Hi all, flashed my router with OpenWrt once again after breaking one device last year 
Now in the meantime I've taken connection from a national level ISP for better international internet consistency but unlike my previous ISP this one provided me with a pandora's box kind Modem+Router combo. I can't turn on bridge mode on it as ISP ignoring to give me with their VLAN id, I can't turn off the WiFi as it still shows as an hidden WiFi signal, even this ISP doesn't give a Static IP even when I've asked them to pay for it. So I'm pretty much locked from every aspect.
Now this point I want to setup my newly flashed OpenWrt router(Tp-Link archer A7) in front of the ISP provided one so that all my home devices traffic goes through OpenWrt one.
How can I set up WAN and Wi-Fi in this case?
My desired topology will be like below
Based on the diagram and the ips shown, just plug in your openwrt router. Connect the openwrt wan port to the upstream lan port and it should just work.
You pretty much just take the default OpenWrt config for wan, lan & firewall. There will be double NAT.
(Luckily your ISP modem is already using 192.168.31.x subnet, so the default 192.168.1.1 is ok for the OpenWrt router.)
Regarding wifi, pretty much similar advice: just configure OpenWrt wifi normally. And tell the OpenWrt wifi SSID and password to your client devices, so that they will use the OpenWrt wifi.
You can just ignore the ISP router wifi. As long as you do not configure your devices to know the SSID password for that ISP modem wifi, it will sit there empty and unused.
Thanks for replying, yes I've also just seen that the internet is working as DHCP is already enabled on OpenWrt by default but I was wondering how I can setup my OpenWrt box with ISP already providing private IP as a Static IP? That is if ISP directly give me 10.x.x.x then how can I setup my router?
Yes, I'm already behind not double but behind a triple NAT 
but we users here can't do anything as static IP costing is skyrocketing day by day hope IPv6 will be given soon to the users
What static IP ?
You just said above that you can't turn on bridge mode on the ISP modem, so it will likely have 10.x.x.x as its wan and will provide a local 192.168.31.x as its lan, right? (for the OpenWrt router).
If you can configure the ISP modem/router to give static CGNAT addresses to downstream devices (like the OpenWrt router), then you just take the correct parameters (IP, netmask, gateway IP, DNS server IP), and change the OpenWrt router Wan from DHCP to static and set all the parameters there.
Yes, you're absolutely right as 10.x.x.x goes to my current ISP modem as comes out of it's lan as 192.168.31.x which then going to my OpenWrt box's WAN port so in tis case it's just working fine, But as I told in my first post that I took this new ISP but I've another ISP connection which provides me a NAT IP 10.x.x.x as a static IP by directly giving through a Cat6e cable to my home, so in that case how can I setup my box?
As long as you have:
- all the required IP information
- connection method (static, DHCP, PPPoE)
- if static: IP, subnet mask, router/gateway, DNS
- if pppoe: connection credentials
- VLAN ID, if used
- connection method (static, DHCP, PPPoE)
- A standard RJ45 ethernet connection from your ISP
and assumng that the ISP doesn't have 'special sauce' that requires their box, you can remove the ISP router and plug the OpenWrt wan into the incoming ISP connection with the above information.
If you're paying extra for a static IP in the 10.x.x.x block, there is no point unless they also offer port forwarding (and if you need that) through to your static IP.
I already answered:
But very commonly those FTTH/FTTB connections still are DHCP based. Are you sure that it is static? Have they given you all those parameters that I (and psherman) listed?
Nope it's not a static IP at all. How can be a 10.0.0.0-10.255.255.255 block be a static IP? But you know what, I've seen that most of the consumer don't know or have no interest to know regarding this as long as their Netflix, Amazon Prime Videos, YouTube or Facebook kind of stuffs are working and as most of the people don't tinker around with ISP router or don't have a homelab setup which they need to access outside they don't want to understand the benifit of real static IP 
Nowadays I'm seeing every ISP here no matter if it's big player or small is shifting to their modem+router combo with a custom OS(not to be mentioned that it's just an OpenWrt fork only), blocking almost every single ports and just completely locking the router for users in the name of providing better security and connectivity.
But to my opinion it's happening due to shortage of IPv4. As first they are ignoring to provide with static IP address or to open the ports, but if someone insists them they are saying that customer have to pay around $3 bucks/month for opening a single port or somewhere around $100/month for an actual static IP address that too without internet bandwidth as it has to be paid separately
Is there any reason why you cannot junk your ISP kit completely? In my experience (working at several large UK ISPs, they are invariably junk and filled with spyware like TR069).
If you have a FFTH connection you should just be able to plug your router into the ONT.
If you're still on ADSL get a standalone modem (like a Draytek vigor) and put that between your OpenWRT router and your phone line.
You'll need your username and pass to configure in OpenWRT
Does your ISP have a support forum? Maybe someone can give you the VLAN ID you seem to need.
For me, one of the big features of using OpenWRT was to get untrusted ISP kit off my LAN
Yes this is a ftth connection so they can be replaced by ONT device as some users have already tried with Tp-Link XZ000-G3 GPON terminal but connection becomes unreliable and bandwidth also drops by almost 40% so it's not a good option.
And yes TR-69 is enabled and can't be desibled
ISP has one official forum and there are 2/3 unofficial local forum but no one properly knows vlan id still now and in this case I think if someone knows it they are not sharing it with other guys maybe due to security reasons or anything, only god knows itπ
Here are some screenshot of my isp box
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.