How to config for WAN and WWAN for on the road wifi

I travel all over the UK in my work, I tend to stay in cheap B&B places with no wifi but looking around there are residential properties nearby where BT hotspots exist, I am a BT customer so I can use these for free if I login, but the signal is not good enough for my devices.

What is needed is an router, configured as an client to pick up the wifi signal and then make it available to my devices via wifi and cable (for my Roku).

When I get back home I want to use the same router to use WAN port for cable connected Internet.

Thus far this has been a total failure, I can see the wifi hotspot signal on my Linksys Wrt32x when I scan for it and I can get an IP and DCHP lease for it, but the IP changes so I can't hard wire any route into it, other than it is always a 100.x.x.x/16 network.

Are there firewall settings I need to change?

How would I configure the interfaces in OpenWrt to make this work?

I can see the connection as a client is working on the OpenWrt status page

The Wifi Hotspot is transmitted without encryption and on a Laptop or phone would take me to my BT Login page, but that never happens with devices connected to the Wrt32x whether by cable or Wifi.

Do I need to configure some sort of route from to or is there more to it?

Ideally I would like the thing to be plug and play, so that when I return home I just plug in the Wan cable and it figures is out, but if I have to connect and disable something I am OK with that.

Consider using Travelmate. It's tailor made for what you want.


The wan dhcp process should install a default route, whether it is wireless or wired. This situation does not call for any manually installed routes.

The default firewall will NAT from the lan zone to the wan zone, which is what you want. The operating wan interface must be in the wan zone. If you use the existing "wan" network it already is. If you add a new network such as "wwan", you need to add it to the wan firewall zone.

I would suggest removing the wired wan and concentrate on wireless until you get that working, then you can switch back to Ethernet either manually or automatically with something like the mwan3 package.

1 Like

Thanks very much for your reply.

That looks very interesting and something I should look into but it also looks complex for a newb like me and I am just getting my head around OpenWrt for now. Once I have this working I need to get my head around OpenVPN or similar but one thing at a time.

A friend told me that they have achieved this with OpenWrt and I would like to see if I can do it, my boss agreed to pay the one off cost of the router, so I bought two (one has not arrived yet).

It is so irritating to see on the status screen that the router has managed to logon to the client network, but I can't get it to throw me the login page.

Try entering a non-https address in your browser such as to see if you get the proper bounce to the captive page.

A modern captive portal will send as a strong hint the address of its login page over DHCP option 114 but I am not sure how to get that from OpenWrt.


I can't see any routes added but I assume that is done under the hood, thanks for clarifying that I do not need to configure any routes manually, one less thing to investigate

Forgive me being dumb, how exactly do I add it to the firewall zone, there are so many options,

You need to disable “dns rebind checking” under the networking/dhcp and dns settings menu. Then you will get the bt login page.


Hi Bam, does disabling this introduce any security issues?

Think it’s the only way to accomplish this, probably need to use a vpn for security.

1 Like

Which VPN would you say is easiest for a newb without too much loss of functionality?

So here is a mystery,

This works but a friend lent me an old TP-Link with 19.07 to check out their settings, I see no extra packages except WGET and it's dependencies, but the TP works without disabling the dns rebind checking.

Nothing stands out as different in the settings, of DNS & DHCP, Network, Wireless or Firewall.

Any ideas why this might be working for the TP and not for any routers I try unless I disable?

Sorry I don't know why that happens, I have used several different models of ubiquiti,Meraki MR16, Netgear R6220 and a TP-Link WR1043 v1 and every one of them has required the dns rebind check to be disabled.
I have been using it as my main internet gateway for approx 2 years now.

DNS rebind doesn't allow public nameservers to return private IPs. In the case of the ISP nameservers this might be necessary to be excluded, as they can be using private IPs in their infrastructure.

1 Like

That means you were receiving upstream DNS replies that had Price Addresses as responses.

What I do is:

  • use a machine
  • connect
  • make note of the captive portal link (hopefully no MAC address - if not spoof the OpenWrt WWAN)
  • Connect the OpenWrt and then use the link :wink: