It seems because I can access luci via the APs WiFi on my iPad
1 Like
What to look for in the system log?
By the way the pi created IP addresses for other devices at the DHCP leases section at the status page I can see them.
1 Like
we may need 10 screenshots to diagnose...
the optimal way forward is to either;
- obtain an ssh command line by the options suggested above (so we can see your config and easily diagnose)
cat /etc/config/network #remove ppp credentials
cat /etc/config/dhcp
service | grep dnsmasq
or
- flash a fresh image as suggested above (the default settings work if driver is present, usb nic is attached on boot, and there is no dhcp server conflict)
1 Like
What is this doing? Removing my PPPoE credentials but how this would help? I would have no internet at all 
Currently I plugged in an another 1043nd but this one is v1 with 19.07, I created the PPPoE interface with the credentials and no hassle itās working so definitely something is wrong with the pi lan not forwarding the internet. Donāt get me wrong Iād like to give you the log but what you pasted donāt know what it does.
The very last I want to start over, maybe removing and readding the interfaces what I should try? One thing is sure, once they changed the ONT to bridge mode and reboot it then the pi couldnāt get internet via the lan. Worked fine before so it must be a setting, is it possible to setup PPPoE incorrectly?
What he means is don't copy and paste the credentials into the public forum post
3 Likes
He is asking you to post the content of those files, but to redact sensitive information like username and password before posting here in the forum. This is not about you editing these files 
cat /etc/config/network basically just dumps the content of the configuration file with the given name into the current command window, from where you can copy and paste it into the forum (but redact username/password before hitting the reply button )
2 Likes
@moeller0 oh I see, sorry guys I didnāt want to sound mean, youāre very good to me. Iāll do it soon
1 Like
You did not, but clearly there was a simple misunderstanding in play, that looked easy to dissolve.
I hope I posted the right way. By the way it didn't remove the credentials for some reason so I deleted it but nothing else is edited. To reiterate, this is a FTTH PPPoE setup. If it matters 
root@OpenWrt:~# cat /etc/config/network #remove ppp credentials
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd1e:723b:7e23::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config interface 'lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option device 'br-lan'
option ipaddr '192.168.1.1'
config interface 'wan'
option proto 'dhcp'
option device 'eth1'
option auto '0'
config interface 'digi'
option proto 'pppoe'
option device 'eth1'
option username ''
option password ''
option ipv6 'auto'
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option confdir '/tmp/dnsmasq.d'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
config dhcp 'wan'
option interface 'wan'
list ra_flags 'none'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'Wan6'
option interface 'Wan6'
list ra_flags 'none'
config dhcp 'digi'
option interface 'digi'
option ignore '1'
list ra_flags 'none'
root@OpenWrt:~# service | grep dnsmasq
/etc/init.d/dnsmasq enabled running
root@OpenWrt:~#
1 Like
you have an interface called digi which is your actual connection. I'm guessing that it is not assigned to a firewall zone (we don't see your firewall file here), and that would explain why it is not working.
make sure that digi is assigned to the wan firewall zone and test again.
The credentials are not removed automatically. Things after a "#" sign are comments -- human readable and ignored by the command line interpreter. In the future, you can redact those details by copy/pasting the output and then deleting the sensitive details before you post.
OK, I'll check the zones. so digi-> lan accept all and Masquerading unchecked right?
No. Digi is your internet connection so it should be in the WAN zone. And masquerading must be enabled.
Oh you mean I should make sure that the digi is in the wan zone? if not, how to add it to the wan zone? Or I better check first how does it look like
digi is your internet connection. it is untrusted (as the internet), so it should be attached to the wan firewall zone (which is configured by default to handle untrusted connections). The wan firewall zone also has masquerading enabled by default, which is necessary for most home connections (including yours).
let's see the contents of your /etc/config/firewall file and we'll go from there.
Don't create a new interface / network. Change the proto of the existing wan from dhcp to pppoe and add your username and password.
1 Like
That would be my usual approach, too -- adjusting the wan network interface. However, since digi was already created, I was thinking the fastest method was to simply assign it to the wan firewall zone. Both are equally valid from a functional standpoint, but using the wan network interface (ad compared to creating a new one called digi or anything else) as @mk24 suggests is easier to read and understand.
Guys!!! I was so stupid again, I even knew about this since I had to do this multiple times before when I first setup the pi, the AP and back in may the old 1043nd... Just forgot to add the interface to the firewall, how on earth I didn't realize this. Now I'm writing this from that network.
I don't know who to mark as solution. You all were very patient and kind, I can't thank you enough! I should be more advanced user, glad that you helped me even with my skill set, you all made my weekend
Glad you are finally up and running! Although there is no single response that solves the issues (since there were several things happening), mark the one that you think would best help someone reading this thread in the future.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.