Hello!. I'm new to OpenWRT
I just flashed it with UART to an Archer C5 V4 that had ISP firmware
My intention is to connect it via WAN to my main router (ISP too)
This is my idea:
[Main Router 192.168.1.1] --LAN---WAN--> [Archer 192.168.1.1] --LAN---LAN--> [My Laptop]
[Main Router 192.168.1.1] --LAN---WAN--> [Archer 192.168.1.1] --WLAN---WLAN--> [My Phone]
I understand that I have to change the IP Address of the archer to 192.168.2.1 or something, so it doesn't have problems with my main router, but if I do that I completely lose access via SSH. I think my main router is not assigning correctly the DHCP values. but It's really hard to me to correctly get whats happening
I already re-flash and reset configurations multiple times because I always get to the point where it doesn't work
I got it working once by changing the MAC Address of the lan and wan networks to my laptop MAC but it only worked after doing dhclient -r && dhclient in my laptop, without it the 2.1 doesn't appear in my router
Probably I am missing a lot of steps and an overall understanding of the system, so any recommendations or question would be really welcomed
Thanks!
Generally speaking, all you should need to do (from a reset/default state) is change the subnet of your OpenWrt lan and things should just work.
To do this, follow this guide:
Then, don't forget to renew the DHCP lease on your computer (that is connected to the C5's lan port or wifi)... a quick way to do this is to bounce the connection (unplug the ethernet for a moment). You'll have ssh access (at the new address) once your computer's IP is in the right subnet. From there, it should 'just work'.
I just factory reset my configuration and tried following the guide. I disconnected ethernet from my laptop, WAN and LAN in the router, everything
Connected everything again and even reset it
When I try to conenct to 192.168.2.1 I get a ssh: connect to host 192.168.2.1 port 22: No route to host, I tried with LuCI and nothing there neither
When I do ip a in my laptop it says that the only network in my ethernet is 192.168.1.22
5: enp0s20f0u1u1u2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:e0:4c:9f:0e:37 brd ff:ff:ff:ff:ff:ff
altname enx00e04c9f0e37
inet 192.168.1.22/24 brd 192.168.1.255 scope global noprefixroute enp0s20f0u1u1u2
valid_lft forever preferred_lft forever
inet6 fe80::9bd:6a3f:5432:7dfe/64 scope link noprefixroute
valid_lft forever preferred_lft forever
If I do dhclient -r && dhclient I get the correct network tho, it connects but I don't have internet. And if I disconnect and connect again it goes back to the 1.22
Am I missing something?
I checked with the UART terminal and it seems that network.lan.ipaddr is being updated correctly, but I can't access anything
Reconnect your laptop, it needs to refresh 2.x ip
Ok something weird, I have a laptop, and the Ethernet it's connected to an USB Hub, when I connect it to the usb hub it shows 1.22 if connect the Ethernet it directly to my laptop it says 2.33
I already tried disconnecting and connecting the usb hub and still get the same thing
I don't have internet yet tho, is there any other configuration I have to do to get internet from the WAN?
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
----------------------------------------------------------------------------------------------------
ubus call system board
{
"kernel": "6.6.73",
"hostname": "OpenWrt",
"system": "MediaTek MT7620A ver:2 eco:6",
"model": "TP-Link Archer C5 v4",
"board_name": "tplink,archer-c5-v4",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "24.10.0",
"revision": "r28427-6df0e3d02a",
"target": "ramips/mt7620",
"description": "OpenWrt 24.10.0 r28427-6df0e3d02a",
"builddate": "1738624177"
}
}
----------------------------------------------------------------------------------------------------
cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd7b:4708:4969::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'
option ip6assign '60'
config device
option name 'eth0.2'
option macaddr 'XX:XX:XX:XX:XX:XX'
config interface 'wan'
option device 'eth0.2'
option proto 'dhcp'
config interface 'wan6'
option device 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '0'
config switch
option name 'switch1'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch1'
option vlan '1'
option ports '0 1 2 3 7t'
config switch_vlan
option device 'switch1'
option vlan '2'
option ports '4 7t'
----------------------------------------------------------------------------------------------------
cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'pci0000:00/0000:00:00.0/0000:01:00.0'
option band '5g'
option channel '36'
option htmode 'VHT80'
option disabled '1'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
config wifi-device 'radio1'
option type 'mac80211'
option path 'platform/10180000.wmac'
option band '2g'
option channel '1'
option htmode 'HT20'
option disabled '1'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
----------------------------------------------------------------------------------------------------
cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4
----------------------------------------------------------------------------------------------------
cat /etc/config/firewall
config defaults
option syn_flood 1
option input REJECT
option output ACCEPT
option forward REJECT
# Uncomment this line to disable ipv6 rules
# option disable_ipv6 1
config zone
option name lan
list network 'lan'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
config zone
option name wan
list network 'wan'
list network 'wan6'
option input REJECT
option output ACCEPT
option forward REJECT
option masq 1
option mtu_fix 1
config forwarding
option src lan
option dest wan
# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
option name Allow-DHCP-Renew
option src wan
option proto udp
option dest_port 68
option target ACCEPT
option family ipv4
# Allow IPv4 ping
config rule
option name Allow-Ping
option src wan
option proto icmp
option icmp_type echo-request
option family ipv4
option target ACCEPT
config rule
option name Allow-IGMP
option src wan
option proto igmp
option family ipv4
option target ACCEPT
# Allow DHCPv6 replies
# see https://github.com/openwrt/openwrt/issues/5066
config rule
