Hello,
because they are working on the physical network outside my house I wanted to connect my Huawei P30 Android smartphone to my Netgear router using USB tethering.
I followed the instructions on : https://openwrt.org/docs/guide-user/network/wan/smartphone.usb.tethering
I can see the interface is up running and it is assigned to WAN. But I can't ping openwrt.org from diagnostics in Luci or open pages on my connected PC.
What did I do wrong? or forgot?
Thank you very much.
greets tom
Hello, in LuCi->Network->Interfaces->TetheringWAN->Physical settings, I enabled Bridge interfaces and in Interfaces I selected wan,wan6 and usb0.
After save and Apply it seems to work and my lan can access the internet.
Because I want to use my phone as a backup line in case of WAN failure, is this the correct way to connect?
Secondly, can I leave this setting as is and will it revert to my WAN when it's back online?
Thank you very much.
No, don't bridge different wan interfaces.
Undo that and post here the following.
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have
ubus call system board; \
uci export network; uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
ubus call system board; \
> uci export network; uci export dhcp; uci export firewall; \
> head -n -0 /etc/firewall.user; \
> ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
> ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.*
/tmp/resolv.* /tmp/resolv.*/*
{
"kernel": "4.14.221",
"hostname": "Netgear_R-7800",
"system": "ARMv7 Processor rev 0 (v7l)",
"model": "Netgear Nighthawk X4S R7800",
"board_name": "netgear,r7800",
"release": {
"distribution": "OpenWrt",
"version": "19.07.7",
"revision": "r11306-c4a6851c72",
"target": "ipq806x/generic",
"description": "OpenWrt 19.07.7 r11306-c4a6851c72"
}
}
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd36:54c6:1cb8::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth1.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.8.1'
option gateway '192.168.1.1'
config interface 'wan'
option ifname 'eth0.2'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.1.2'
option gateway '192.168.1.1'
list dns '192.168.1.1'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 0t'
config interface 'guest'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option gateway '192.168.1.2'
config interface 'TetheringWAN'
option proto 'dhcp'
option type 'bridge'
option ifname 'eth0.2 usb0'
package dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
list server '192.168.8.1#5353'
config dhcp 'lan'
option interface 'lan'
option limit '150'
option ra 'server'
option ra_management '1'
option start '10'
option leasetime '168h'
option dhcpv6 'disabled'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'guest'
option interface 'guest'
option start '100'
option limit '150'
option leasetime '1h'
package firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option network 'lan wg0'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6 TetheringWAN'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config redirect
option src 'wan'
option name 'L2TP (VPN)'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
option dest_port '1701'
option src_dport '1701'
config redirect
option src 'wan'
option name 'PPTP (VPN) '
option src_dport '1723'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
option dest_port '1723'
config redirect
option src 'wan'
option name 'L2TP (VPN)'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
option dest_port '1701'
option src_dport '1701'
config redirect
option src 'wan'
option name 'PPTP (VPN) '
option src_dport '1723'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
option dest_port '1723'
config redirect
option src 'wan'
option name 'OPENVPN (VPN)'
option dest 'lan'
option dest_ip '192.168.8.252'
option target 'DNAT'
option dest_port '1194'
list proto 'tcp'
list proto 'udp'
option src_dport '1194'
config redirect
option dest_port '13131'
option src 'wan'
option name 'telnet'
option src_dport '13131'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config redirect
option dest_port '8081'
option src 'wan'
option name 'webserver'
option src_dport '8081'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config redirect
option dest_port '500'
option src 'wan'
option src_dport '500'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
option name 'ISAKMP (VPN)'
config redirect
option dest_port '4500'
option src 'wan'
