Lan port no connection

menomenic · January 10, 2022, 7:00pm

Who can help me?
I configured my router but then i found out that my wired connection did not worked.
So i made a backup,reset the router and put the lines below in the network.config file

config device
	option name 'office'
	option type 'bridge'
	list ports 'lan3'
	list ports 'lan4'

config interface 'office'
	option device 'office'
	option proto 'static'
	option ipaddr '192.168.13.1'
	option netmask '255.255.255.0'

But when i put my wire in lan 4 i don't get internet, i set my firewal to accept all 3, what is wrong why can't i have a connection?

psherman · January 10, 2022, 9:15pm

What device is this? What version of OpenWrt? What is upstream of this OpenWrt device?

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/firewall
ubus call system board

mk24 · January 10, 2022, 9:19pm

Plug and unplug the "LAN4" cable then check the last few lines of the kernel log to see which port actually went up and down. On some hardware, the OpenWrt software port names may not match the writing on the outside of the box.

menomenic · January 10, 2022, 10:34pm

linksys 3200acm with the latest openwrt version.

i tryed this from the wiki it did not work.

# ... in /etc/config/network
config device
	option name 'br-home'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'

config device
	option name 'office'
	option type 'bridge'
	list ports 'lan3'
	list ports 'lan4'

config interface 'home'
	option device 'br-home'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'

config interface 'office'
	option device 'office'
	option proto 'static'
	option ipaddr '192.168.13.1'
	option netmask '255.255.255.0'

Then i made this

config interface 'lan4'
	option proto 'static'
	option device 'lan4'
	option ipaddr '192.168.4.1'
	option netmask '255.255.255.0'
	option type 'bridge'

This works for my lan port i got a connection but when attaching a wifi accespoint i did not get acces with wifi.

I think i'm doing something really stupids, i have some knowledge of computers and network but openwrt is new for me and i'm learning every time a little bit more.

psherman · January 10, 2022, 10:40pm

Please elaborate on this. Did the wireless client devices get IP addresses?

menomenic · January 10, 2022, 10:43pm

Not at all, i hoped the lan port will give one.

What i want is to combine a wifi accespoint with a lan port, in the same subnet.

psherman · January 10, 2022, 10:47pm

There's a lot more to this than just assigning the port. Did you setup a DHCP server for that network? Did you assign it to a firewall zone and ensure it has appropriate settings?

menomenic · January 10, 2022, 10:56pm

I assigned a firewall zone and the dhcp server.

When i make a bridge in device and a interface connecting to it, then i add a lan port to the device and in wireless i make a wifi accespoint connecting to that interface the wifi works but not the wired lan port.

under this is my original network.config, problem is that i don't get a connection wired with a lanport, wifi is working good

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 

config device
	option name 'wan'
	option macaddr

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'

config interface 'wan6'
	option device 'wan'
	option proto 'dhcpv6'

config device
	option type '8021q'
	option ifname 'lan4'
	option vid '40'
	option name 'x'

config interface 'guest'
	option proto 'static'
	option ipaddr '192.168.10.1'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-guest'

config interface 'home'
	option proto 'static'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-home'

config interface 'iot'
	option proto 'static'
	option ipaddr '192.168.3.1'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-iot'

config interface 'x'
	option proto 'static'
	option ipaddr '192.168.40.1'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-x'

config interface 'secure'
	option proto 'static'
	option ipaddr '192.168.4.1'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-secure'

config device
	option type 'bridge'
	option name 'br-x'
	list ports 'lan4'

config device
	option type 'bridge'
	option name 'br-guest'
	list ports 'lan1'

config device
	option type 'bridge'
	option name 'br-home'
	list ports 'lan2'

config device
	option type 'bridge'
	option name 'br-iot'
	list ports 'lan3'

config device
	option type 'bridge'
	option name 'br-secure'
	list ports 'lan4

'

psherman · January 10, 2022, 11:00pm

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

menomenic · January 11, 2022, 4:15pm

this are the files.

network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix ''

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device
	option name 'wan'
	option macaddr ''

