Router is running, but Login luci does not function

Hi,
I have installed my OpenWrt Router (TP-LinK TR-WR1043ND - Version 19.07.7-ath79) successfully.
My Internet configuration runs with a Huawei Stick E8372.

But here is my problem. I can not login to the GUI Luci with the IP 192.168.1.1. Either with cable or Wifi.
Only when I remove the Huawei Stick, log in with LAN cable and reboot 1 or more times the Router. Than I can log to the Web interface only buy LAN but not with Wifi.
What did I wrong?
What are the correct settings in the Menu> Interfaces for log in with Wifi to the Router or if necessary with cable?

Or is the Problem the Firewall?

Here are my settings:
Interfaces:
Huawei - (IPv4 add=192.168.1.2 netmask 255.255.255.0; IPv4 gateway 192.168.1.2) Physical Settings (eth1 + wlan0); - Firewall wwan: huawei: lan: raspi:)

LAN - Allg (IPv4 add=192.168.1.1 netmask 255.255.255.0; IPv4 gateway 192.168.1.2) Physical Settings (eth0.1 Switch VLAN) - eth1 + wlan0); - Firewall wwan: huawei: lan:
Wifi-Settings
WWAN: (wlan0) = DHCP - Pyhsical Settings: wlan0; - Firewall wwan: huawei: lan:

You have IP conflict. Change the lan IP before you connect the huawei stick.

uci set network.lan.ipaddr='192.168.100.1'
uci commit network
service network restart

Hello,
can I also use '192.168.1.100 ??

Nope, it must be outside of the 192.168.1.X

One more question, to understand the problem!
What did you mean, change the lan IP before you connect the huawei stick.
What are the right steps?

1. Login in the Router per ssh
2. make the command
   2.1. Can I copy and execute the entire command ?
   When I move the lan-IP address what happens?
   Does the change mean that I can now log on to the surface with the IP via WiFi and LAN cable?
3. Insert the huawei stick
   finish The login in IP is now 192.168.100.1 to the Webinterface!

I ask because I have also a raspi bridge managed.

Raspi (IPv4 add=192.168.1.3 netmask 255.255.255.0; IPv4 gateway 192.168.1.2) Physical Settings (eth0 +eth0.1 + eth1 + wlan0); - Firewall wwan: huawei: lan: raspi:)

What happens to the Raspi device? Can I still hope that the device is connected to the Internet by the bridge?
After the change, the fixed IP is still available for the raspi as well as for the huawei stick?
If I understand correctly, is the change only necessary for logging into the router?, because I have an IP conflict.

Thanks

You described them correctly.

Sure

You'll get disconnected. Do a dhcp renew on the PC to acquire the new IP. It should be 192.168.100.100 if the rest is left to defaults.
Now you can connect to the new IP .100.1 of OpenWrt from your PC. Do a browser restart if it doesn't work.

If it is connected to the lan part of the WR-1043ND, you'd have to change it's IP address too, in case it is static. If it is dynamic from dhcp, pull out the cable, count to 10, and plug it back in.

So, Update...
I can connect to the IP 192.168.100.1 but....
I can not connect to the WiFi, to my raspi or to the Mobile Stick.
What is the problem, with the IP?
I need the static address for the raspi. What happens, when I changed the huawei address? It's that the Problem?
My raspi has the IP = 192.168.1.3 and the gateway *huawei=192.168.1.2 it connected to OpenWrt.
My WWAN = WiFi gets the IP over DHCP.
Every other device gets the IP over WiFI and goes to the Internet over huawei 192.168.1.2 . That's why I make the bride for raspi (physical settings wlan0, eth0, eth1=huawei)
And the other bridge LAN ( 192.168.1.1. an gateway and huawei 192.168.1.2).
When I change the IP than I can't use my raspi, and my laptop to connect to the internet.
I can change the IP for the huawei stick for example 192.168.8.1
Than can I change the gateway for all interfaces. Can this help me?
LAN IP static 192.168.1.1
raspi static 192.168.1.3
huawei 192.168.8.1

Interfaces1280×800 108 KB

Again same mistake, you have an ip conflict because two different networks share the same subnet. I can also notice that almost everything is bridged, that huawei interface is considered part of the lan, and that there is a wwan interface without clear purpose.

