Need your help..I have setup Raspberry PI 4 as my new Home firewall, it is next to my ISP router/modem. I am able to setup Raspberry PI as router and able to access/ping internet thru' Raspberry PI4 OpenWRT. My ISP router/modem in 192.168.1.1 and my Raspi OpenWRT is 192.168.1.5....both connected via eth0 LAN cable.
I have enabled eth1 as well on Raspi OpenWRT. I want to add new AP (TP Link A6) to my Raspi thru eth1, inturn the AP will be my primary wireless router for home network. Now the real issue, I am not able to get AP connected to internet.....I tried WAN interface on Raspi (Thru LuCI) no luck....whenever I create WAN interface, I am loosing internet connection on Raspi...
Can you please me guide me thru?? Am I missing something?? Please help
Thank you very much for your quick reply. I am novice in networking...I am trying to simplify your reply. "I need to change my ISP router to BRIDGE mode to get internet on my new AP?? Is my understanding correct??
Of course you do as always....
What IPv6 deployment? Are you trying to make up arguments to prove you're not wrong just for the sake of it? What evidence do you have to back up your claims that an ISP would randomly access your LAN (in this case, random stories are irrelevant)? Did you forget to tell the user what implications double nat entails? If anything transparent bridge of the RPi4 would be the only reasonable solution but that's kinda your non standard openwrt setup.
The point is, there are advantages to owning your own router, even if you have to use double NAT for ipv4. The end user should decide which are the important features in their network.
As for the ISP randomly accessing your LAN, this is a feature that some ISPs actually promote! (that is, for example, they'll access your LAN and monkey with your TiVO automatically for you, or debug it over the phone with you). Here's a guy on reddit actually deciding to pay $15/mo for that feature because it's his elderly parents and he doesn't want to be the tech support.
" Response: Yes, sir, you can do that, but we will no longer be able to access your TiVo devices for troubleshooting since they will not be connected to our equipment."
So yeah, ISPs have access to the LAN on the back side of their router. and even if they don't actually access it, it's a security risk particularly since it's potentially exploitable by automated malware etc.