When I try to connect (using a 4G modem integrated to the OpenWrt router), it works like a charm
When I try to connect the OpenWrt Router to the lan 1 of the ISP router it does not work (impossible to see the IP Cam neither to see connection from SSH Tunnel).
Both router are not using the same plan of adresses:
I'm back. I don't have access on the ZTE ISP router as admin but only as user
Anyway, on the status interface I can see on the WAN connection the NAT is enabled
SSH tunnel means my openwrt router is a client of my SSH server somewhere else (on another network), and I used it because of double NAT of the previous ISP (Telecom).
I've changed of ISP for fiber, but as you can see the WAN IP is also a internal IP (10.x.x.x), so I still have double NAT (as previously). Conclusion I still need to use the SSH Tunnel.
The issue is not on the SSH tunnel which works fine (with modem) til now
My issue happens when I try to connect the LAN from ISP router to WAN openwrt router
I tried with some other devices on another network (I built for testing)
This works,
ISP: 192.168.0.1
OpenWrt: 192.168.2.1 (lan) & 192.168.3.1 (wifi)
A pc can connect from ISP lan, and the PC can connect from openwrt lan (any tcp protocol used)
But on the live configuration it does not work...
I don't understand your issue, it is very strange. I don't understand your answer, the question was to check existing networks, not to build new one. Can you connect by SSH from command line of OpenWRT-router via ISP-router?
So you have a fiber ISP.
Are you sure that the fiber is directly connected to the ISP's modem/router, or is the fiber (safely) terminated at a Fiber Termination Unit (FTU) to which then the ISP's router connects with a plain ethernet CAT cable.
If the latter is true (with a FTU) then you probable could very well connect your own router to the FTU. Likely you still need to know any connection parameters like VLAN setting and, possibly, PPPOE config. In the whole of the EU the IPS is required by law to supply these connection parameters on request (although some ISP are truly a PITA). That would give your own OpenWrt router direct WAN access.
When you're not that lucky, then lets assume that NAT on the IPS's modem/router is something you have to live with. Then you could still choose from different options:
Run your own OpenWrt equipment as an access point (a LAN bridge, no routing) behind the ISP modem. Access to services running on your own stuff from the outside Internet requires setting forwards (or set "DMZ host" in the modem/router of the IPS. All services like routing, NAT, DHCP, firewalling is handled the the router of the ISP.
A little bit more evolved, your own router as an downstream router on your LAN. This allows creating subnets, VLANs, etc behind yours. This setup requires that downstream routes for any subnets behind your own non-masquerading router can be set on the modem/router of the ISP. Nice thing about this setup is that you will likely enjoy the full speed of the hardware NAT engine that it deploys. Breaker is when the NAT facility is "hard wired" to the subnet of the IPS modem.
BTW, when your ISP deploys GCNAT (part of DS-Lite), then:
the second option will be impossible because you cannot set routes upstream.
you will need some tunnel via some proxy to be reachable from the outside over IPv4.