1. Do you have alternative internet uplinks?
2. Why did you create all these interfaces?
3. Is there a reason that the raspi is not in the lan interface?

1. Do you have alternative internet uplinks?
   No I have not. It,s a garden House without any Internet uplinks.

2. Why did you create all these interfaces?
   To connect to the Internet I need the Huawei-Stick.
   I thought all my devices should have connection to the internet from WiFi.

• laptop
• raspi

The huawei stick is for the connection to the internet.

3. Is there a reason that the raspi is not in the lan interface?
   No really, the raspi 4 has WiFi and I wanted to use the Wifi - without cable.
   Without the raspi bridge I had not Internet connection ! That's why I had make the raspi bridge installed.
   Is that the mistake?
   If I connected to the OpenWrt router with cabel to my raspi, do you think it will be work?
   If I understand it correct, when I connected with my raspi to the OpenWrt router with cable it will get internet connection over LAN bridge ?
   I can use 192.168.1.1. for my router, an 192.168.1.2 for raspi / gateway. Or is there again a IP conflict?

My idea was everything connected to the WiFi get internet connection. How is that to install?

I think it would be best to reset the router to defaults and try again from a clean configuration.
By default you'll have a lan interface, covering the lan ports of the router and the wifi (which is disabled by default, but you can enable it). Change the lan IP again to 192.168.100.1.
The wan interface will be covering the wan port, but you can repurpose it to be the interface for the dongle.
Don't change anything else in firewall or dhcp, it should be enough to work.

Ok, I will try iit. But first I have to know what to do.

What did you mean with:
The wan interface will be covering the wan port, but you can repurpose it to be the interface for the dongle.
I have to install the usb driver an connect the dongle to the router. After that I install the eth1 interface, correct? or how can I connect to the internet?

Is there a way to give my raspi the IP 192.168.1.3 ?
When I look to my interfaces, I have a LAN Interface and a Interface for the huawei stick or not?
I do not need the bridge for raspi?
Thank you for help

After you install the usb module and enable it, go to the network configuration and either change the ifname of wan interface from eth0.2 to the physical interface the huawei has, or create a new interface for huawei and add it under wan zone in firewall.

I don't know how you will connect to the internet before you install the module. One solution is to connect the RPi on an existing connection. In that case if the existing network is 192.168.1.X, you can give .1.3, provided no other device is using it. But you'll need to switch off first the dhcp server of OpenWrt. (Network-Interfaces-Edit LAN-DHCP server-Ignore interface).

Yes, you should have a lan and a huawei.

You can have the bridge over ethernet and wifi of RPi. The huawei should be routed.

You only need two networks here, wan and lan. These two networks are installed by default.

The wan "physical setting" is the dongle's "eth" or "usb" virtual port. This is the path to the Internet. Generally the dongle or the ISP will issue an IP address via DHCP, so use protocol DHCP on wan.

The Pi and other lan devices will be in the lan network bridge. You do not have to individually identify them in the router. If they hold an IP in the lan range and have a physical link to the lan bridge (ethernet or wifi), they are automatically participants in the lan network.

Generally you should run a DHCP server on lan and have the devices be DHCP clients. If you want a device to have a specific IP address, set up a DHCP reservation for it.

So, I reset and have a question.
Now I can login to the OpneWrt Router to 192.168.11.
I can login to the dongle. 192.168.1.2
and I can login to my raspi.
But there are two problem's:

A) I can not update my openwrt router because no internet connection.
B) The internet connection with my laptop has no connection too, but I change the settings , then it function.
Is there a better solution?
In which settings (LAN or WAN) is a mistake?
Why can I not connect to the internet with the router and must set a manual IP addr.

Incidentally, the connection to the Internet with the raspi is perfect.
That are my LAN settings:

Interfaces_11280×800 121 KB

For the dongle:
dhcp client
physical settings: no bridge and only eth1
firewall: lan: wwan:

This is wrong.
eth1 must not be bridged under lan.
wwan must be in wan firewall zone.
lan ip address must be in different subnet, since dongle is in 192.168.1.0/24

Thanks for so much help:

I tried many things.

