[Solved] Help installing on pi 4b, final step to go!

Installing and Using OpenWrt
1

Hi all,

[Found the problem, had to set masquerade on the lan--> wan firewall zone. Rookie mistake :smiley: ]

I have raspberry pi 4 install almost working. From the pi directly over ssh I can ping openwrt.com, but I can't reach the internet from the local lan (nslookup work, but not ping or tracert).

My ISP requires VLAN ID tagging, which I think I've resolved by setting by setting up ppoe-vlan device (I wasn't able to get it to work just using eth1.10 syntax).

I thought I could wrap a wan interface around this and add to my br-lan but no joy.

Would someone mind seeing where I'm going awry?

Here's my /etc/config/network:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdd0:597d:fcee::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	option bridge_empty '1'
	list ports 'eth0'
	list ports 'pppoe-vlan'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	list dns '8.8.8.8'

config device
	option type '8021q'
	option ifname 'eth1'
	option vid '10'
	option name 'eth1.10'
	option acceptlocal '1'

config interface 'vlan'
	option proto 'pppoe'
	option device 'eth1.10'
	option username 'user@spark.co.nz'
	option password 'password'
	option ipv6 'auto'

config interface 'wan'
	option proto 'static'
	option device 'pppoe-vlan'

And my /etc/config/firewall (default parts taken out):


config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option synflood_protect '1'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'DROP'
	list network 'lan'

config zone
	option name 'wan'
	option input 'DROP'
	option output 'ACCEPT'
	option forward 'DROP'
	option mtu_fix '1'
	list network 'vlan'
	list network 'wan'

config zone
	option name 'vlan'
	option input 'DROP'
	option output 'ACCEPT'
	option forward 'DROP'
	list network 'lan'
	list network 'vlan'

config forwarding
	option src 'wan'
	option dest 'lan'

config forwarding
	option src 'vlan'
	option dest 'lan'

Thanks in advance.