I'm very new to OpenWRT, have minor experience with Linux and very little with networking.
I'm planning to set up an OpenWRT router on a Pine A64+ SBC (very similar to an Raspberry PI), with just one Ethernet port and two USB ports. (Still ordered but not arrived)
I have a Ralink RT5572 WiFi USB adapter, planning to use as a AP on the OpenWRT SBC.
I have a LTE Modem/Router (ZTE MF287+) from my ISP with WiFi AP and 4xLAN ports.
What I try to create is a "safe" OpenWRT WiFi AP with firewall to connect to the ISP Router LAN.
(In the future I plan to setup a local DNS server like "unbound" or "Pinehole" or something on the OpenWRT SBC)
Setup should be something like this:
Internet -> ISP Router LAN -> OpenWRT Wifi AP with firewall (and DNS server) -> clients.
Problem: After reading a lot I still have no clue how to configure OpenWRT, if this setup is even possible.
Hope someone could please give me some input in general about that...
PS: Happy new year!
USB adapters are in general poorly supported and kinda flakey, if you're going for USB ones supported by mt76 is probably your best bet. The SBC is pretty nice although it lacks USB 3 which may be somewhat limiting for your intended purpose.
Thank You for your suggestions. Do You mean the RT5572 is not supported out of the box? I'm aware of the USB 2.0 issue, but have a 30Mbit/s connection, so should be fine?
To make my questions more clear:
.There is NO routing/firewall between LAN->LAN, right?
.There IS routing/firewall between LAN->vLAN, but the ISP router have to support that, right? (It's not supported on my ISP router)
.There is NO internet connection, if I set the Ethernet port on the OpenWRT SBC to WAN and connect it to the ISP router LAN, right?
.Only solution is to set ISP router to DMZ, right? (It seems it's supported on my ISP router)
Rt5572 is supported out-of-the box by the rt2800usb kernel module. However, what the previous author probably meant to express is that performance of USB WiFi dongles is generally rather poor, especially when serving more than a hand full of clients. Using USB 3.0 to connect a MT7612U-based WiFi dongle is probably a rare exception to that rule, however, as that device doesn't have USB 3.0 that's also not an option here.
Well, that page answered my question. I read it hours ago in "fast forward" and therefore overlooked the topic
OpenWrt as cascaded router behind another router (double NAT)
So it's OK for now, just hope to get the RT5572 to work, cause I ordered it primarily for my Linux Mint desktop but can't get it to work properly for some reason. But it is often recommended for RasPI etc. Will see...
Thank you and I'm sure I'll be back soon with some new questions
This example explains the configuration on a device with a single Ethernet board, what's exactly what I need. https://stuff.purdon.ca/?page_id=370
A interface with the name "wan" is created. Because "wan" is just a name, how does the router know to block all traffic from the wan side by default? What would happen if I call the new interface "bob"?
"wan" is not just a name, it already exists in the default /etc/config/firewall file, which is set up to find the Internet on a WAN network named "wan". This config file is the same on all models, and on models with more than one Ethernet port there is indeed a WAN network created named 'wan'.
If you named the WAN network 'bob', packets wouldn't forward through it, you'd need to change the firewall config to match.