option name 'IPSec NAT (VPN)'
option src_dport '4500'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
config redirect
option dest_port '20'
option src 'wan'
option name 'FTP (DATA)'
option src_dport '20'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config redirect
option dest_port '21'
option src 'wan'
option name 'FTP (CONTROL)'
option src_dport '21'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config rule
option src '*'
option target 'ACCEPT'
option proto 'udp'
option dest_port '51820'
option name 'Allow-Wireguard-Inbound'
config redirect
option dest_port '1197'
option src 'wan'
option name 'Openvpn (client'
option src_dport '1197'
option target 'DNAT'
option dest_ip '192.168.8.251'
option dest 'lan'
config rule
option src '*'
option target 'ACCEPT'
option proto 'udp'
option dest_port '51820'
option name 'Allow-Wireguard-Inbound'
config rule
option src '*'
option target 'ACCEPT'
option proto 'udp'
option dest_port '51820'
option name 'Allow-Wireguard-Inbound'
config zone 'guest'
option name 'guest'
option network 'guest'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
config forwarding 'guest_wan'
option src 'guest'
option dest 'wan'
config rule 'guest_dns'
option name 'Allow-DNS-Guest'
option src 'guest'
option dest_port '53'
option proto 'tcp udp'
option target 'ACCEPT'
config rule 'guest_dhcp'
option name 'Allow-DHCP-Guest'
option src 'guest'
option dest_port '67'
option proto 'udp'
option family 'ipv4'
option target 'ACCEPT'
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.8.1/24 brd 192.168.8.255 scope global br-lan
valid_lft forever preferred_lft forever
9: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-TetheringWAN state UP qlen 1000
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0.2
valid_lft forever preferred_lft forever
10: br-guest: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.3.1/24 brd 192.168.3.255 scope global br-guest
valid_lft forever preferred_lft forever
17: br-TetheringWAN: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.42.216/24 brd 192.168.42.255 scope global br-TetheringWAN
valid_lft forever preferred_lft forever
default via 192.168.42.129 dev br-TetheringWAN src 192.168.42.216
192.168.1.0/24 dev eth0.2 scope link src 192.168.1.2
192.168.3.0/24 dev br-guest scope link src 192.168.3.1
192.168.8.0/24 dev br-lan scope link src 192.168.8.1
192.168.42.0/24 dev br-TetheringWAN scope link src 192.168.42.216
broadcast 127.0.0.0 dev lo table local scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
local 127.0.0.1 dev lo table local scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
broadcast 192.168.1.0 dev eth0.2 table local scope link src 192.168.1.2
local 192.168.1.2 dev eth0.2 table local scope host src 192.168.1.2
broadcast 192.168.1.255 dev eth0.2 table local scope link src 192.168.1.2
broadcast 192.168.3.0 dev br-guest table local scope link src 192.168.3.1
local 192.168.3.1 dev br-guest table local scope host src 192.168.3.1
broadcast 192.168.3.255 dev br-guest table local scope link src 192.168.3.1
broadcast 192.168.8.0 dev br-lan table local scope link src 192.168.8.1
local 192.168.8.1 dev br-lan table local scope host src 192.168.8.1
broadcast 192.168.8.255 dev br-lan table local scope link src 192.168.8.1
broadcast 192.168.42.0 dev br-TetheringWAN table local scope link src 192.168.42.216
local 192.168.42.216 dev br-TetheringWAN table local scope host src 192.168.42.216
broadcast 192.168.42.255 dev br-TetheringWAN table local scope link src 192.168.42.216
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
ls: /tmp/resolv.*/*: No such file or directory
lrwxrwxrwx 1 root root 16 Feb 15 16:22 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r-- 1 root root 32 Jun 25 10:01 /tmp/resolv.conf
-rw-r--r-- 1 root root 90 Jun 25 11:35 /tmp/resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf.auto <==
# Interface TetheringWAN
nameserver 192.168.42.129
# Interface wan
nameserver 192.168.1.1
head: /tmp/resolv.*/*: No such file or directory
Remove the gateway from the lan interface.
Remove the gateway from the guest interface.
I already asked you to remove the bridge from the TetheringWAN.
Add metrics in wan and TetheringWAN interfaces. Lower metric on wan to have precedence over the TetheringWAN. It would be best to utilize mwan3 for better control over multiple wan interfaces.
Sorry, I posted the wrong version WITH the bridge still activated. My error.