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'

config interface 'wan6'
	option device 'wan'
	option proto 'dhcpv6'

config device
	option type '8021q'
	option ifname 'lan4'
	option vid '40'
	option name 'x'

config interface 'guest'
	option proto 'static'
	option ipaddr '192.168'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-guest'

config interface 'home'
	option proto 'static'
	option ipaddr '192.168'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-home'

config interface 'iot'
	option proto 'static'
	option ipaddr '192.168'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-iot'

config interface 'x'
	option proto 'static'
	option ipaddr '192.168'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-x'

config interface 'secure'
	option proto 'static'
	option ipaddr '192.168'
	option netmask '255.255.255.0'
	option type 'bridge'
	option device 'br-secure'

config device
	option type 'bridge'
	option name 'br-x'
	list ports 'lan4'

config device
	option type 'bridge'
	option name 'br-guest'
	list ports 'lan1'

config device
	option type 'bridge'
	option name 'br-home'
	list ports 'lan2'

config device
	option type 'bridge'
	option name 'br-iot'
	list ports 'lan3'

config device
	option type 'bridge'
	option name 'br-secure'
	list ports 'lan4'

wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option hwmode '11a'
	option path 'soc/soc:pcie/pci0000:00/0000:00:01.0/0000:01:00.0'
	option channel '153'
	option country 'NL'
	option cell_density '1'
	option distance '10'
	option frag '2346'
	option rts '2347'
	option htmode 'VHT20'

config wifi-device 'radio1'
	option type 'mac80211'
	option hwmode '11g'
	option path 'soc/soc:pcie/pci0000:00/0000:00:02.0/0000:02:00.0'
	option htmode 'HT20'
	option cell_density '0'
	option channel '8'
	option country 'NL'
	option distance '10'
	option frag '2346'
	option rts '2347'

config wifi-device 'radio2'
	option type 'mac80211'
	option channel '34'
	option hwmode '11a'
	option path 'platform/soc/soc:internal-regs/f10d8000.sdhci/mmc_host/mmc0/mmc0:0001/mmc0:0001:1'
	option htmode 'VHT80'
	option disabled '1'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'
	option macaddr ''
	option disabled '1'

config wifi-iface 'wifinet1'
	option device 'radio0'
	option mode 'ap'
	option encryption 'sae-mixed'
	option isolate '1'
	option key ''
	option wpa_disable_eapol_key_retries '1'
	option ssid '@guest 5GHZ'
	option network 'guest'
	option ieee80211w '0'
	option disabled '1'

config wifi-iface 'wifinet2'
	option device 'radio0'
	option mode 'ap'
	option encryption 'sae-mixed'
	option isolate '1'
	option key ''
	option wpa_disable_eapol_key_retries '1'
	option ssid '@home 5GHZ'
	option network 'home'
	option disabled '1'
	option ieee80211w '0'

config wifi-iface 'wifinet3'
	option device 'radio0'
	option mode 'ap'
	option encryption 'sae-mixed'
	option key ''
	option network 'iot'
	option ssid '@castle 5Ghz'
	option disabled '1'
	option ieee80211w '0'

config wifi-iface 'wifinet4'
	option device 'radio0'
	option mode 'ap'
	option encryption 'sae-mixed'
	option key ''
	option wpa_disable_eapol_key_retries '1'
	option network 'secure'
	option ssid '@secure 5Ghz'
	option ieee80211w '0'

config wifi-iface 'wifinet5'
	option device 'radio1'
	option mode 'ap'
	option ssid '@castle'
	option encryption 'sae-mixed'
	option key ''
	option network 'iot'
	option disabled '1'
	option ieee80211w '0'

config wifi-iface 'wifinet6'
	option device 'radio1'
	option mode 'ap'
	option encryption 'sae-mixed'
	option key ''
	option wpa_disable_eapol_key_retries '1'
	option ssid '@x'
	option isolate '1'
	option network 'x'
	option ieee80211w '0'

dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	option ra_slaac '1'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'secure'
	option interface 'secure'
	option start '100'
	option limit '150'
	option leasetime '12h'
	list ra_flags 'none'

config dhcp 'iot'
	option interface 'iot'
	option start '100'
	option limit '150'
	option leasetime '12h'
	list ra_flags 'none'

config dhcp 'home'
	option interface 'home'
	option start '100'
	option limit '150'
	option leasetime '12h'
	list ra_flags 'none'

config dhcp 'guest'
	option interface 'guest'
	option start '100'
	option limit '150'
	option leasetime '12h'
	list ra_flags 'none'

