I just bought a Protectli box and I'm planning on setting up pfSense as my router/firewall.
My TP-Link is an all-in-one Modem & Router and is currently serving everything. Due to small space in my living room and because pfSense highly recommends to use an external dedicated AP to serve WiFi, I want to configure OpenWRT in Bridge Mode so pfSense can be my only router handling everything and at the same time OpenWRT to serve my WiFi network coming from pfSense.
I thought I would get a separate very small router to only serve me in Bridge Mode like a standard Modem, but I could not find anything good and I would like OpenWRT to do both.
In conclusion: Is it possible to set OpenWRT in Bridge Mode and at the same time to serve me my WiFi network? If so please advice because I never done anything like this, also are there any limitations with controlling traffic or setting rules if OpenWRT will handle WiFi and not pfSense itself from its own dashboard.
This device is very old and cannot run a modern version of OpenWrt. It is a 4/32 device and there is a big warning at the top of the device info page.
This version is old and unsupported (it has been EOL since December 2020). It has known security vunlerabilities and it not recommended for use anymore.
That device is simply an all-in-one wifi router... it doesn't include a modem, so I'm not sure what you're getting at with resepect to mentioning a modem and bridge mode... you'll still need a modem if you have cable or DSL (or an ONT if you have fiber). However, to answer your general question, you want to configure your device simply as a dumb AP. It's easy and will then just work as a wifi AP.
Plese kep in mind the concerns about your device, though -- it would be best to get a more capable device to run OpenWrt.
I have DSL and the router gets a connection via the Telephone line, not Ethernet. I don't have a separate Modem where the router connects to, only the TP-Link, which makes it an all-in-one Modem & Router right? That's why I want to set it in bridge mode, to technically serve as a modem for my pfSense box (which only has Ethernet ports) while also serves WiFi.
Yes this is correct, maybe I don't understands something correctly?
There's only one cable RJ11 and connects directly to the router's WAN port. Since there needs to be a Modem too, doesn't this make it a Modem & Router?
Maybe I don't understand something correctly, I'm in Europe by the way and we don't have any Modem provided by the ISP. My plan is called FiberNet but I don't have actual Fiber, only under 100Mbps internet connected with RJ11 directly to the router.
Is there a chance I have Broadband or Fiber Broadband since my plan says FiberNet?
If all I have is a single RJ11 cable coming from the wall directly to the router and my speed is 100Mbps DOWN, what type of internet service is this? Would this need any other hardware besides a router with RJ11 port for WAN?
I don't know... It's also possible that the modem or ont is located in another location and that they deliver an ethernet connection to the jack in your home. You'd have to ask the ISP.
Normally, an RJ11 is a DSL connection which requires a proper DSL modem. Are you absolutely positive it is an RJ11 on the wall?
If it is an RJ11 on the wall, is it a plain RJ11 <-> RJ11 cable to the router? When I was in college, for some unexplained reason, the school had wired ethernet to the dorms with RJ11 jacks. This required an RJ11 > RJ45 adapter cable to physically connect normal ethernet devices... the signal at the jack was plain 10Mbps ethernet requiring just 2 pairs (and 100Mbps uses the same two pairs and pinout on the RJ45), but just stuck into an RJ11 connector instead of the standard RJ45 -- thus the adapter cable.
Thank you for the explanation, things are weird where I reside currently and that's why I don't really know what is my connection, it's not even in my language.
I will send photos tomorrow with both the router and the cable, I'll also call the ISP to ask because the contract only mentions FiberNet and cant find anything clear about it.
Hello again @psherman, I won't be able to share any pictures of the router since I won't be back home for a while. I will end this thread and won't pursue the configuration with this router since it's EOL and has vulnerabilities.
I just need some help with couple questions if you don't mind:
I got confused with you saying that the router doesn't have a modem. Since you need a modem to get signal from the ISP, and many US ISPs give you a dedicated separate Modem for your home that you connect your router to, isn't this router essentially a combined modem/router? How is it getting signal without modem?
I always had it in my mind that either your ISP gives you a modem based on their configuration, or you have your own router (sometimes given from your own ISP) which is an all-in-one modem/router and you just plug and play to the socket (for me RJ11 cable, the router is definitely the one stated on my OP "TP-Link TL-WR740N"). If you say it doesn't have a modem, how does that work (I read for the router online and all websites call it a combined modem/router)?
Since I won't do the configuration I asked on the OP, do you think it's best to buy a new small router and set it in bridge mode for my new router box to work as the only router? Do you have any suggestions?
Thanks!
EDIT: I will close this thread. I called the ISP and found all the information I needed, no need for explanation. thanks for the help @psherman!
I can only speak from the perspective of the US... with cable and DSL services, you do need a modem, and fiber requires an ONT. Depending on the hardware in use, sometimes the modem/ONT is al all-in-one modem+router+AP combo unit. In other cases it can be a separate box that provides an RJ45 connection to your own downstream router. In some cases, the ISP may 'provide an RJ45 ethernet connection' insofar as the modem/ONT is on their end of the connection/demarc (i.e. maybe incorporated into a box on the outside of the building) so that as far as you are concerned, you just plug in an ethernet device (i.e. a router) and you're good to go.
Also, if you're in an apartment/condo type building, it is also possible that the ISP terminates into a modem/ONT in a utility room and then distributes via ethernet wiring that is run through the building. In this case, your wall jack would just be RJ45 ethernet and you'd connect a normal router (no modem needed on your end).
