so, I was messing around trying to get nordVPN to work on my router. After typing away some commands on the terminal to get this setup, I have messed up my settings which I did back up a while back. I installed the backup with the old config files but am still having issues.
Please see the interface screen below.
As a starting point where shall I go to fix this?
Did you update existing packages? Also, you posted your public IP...
Try a ping on your WAN interface... ping -I (wan interface) 8.8.8.8
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/firewall
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd74:627f:9382::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option defaultroute '0'
config device
option name 'wan'
option macaddr ''
config interface 'wan'
option device 'wan'
option proto 'pppoe'
option username ''
option ipv6 'auto'
option type 'bridge'
option password ''
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan6'
list network 'wan'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'Support-UDP-Traceroute'
option src 'wan'
option dest_port '33434:33689'
option proto 'udp'
option family 'ipv4'
option target 'REJECT'
option enabled 'false'
config include
option path '/etc/firewall.user'
I've also pinged from my WAN interface and received 56 data bytes back, so I can only assume all is well there, right?
What is your issue exactly? Yes this means your wan should have internet connectivity
I'm unable to access all websites from my browser
Check your DNS settings.
Apologies for my lack of basic OpenWRT knowledge. Where would I find these?
Use any dns you want...
DNS settings are the most likely cause, but if the instructions above don't work, make sure the clock is accurate on the System page. A system clock that's a few years behind can cause SSL certificate errors making it appear that the internet doesn't work. I've run into this on Nanopi boards that don't have a battery-backed clock.
Thanks. I'm going through the process now. But not luck! After doing a few checks of my own, I believe the issue is with the IPv4 connectivity.
strange... that's an ipv4 address... I'm overlooking something
See the OpenWRT Quick Start, and User Guides.
Reset your device and set it up again.
You could probably get connected again by setting the WAN interface to dhcp instead of pppoe, but if there are other incorrect settings you will still have issues.
Reset and start fresh.
I've reset the modem and all seems to be working fine bar the 5GHz wireless. I've tried to enable it but it's not available. Please check the screenshot below;
Is there a way to rectify this?
So the device is the WRT3200ACM...correct?
What happens when you click Edit to configure 5 Ghz?
If you did configure it, what channel and what Country Code did you use?
Try changing the channel width to 40.
Failing that, change it to 20.
I've tried the above and still no luck...
Take the "Maximum transmit power" setting off "driver default" and set it to 25.
