Because I need an Access point for my wifi printer, I’ve decided to setup my second openwrt router as wifi access point.
I made the following:
First router (main) :
LAN interface on 192.168.1.1
DHCP Activated, range 192.168.1.100 to 192.168.1.150
WIFI activated (SSID: WIFI_1)
Second router (wifi access point):
LAN interface on 192.168.1.2, gateway & DNS defined on 192.168.1.1
DHCP Disactivated, DNS Disactivated, Firewall Disactivated
WIFI activated (SSID: WIFI_2)
Cable connected from LAN port of the main router to LAN port of the second router
When I connect as client on WIFI_1, I can ping and see the client on all LAN range (for instance, I can login on 192.168.1.2, and the Wifi Printer connected on WIFI_2 is visible and usable)
When I connect as client on WIFI_2, I can ping and see the client on all LAN range (for instance, I can login on 192.168.1.2 either 192.168.1.1, and the Wifi Printer connected on WIFI_2 is visible and usable)
Conclusion, using any of Wifi gives me the correct behaviour
Now, when I connect as client on LAN of the first (main) router, I CAN’T ping and see the clients which are connected on the second router (for instance, I can login on 192.168.1.1 but NOT possible on 192.168.1.2, and the Wifi Printer connected on WIFI_2 is NOT visible – no ping response - and NOT usable)
I’m really lost & stuck on this issue. Routers are ZBT-WE3526 (OpenWrt 19.07.2) and NETGEAR WNR2000 V4 (OpenWrt 17.01.7)
It sounds like maybe one of these devices can’t handle more than one MAC address on each port (Ie wasn’t designed to handle that), or some other reason that’s affecting arp. I have exactly the same setup with 2 dumb ap devices and they work fine.
Wait and see if anyone else replies with other ideas. If no one does , one option you could do is change the IP on the router that’s hosting the printer to another range, eg 192.168.2.1/255.255.255.0 , and turn dhcp back on . You would then connect a lan port on main router to the wan port on the not-so-dumb ap router. And finally you’ll then need to a add static route on your main router for the range 192.168.2.0, mask 255.255.255.0 that points to the ip of your ap device.
Please edit the post above and use preformatted text (the </> button) for the output from SSH. @ZBastien it is still not correct. There is no indentation and it is hard to read. Edit the previous post, delete all the contents, produce the output one more time, copy it, then press the preformatted text button and immediately paste and save.
I'm going to guess that you're seeing some weird switch / network broadcast bug. You should be able to run 19.X on your WNR2000 however without the WebUI which probably will solve a lot of your weird issues. As far as I can tell your setup should work at least if you connect using IP.
Except for a few mistakes, like the dns in lan interface (move them to wan interface instead),
the ACCEPT policy in wan input (make it REJECT), the wan->lan forwarding (you don't need that), and the legacy rates in wireless config (use them only if you have some old 11b/g device) I don't see anything wrong here.
Do the following:
Found: switch0 - ag71xx-mdio.0
swconfig dev switch0 show
If it tells you that it found something else than switch0, use that one.
When you really do have everything bridged into the LAN it should just work. The firewall has no effect on that sort of network since the bridging is at layer 2 and the firewall operates on layer 3.
The switch show shows there are more ports up (cables plugged in) than the diagram in the first post shows. Make sure you understand the logical switch port vs. physical numbers on the Ethernet ports. The two lan side cables must be plugged into ports that are in the same VLAN, the one that also has the LAN attached to the CPU port.
On the second router you can go with a default configuration, turn off the DHCP server, set a static IP on the LAN (to 192.168.1.2), and enable wifi. Again make sure the cable is plugged into the LAN VLAN. The WNR2000 has a separate CPU port for the WAN connection on the back, which you aren't using.
Actually the first router should also be running very close to a default configuration, as it is operating as a conventional home router. Start with default configuration, set up a WiFi AP, don't change anything else.
A main router with a wired connection to a dumb AP is about the second-simplest network that can be deployed, again I emphasize do not stray far from default configuration as you don't need to.
Thank you. Unfortunately it does not fix the trouble.
I saw on my switches (hub ppoe) I have a button for VLAN and Default. I was on VLAN, so I changed for Standard. Then check the network file on each router to remove the "option igmp_snooping '1'". Without success.
Now I'm cascading my routers LAN -> WAN (with a static route).
Tonight I will reinstall the second router and link them as LAN->LAN. Additionally I will remove the switches to see they are involve in this problem.
Keep you in touch.
Another point: the option dns '188.8.131.52 184.108.40.206 220.127.116.11' on LAN is installed like that in the version 19.04 and not on WAN (I've used the GUI)
On the technical specifications of the hub (Tenda TEG1105P-4-63W):
Standard: the switch functions as a common unmanaged switch and all the ports of the switch can communicate with each other.
VLAN: In this mode,1-4 ports of the switch cannot communicate with each other, but can communicate with the 5 port .Solid DIP switch to isolate ports to prevent broadcast storm and defend DHCP spoofing
It was a rhetorical question, because it wasn't on the diagram of the first post.
The switch on the back of the Tenda should be on Standard, otherwise ports 1-4 will not communicate with each other. In any case it is better to test without it, as god knows what other limitation it might have.
I changed the lan cable from UPLINK port of the HUB to another one (which is not uplink and now because all ports can discuss together) and now it seems to work (for solution try#2). My Laptop can see everything on the network (1.x or 2.x)
Tonight I'll check for the try#1. And if it's ok, I add "solved"