I can't speak to the way it works in other countries.
Summarizing the above... if the modem/ONT is 'hidden from view', your connection would just be ethernet. If they give you the 'raw' signal, you will need a modem/ONT.
This will obviously depend on the region/country and the ISP. Some ISPs require you to use their equipment, others offer it as an option.
Ok... just reading the edit... lol... no point in erasing what I just wrote, but I'll stop her.e
@martinn - what did the ISP say? Is your unit actually a combo unit, or it it a router only? If yours is a combo modem+router, can you provide a link to the documentation you found that says that (I'd like to see it so I can understand where my searches went wrong).
Haha, really sorry I got you to type all that @psherman.
So, my connection is Fiber Optical. I live in a apartment and it turns out the Fiber terminates downstairs on the cabinet and I get RJ45 through the wall. I was stupid to not test the supposedly RJ11 I said with other ports and because it looked smaller I thought it's RJ11.
Called home to speak with a family member who can try to plug the cable to another port and it's RJ45, exactly what my ISP said.
They told me I don't need a Modem and the router is just a combined router. I don't need a modem (they said the Modem is only for ADSL and I have Fiber with a termination of an RJ45 cable in my wall). I got confused because I thought the modem is a given some way or another because I thought it would be exactly like the US where you get a modem and connect your router on it. At least what I see from other tutorials on YouTube, I never lived in the US.
In conclusion: If I understand correctly, the router doesn't have a modem like you'd get from your ISP and it doesn't need one. I have a Fiber connection that terminates downstairs in the cabinet and I get an RJ45 cable from the wall directly plugged-in the router. They said I don't need to put the router in Bridge Mode and I can just remove the old one and plug my new Protectli 4-Port to the WAN port for direct use with pfSense (can you please give any input on this one if you have any idea about this?).
Any input appreciated, thanks for the help and sorry for the mess.
EDIT: Please see this part of the tutorial, for my setup described above do I need to put my router in Bridge Mode and then connect the new router, or just connect it directly to the wall?
Also if I was to operate the TP-Link with the old OpenWrt, is it still unsafe to use it only for my WiFi?
No worries... hopefully it was useful to you and/or will be for a future reader.
Yeah... what most people call a router is actually 3 devices combined into one physical unit: router + ethernet switch + wifi AP. There are also units that are purely routers, and obviously variants that contain two of the three functions. And then there are modem+router combo units (which technally may be 4 devices combined into one). So it gets confusing... fast!
As long as you have an ethernet connection to the ISP, you generally don't need to do anything special for your router -- just use it in normal 'routing' mode. For OpenWrt and most normal routers on the consumer market, that is the default operating state for all devices that have 2 or more physical ethernet ports (one of them will be a wan, the other(s) lan). No bridge mode required in your case.
You'll just plug your new router directly into the wall jack... nothing else needed.
This is debatable. I think that your device would still be vulnerable to the wifi KRACK vulnerabilities, and would certainly not support WPA3. I would suggest that you get a new device to use as your AP (especially because of the fact that this is an old unit with only 802.11n)... but you if you really want to use it, you'd setup the current device in dumb ap mode
Yes it's debatable. I will buy a new router for my WiFi, and since the TP-Link has its problems highlighted by you I may use it as a dumb ap for a guest network in an isolated VLAN. That way worst case scenario the attacker will only be able to do minimum stuff and since the guest network will have only at times guests, it'll mostly be an empty room.
Thank you for all the help man, really appreciated!
The bigger problem with 'fibre' and these old routers would be the WAN speed, the 400 MHz mips 74Kc core of the AR9331 SOC won't do much more than ~100 MBit/s (maybe +/- 20%; but in your case, the physical 100 MBit/s ports of the TL-WR740Nv4 limit that to under 100 MBit/s anyways) routing (while most fibre connections will be significantly faster than that). And yes, running a current -security supported- release would be a hard must, which is getting 'difficult' for 4/32 MBit/s devices.
Hey @psherman, since this thread won't close for a couple days more and since you're a moderator (which I think you most likely use a router with OpenWrt) I'd like to ask you what router you have.
I won't use the TP-Link anymore, so thought I'd ask if you have any recommendations for a budged router under $100. I looked around but I can't find any good and I always have to go back and forth to the TOH to check if the router supports OpenWrt.
Do you have any suggestions for a router under $100, with at least one USB 2.0 port, able to do VLANS & create a guest network, and enough memory to be able to download couple packages like OpenVPN or any other package I'd like?
If I should create a separate thread for this let me know, but I thought I'd ask here first.
@martinn - ironically, I don't actually use OpenWrt as my main router (I have a full Unifi stack). But, I do use OpenWrt as VPN appliances (remote access + road-warrior). My devices are actually pretty old, though -- since they're not my main router, I don't need them to be super high performance (my VPN endpoint at home is a Ubiquiti RouterStation Pro -- it's pretty old, but runs 22.03 with OpenVPN, Wireguard, etc.).
I'm passionate about the platform and networking in general, and I like to share my knowledge and help where I can... But on "the best hardware for x @ y price" type of questions, I'm not all useful. Fortunately, there is a forum subsection for this! Read through, feel free to ask questions there, and I'm sure you'll get some good info.