These are my final settings:
lan:
gen.set:192.168.1.1. / IPv4 192.168.1.2
phys set: Brigde interfaces, eth0.1, eth1, wlan0
firewall: lan: wwan: wlan_home:
DHCP Setup:ignore interface

WWAN: The dongle connection
gen.set: DHCP client
phys. sett: no bridge - interface eth1
firewall: lan: wwan: wlan_home:

To update my openwrt router I make another Wifi connection at home:
wlan_home
gern: dhcp client
phys.: no bridge + wlan_home
fire:lan: wwam: wlan_home
Important: I have to deactivate the wlan_home!

I used the router in my garden. There I can connect to openwrt router, can connect to the raspi as well and to the dongle. I can connect with my laptop to the internet.

The only part that not function so good, is the connection for the updates to the openwrt at the garden.
But I can bring the router to my home an switch on the wifi an the I update everthing.

If there's an easy way to connect to the internet in the garden, that's fine.
If someone has an idea without changing my general settings again, I don't want to configure it again.

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l  /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*

{
	"kernel": "4.14.221",
	"hostname": "OpenWrt",
	"system": "Atheros AR9132 rev 2",
	"model": "TP-Link TL-WR1043ND v1",
	"board_name": "tplink,tl-wr1043nd-v1",
	"release": {
		"distribution": "OpenWrt",
		"version": "19.07.7",
		"revision": "r11306-c4a6851c72",
		"target": "ath79/generic",
		"description": "OpenWrt 19.07.7 r11306-c4a6851c72"
	}
}
package network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdd7:9412:51f4::/48'

config interface 'lan'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ifname 'eth0.1 eth1'
	option gateway '192.168.1.2'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 5t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0 5t'

config interface 'wwan'
	option proto 'dhcp'
	option ifname 'eth1'
	option gateway '192.168.1.2'

config interface 'wlan_HOme'
	option proto 'dhcp'

package wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option channel '11'
	option hwmode '11g'
	option path 'platform/ahb/180c0000.wmac'
	option htmode 'HT20'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option key 'ohO21#13m.'
	option encryption 'psk2'

config wifi-iface 'wifinet1'
	option ssid 'RabeSocke'
	option device 'radio0'
	option mode 'sta'
	option key 'JMfimdAHB-FM287zAnS'
	option encryption 'psk2'
	option network 'wlan_HOme'
	option disabled '1'

package dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option ignore '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

package firewall

config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'lan wwan wlan_HOme'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	option network 'wan wan6'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.

# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
       valid_lft forever preferred_lft forever
default via 192.168.1.2 dev br-lan 
192.168.1.0/24 dev br-lan scope link  src 192.168.1.1 
broadcast 127.0.0.0 dev lo table local scope link  src 127.0.0.1 
local 127.0.0.0/8 dev lo table local scope host  src 127.0.0.1 
local 127.0.0.1 dev lo table local scope host  src 127.0.0.1 
broadcast 127.255.255.255 dev lo table local scope link  src 127.0.0.1 
broadcast 192.168.1.0 dev br-lan table local scope link  src 192.168.1.1 
local 192.168.1.1 dev br-lan table local scope host  src 192.168.1.1 
broadcast 192.168.1.255 dev br-lan table local scope link  src 192.168.1.1 
0:	from all lookup local 
32766:	from all lookup main 
32767:	from all lookup default 
ls: /tmp/resolv.*/*: No such file or directory
lrwxrwxrwx    1 root     root            16 Feb 15 15:22 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r--    1 root     root            32 Apr 23 17:38 /tmp/resolv.conf
-rw-r--r--    1 root     root             0 Apr 23 17:38 /tmp/resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1

==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1

==> /tmp/resolv.conf.auto <==
head: /tmp/resolv.*/*: No such file or directory

Don't bridge the 4G dongle into LAN. When using Internet via 4G, it is your wan device. If the dongle DHCP issues IP addresses in the 192.168.1.0 range, you need to change the OpenWrt lan to a different range.

Don't have any "gateway" settings, it will be configured automatically to be the dongle when the dongle DHCP is complete. Or if you use house wifi for WAN the house router DHCP will advertise itself as the gateway, and OpenWrt will install that as long as you don't try to force it to something else.

In general here staying close to a default configuration is best. Less is really more. Don't just add stuff without understanding what it does. Don't make additional networks: you only need lan and wan for this situation. To meet this use case, you're going to change the wan physical device to be something other than Ethernet (either house wifi or 4G dongle)-- and watch out for IP conflict. Changing the lan to something really strange (maybe 192.168.85.1) and leaving it there would work.