Here is the correct one:
root@Netgear_R-7800:~# ubus call system board; \
> uci export network; uci export dhcp; uci export firewall; \
> head -n -0 /etc/firewall.user; \
> ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
> ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.*
/tmp/resolv.* /tmp/resolv.*/*
{
"kernel": "4.14.221",
"hostname": "Netgear_R-7800",
"system": "ARMv7 Processor rev 0 (v7l)",
"model": "Netgear Nighthawk X4S R7800",
"board_name": "netgear,r7800",
"release": {
"distribution": "OpenWrt",
"version": "19.07.7",
"revision": "r11306-c4a6851c72",
"target": "ipq806x/generic",
"description": "OpenWrt 19.07.7 r11306-c4a6851c72"
}
}
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd36:54c6:1cb8::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth1.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.8.1'
option gateway '192.168.1.1'
config interface 'wan'
option ifname 'eth0.2'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.1.2'
option gateway '192.168.1.1'
list dns '192.168.1.1'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 0t'
config interface 'guest'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option gateway '192.168.1.2'
config interface 'TetheringWAN'
option proto 'dhcp'
option ifname 'eth0'
package dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
list server '192.168.8.1#5353'
config dhcp 'lan'
option interface 'lan'
option limit '150'
option ra 'server'
option ra_management '1'
option start '10'
option leasetime '168h'
option dhcpv6 'disabled'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'guest'
option interface 'guest'
option start '100'
option limit '150'
option leasetime '1h'
package firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option network 'lan wg0'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6 TetheringWAN'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config redirect
option src 'wan'
option name 'L2TP (VPN)'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
option dest_port '1701'
option src_dport '1701'
config redirect
option src 'wan'
option name 'PPTP (VPN) '
option src_dport '1723'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
option dest_port '1723'
config redirect
option src 'wan'
option name 'L2TP (VPN)'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
option dest_port '1701'
option src_dport '1701'
config redirect
option src 'wan'
option name 'PPTP (VPN) '
option src_dport '1723'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
option dest_port '1723'
config redirect
option src 'wan'
option name 'OPENVPN (VPN)'
option dest 'lan'
option dest_ip '192.168.8.252'
option target 'DNAT'
option dest_port '1194'
list proto 'tcp'
list proto 'udp'
option src_dport '1194'
config redirect
option dest_port '13131'
option src 'wan'
option name 'telnet'
option src_dport '13131'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config redirect
option dest_port '8081'
option src 'wan'
option name 'webserver'
option src_dport '8081'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config redirect
option dest_port '500'
option src 'wan'
option src_dport '500'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
option name 'ISAKMP (VPN)'
config redirect
option dest_port '4500'
option src 'wan'
option name 'IPSec NAT (VPN)'
option src_dport '4500'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'udp'
config redirect
option dest_port '20'
option src 'wan'
option name 'FTP (DATA)'
option src_dport '20'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config redirect
option dest_port '21'
option src 'wan'
option name 'FTP (CONTROL)'
option src_dport '21'
option target 'DNAT'
option dest_ip '192.168.8.252'
option dest 'lan'
list proto 'tcp'
config rule
option src '*'
option target 'ACCEPT'
option proto 'udp'
option dest_port '51820'
option name 'Allow-Wireguard-Inbound'
config redirect
option dest_port '1197'
option src 'wan'
option name 'Openvpn (client'
option src_dport '1197'
option target 'DNAT'
option dest_ip '192.168.8.251'
option dest 'lan'
config rule
option src '*'
option target 'ACCEPT'
option proto 'udp'
option dest_port '51820'
option name 'Allow-Wireguard-Inbound'
config rule
option src '*'
option target 'ACCEPT'
option proto 'udp'
option dest_port '51820'
option name 'Allow-Wireguard-Inbound'
config zone 'guest'
option name 'guest'
option network 'guest'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
config forwarding 'guest_wan'
option src 'guest'
option dest 'wan'
config rule 'guest_dns'
option name 'Allow-DNS-Guest'
option src 'guest'
option dest_port '53'
option proto 'tcp udp'
option target 'ACCEPT'
config rule 'guest_dhcp'
option name 'Allow-DHCP-Guest'
option src 'guest'
option dest_port '67'
option proto 'udp'
option family 'ipv4'
option target 'ACCEPT'
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.8.1/24 brd 192.168.8.255 scope global br-lan
valid_lft forever preferred_lft forever
9: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0.2
valid_lft forever preferred_lft forever
10: br-guest: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.3.1/24 brd 192.168.3.255 scope global br-guest
valid_lft forever preferred_lft forever
default via 192.168.1.1 dev eth0.2
192.168.1.0/24 dev eth0.2 scope link src 192.168.1.2
192.168.3.0/24 dev br-guest scope link src 192.168.3.1
192.168.8.0/24 dev br-lan scope link src 192.168.8.1
broadcast 127.0.0.0 dev lo table local scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
local 127.0.0.1 dev lo table local scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
broadcast 192.168.1.0 dev eth0.2 table local scope link src 192.168.1.2
local 192.168.1.2 dev eth0.2 table local scope host src 192.168.1.2
broadcast 192.168.1.255 dev eth0.2 table local scope link src 192.168.1.2
broadcast 192.168.3.0 dev br-guest table local scope link src 192.168.3.1
local 192.168.3.1 dev br-guest table local scope host src 192.168.3.1
broadcast 192.168.3.255 dev br-guest table local scope link src 192.168.3.1
broadcast 192.168.8.0 dev br-lan table local scope link src 192.168.8.1
local 192.168.8.1 dev br-lan table local scope host src 192.168.8.1
broadcast 192.168.8.255 dev br-lan table local scope link src 192.168.8.1
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
ls: /tmp/resolv.*/*: No such file or directory
lrwxrwxrwx 1 root root 16 Feb 15 16:22 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r-- 1 root root 32 Jun 25 12:01 /tmp/resolv.conf
-rw-r--r-- 1 root root 39 Jun 25 12:01 /tmp/resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf.auto <==
# Interface wan
nameserver 192.168.1.1
head: /tmp/resolv.*/*: No such file or directory
root@Netgear_R-7800:~#
Remove the gateway from the lan interface.