config dhcp 'x'
	option interface 'x'
	option start '100'
	option limit '150'
	option leasetime '12h'
	list ra_flags 'none'

firewall

config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option synflood_protect '1'

config zone
	option name 'lan'
	list network 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option name 'Guest'
	option output 'ACCEPT'
	option input 'REJECT'
	option forward 'REJECT'
	list network 'guest'

config zone
	option output 'ACCEPT'
	option name 'home'
	list network 'home'
	option input 'REJECT'
	option forward 'REJECT'

config zone
	option name 'IoT'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	list network 'iot'

config zone
	option name 'Secure'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'secure'

config zone
	option name 'wan'
	list network 'wan'
	list network 'wan6'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option proto 'esp'
	option target 'ACCEPT'
	option dest 'Secure'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'
	option dest 'Secure'

config rule
	option name 'Support-UDP-Traceroute'
	option src 'wan'
	option dest_port '33434:33689'
	option proto 'udp'
	option family 'ipv4'
	option target 'REJECT'
	option enabled '0'

config include
	option path '/etc/firewall.user'

config forwarding
	option src 'Guest'
	option dest 'wan'

config forwarding
	option src 'home'
	option dest 'wan'

config forwarding
	option src 'IoT'
	option dest 'wan'

config forwarding
	option src 'Secure'
	option dest 'wan'

config rule
	option name 'Guest DHCP & DNS'
	option target 'ACCEPT'
	option dest_port '53 67 68'
	option src 'Guest'

config rule
	option dest_port '53 67 68'
	option target 'ACCEPT'
	option name 'Home DHCP & DNS'
	option src 'home'

config rule
	option name 'IoT DHCP & NAT'
	option target 'ACCEPT'
	option dest_port '53 67 68'
	option src 'IoT'

RadioOperator · January 11, 2022, 5:02pm

By my experience,

start from OpenWrt official build with official full reset. This will make the LAN port ok and WiFi not enabled.
login Luci and do LAN / WiFi configs in Luci. No need touch WAN / firewall.....use defaults.
make the router can connect to internet.

Then, study your personal build / other people's builds.

menomenic · January 11, 2022, 5:17pm

I started this thread with a clean basic router and a simple question so there will not be any miscommunication and i can learn what i did wrong.

RadioOperator · January 11, 2022, 5:37pm

If openwrt official build cannot make your router LAN port work, you should find the root causes first.

menomenic · January 11, 2022, 5:43pm

When going to the basic.
How to setup a seperated lan port when you remove this from br-lan, when you put in a wire you have internet with it?

RadioOperator · January 11, 2022, 5:50pm

Using official build, connect LAN port to start Luci, connect WAN port to your ISP router to connect internet, just plug the wires.
If you want to use WiFi to connect internet, set up wifi in luci, no CLI needed.

menomenic · January 11, 2022, 6:28pm

That works, i want to remove some lan ports form the br-lan and make seperate one with wifi.

I have readed the wiki and did a setup but i didn't work.

my router is a linksys 3200acm with the latest version of a originial openwrt.

RadioOperator · January 11, 2022, 6:43pm

This is more complex to me, I donot know how to seperate the 4 Lan ports into different zones.
VLAN? Routes configs? You have to study it youreslf.

psherman · January 11, 2022, 7:11pm

I agree with @RadioOperator that you should reset to defaults and then work from there. If you have too many variables in play and things aren't working, it becomes much harder to diagnose than a simple, nearly default config.

If you want each individual physical LAN port to be assigned to a different network, that is totally possible to manage. But you should start simple and build upon good foundations. The default configuration will have a single LAN. From there, you can add one additional network and assign it to one of the ethernet ports to verify that the config is correct and that everything is working as you want. Once that is proven, it is easy to repeat the process for each additional network.

menomenic · January 11, 2022, 7:23pm

This is correct, and want this option to i have reset the router to its default.
But know how to make a seperate lan port?

I did in network>interface>static adress attached to the lan4 port.
But when connecting the utp cable it doesn't make a connection

psherman · January 11, 2022, 7:33pm

Have you verified that the port lights up properly in the default configuration? It is good to rule out physical issues such as a damaged port, bad cable, or bad/disconnected downstream device.