed...)

NAT the was ipv4 lets your local devices pretend to be one device on the internet

simply to make a device DUMB you have to do these things
remove the wan network you don't want it anymore
change lan to static local ip or dhcp
add old wan port lan network
turn off dhcp servers for both ipv4 and 6

this way all ports are still in the LAN firewall setting witch disables NAT

maybe a better description rather then dump device is client device not active router

this is a script i use to do most of it for me
but as i don't know the device it won't map the wan port
default your router 2 run this in a ssh terminal
after or while booting pug it's lan into you lan
if will get an ip from dhcp
find it's in router 1 & add wan port to lan etc

uci set network.lan.proto="dhcp"
uci del network.lan.ipaddr
uci del network.lan.netmask
uci del network.lan.ip6assign
uci set network.lan.delegate='0'

uci del network.wan6
uci set network.lan6=interface
uci set network.lan6.proto='dhcpv6'
uci set network.lan6.device='@lan'
uci set network.lan6.reqaddress='try'
uci set network.lan6.reqprefix='no'
uci commit network

uci del firewall.cfg02dc81.network
uci set firewall.cfg02dc81.network='lan lan6'
uci commit firewall

/etc/init.d/dnsmasq disable
/etc/init.d/dnsmasq stop

uci del dhcp.lan
uci del dhcp.wan
uci del dhcp.odhcpd
uci set dhcp.lan=dhcp
uci set dhcp.lan.interface='lan'
uci set dhcp.lan.ignore='1'
uci add_list dhcp.lan.ra_flags='none'
uci commit dhcp

/etc/init.d/odhcpd disable
/etc/init.d/odhcpd stop

echo "# Put your custom commands here that should be executed once" > /etc/rc.local
echo "# the system init finished. By default this file does nothing." >> /etc/rc.local
echo "" >> /etc/rc.local
echo "/etc/init.d/dnsmasq disable" >> /etc/rc.local
echo "/etc/init.d/dnsmasq stop" >> /etc/rc.local
echo "/etc/init.d/odhcpd disable" >> /etc/rc.local
echo "/etc/init.d/odhcpd stop" >> /etc/rc.local
echo "exit 0" >> /etc/rc.local

reboot

Connect LAN from router 1 to LAN from router 2 to begin with.

But as @Lucky1 pointed out, setup as a dumb AP

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.