Remove the gateway from the guest interface.
Add metrics in wan and TetheringWAN interfaces. Lower metric on wan to have precedence over the TetheringWAN. It would be best to utilize mwan3 for better control over multiple wan interfaces.
Disable networks wan and wan6 while your wired WAN is not available. Re-enable them when you go back to wired WAN.
The new network for the phone tether ('TetheringWAN') needs to be
These are the only changes needed from a stock configuration. option gateway and option dns belong only in your static IP wired WAN (which you are not using at the moment). They are only going to break things used in other places.
Thank you Trendy and mk24,
'option gateway '192.168.1.1' and option gateway '192.168.1.2' -->removed
mwan3 installed, thanks for the tip. Dive in tomorrow.
Tetheringwan is configured as mk24 said.
Hello,
this morning I connected my phone in USB tethering mode.(without mwan3)
Set Wan as metric 0 and Tethering as 1, rebooted.
Disabled the WAN interface but I could not connect to the internet through the Tethering interface.
any help would be kindly appreciated.
thank you
edit: I noticed in the wiki they mentioned xhci-ehci, my log says xhci-hcd
[ 920.282748] usb 3-1: USB disconnect, device number 2
[ 1504.752137] usb 3-1: new high-speed USB device number 3 using xhci-hcd
[ 1510.212079] usb 3-1: USB disconnect, device number 3
[ 1510.811458] usb 3-1: new high-speed USB device number 4 using xhci-hcd
[ 1511.026349] rndis_host 3-1:1.0 usb0: register 'rndis_host' at usb-xhci-hcd.1.auto-1, RNDIS device, 42:94
tom
ip -4 ro after you disconnect wan.
Hello, I connected my phone and tether USB on. Disconnected physically wan cable and entered:
root@Netgear_R-7800:~# ip -4 ro
default via 192.168.1.1 dev eth0.2 metric 10
default via 192.168.42.129 dev usb0 src 192.168.42.70 metric 40
192.168.1.0/24 dev eth0.2 scope link metric 10
192.168.3.0/24 dev wlan0-1 scope link src 192.168.3.1
192.168.8.0/24 dev br-lan scope link src 192.168.8.1
192.168.42.0/24 dev usb0 scope link metric 40
still no internet on lan.
edit: I don't have to reboot my LAN devices to obtain a connection by USB tether?
edit2: after disconnecting the phone and reconnecting the wan, internet was NOT redirected to WAN. I had to reboot the router.
edit3: I will load factory settings tomorrow and give it another try.
It doesn't seem to be disconnected.
There is still a stale entry with lower metric which has precedence.
Maybe mwan3 will do a better job detecting faulty links and failover to the tethering.
This morning I did the following:
Nothing helped. No internet connection via smartphone. I also tested USB tethering, laptop<->phone which works.
I don't have any clues left.
greetz tom
Must have something to do with the static protocol of the wan interface.
Use mwan3 package which tracks the interfaces for connectivity upstream and forces the traffic to the tethering if isp link is not working.
Hello trendy,
as I only want to use my smartphone as a backup wan interface in case of emergency and USB tethering doesn't seem to work in my configuration, I used my phone as a wireless hotspot and connected the router wirelessly. After disconnecting the wan interface I had my internet connection immediately through my phone's hotspot.
So, my goal is reached and I want to thank you for your technical support.
Hopefully I won't need it too much.
greetings tom
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.