option name Allow-DHCPv6
option src wan
option proto udp
option dest_port 546
option family ipv6
option target ACCEPT
config rule
option name Allow-MLD
option src wan
option proto icmp
option src_ip fe80::/10
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family ipv6
option target ACCEPT
# Allow essential incoming IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Input
option src wan
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
list icmp_type router-solicitation
list icmp_type neighbour-solicitation
list icmp_type router-advertisement
list icmp_type neighbour-advertisement
option limit 1000/sec
option family ipv6
option target ACCEPT
# Allow essential forwarded IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Forward
option src wan
option dest *
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
option limit 1000/sec
option family ipv6
option target ACCEPT
config rule
option name Allow-IPSec-ESP
option src wan
option dest lan
option proto esp
option target ACCEPT
config rule
option name Allow-ISAKMP
option src wan
option dest lan
option dest_port 500
option proto udp
option target ACCEPT
### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
# option src lan
# option src_ip 192.168.45.2
# option dest wan
# option proto tcp
# option target REJECT
# block a specific mac on wan
#config rule
# option dest wan
# option src_mac 00:11:22:33:44:66
# option target REJECT
# block incoming ICMP traffic on a zone
#config rule
# option src lan
# option proto ICMP
# option target DROP
# port redirect port coming in on wan to lan
#config redirect
# option src wan
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
# option dest_port 80
# option proto tcp
# port redirect of remapped ssh port (22001) on wan
#config redirect
# option src wan
# option src_dport 22001
# option dest lan
# option dest_port 22
# option proto tcp
### FULL CONFIG SECTIONS
#config rule
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 80
# option dest wan
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
# option target REJECT
#config redirect
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 1024
# option src_dport 80
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
No issues with this config.
Make sure your laptop isn’t getting an address via WiFi, and make sure your physical connections are correct (I.e conneced to the openwrt router directly) for your usb adapter if you’re using that. Also, verify that the usb adapter is configured for dhcp.
My current setup is the following
[ Main router 192.168.1.1] --LAN--WAN--> [ Archer 192.168.2.1] --LAN1--LAN --> [ Laptop 192.168.2.198]
- During the testing I had my Wifi turned off, I only turned it on after the test failed, should I forget the network or something like that?
- I already validated the Ethernet cable that comes from my main router, connecting it directly to my laptop, it works and correctly gets internet
- I don't really know what you mean by enabling DHCP in the UsbHub, is there something I have to change in my operating system? This is the usb hub, I don't see any specifications around internet or DHCP, I had this router working before connected through the USB Hub so I don't really know what could be the problem with it
I still don't have internet
So if you disconnect this and connect your computer to the Openwrt router instead, what address do you get?
Yes, it will show up as another network adapter in your operating system. Make sure that it is configured for dhcp.
I think c5 is one of suspects for lacking wan isolation, so you get wan side address while it boots.
Boot it fully then connect clients
- I tested the following scenarios
[ Main router 192.168.1.1] --LAN--WAN--> [ Archer 192.168.2.1] --LAN1--LAN --> [ Laptop 192.168.2.198] No internet
[ Main router 192.168.1.1] --LAN--WAN--> [ Archer 192.168.2.1] --LAN1--LAN --> [ USB Hub ] --USB--USB--> [ Laptop 192.168.1.22 ] No internet
[ Main router 192.168.1.1] --LAN--LAN--> [ USB Hub ] --USB--USB--> [ Laptop 192.168.1.22 ] No internet
[ Main router 192.168.1.1] --LAN--LAN--> [ Laptop 192.168.1.12 ] Internet
- I didn't know I had to configure my usb hub , thanks! , I just recently moved to Fedora so I don't really know how to do any of that, either way I don't know if it's out of the scope of this conversation to configure that. If I could have it working at least directly connected, it would be awesome!
Your computer may be a large part of the problem here. Do you have another device you can connect to the openwrt router?
Meanwhile, let also look at this:
ifstatus wan | grep address
ping 8.8.8.8
ping openwrt.org
You don’t have an address on the wan. It it connected to the upstream lan?
Yes, it's the same cable I tested connecting directly to my laptop and worked
Do I have to reboot or something after connecting it?
I did enabled the DHCP Automatic in my usb hub , now I get the 192.168.2.138 address consistently doesn't matter where I connect it to my laptop
So it sounds like the problem has been resolved, right?
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks! 
Nope, I do have the ability to connect via SSH consistently
But I still don’t have internet, and ‘wan’ still don’t show any address. I just fixed the usb hub thing but the main problem it’s still the same
Could it be a MAC problem? That my main router it’s not sending internet to my router due to its MAC? I don’t really get how after having it connected it doesn’t get anything
Ok. It seems like your main router is not issuing addresses via dhcp for some reason.
Try cloning the MAC address of your laptop’s Ethernet adapter into the openwrt eth2 definition.
I just changed the MAC address to the one in my laptop enp0s20f0u1u1u2 (The usb hub)
I restarted and it seems that it doesn't even let me enter SSH or LuCI
If I connect the LAN directly to my laptop it worked and I have internet!. But I don't get why the MAC Address is causing conflicts with the Usb HUB, should I configure it to something else directly on the device? Could it be that the main router it's blocking that specific MAC? Shoudl I change the MAC of the LAN connection too?
I even tried with a different USB Hub and it worked too!
Sorry to bother you but could you briefly explained what happened?
Thank you very much!!!