I've been trying for a while to setup a Wi-Fi router (TL-WR841N aka TL router, 192.168.2.1) as a Wi-Fi receiver in an area without a wired connection so I can have internet access in a PC (connected to TL via ethernet). I've started by trying to set it up using WBS with the default TP-Link firmware, but without success. It seems that the router provided by my ISP (Hitron GVE39320 aka ISP router, 192.168.1.1), which I'm trying to connect to, does not support it. I've decided to try OpenWrt, downloaded it, crossed my fingers, flashed it and everything went smoothly!
Steps performed
It seems that what I'm trying to achieve is described here, I've followed these steps twice but without success.
Troubleshooting (attempt #1)
TL is connected to ISP router (not sure why it says NONE, the Wi-Fi network of the ISP router has a password)
Thank you for the quick reply!
As far as I understand my TL router LAN does not match the WAN. The WAN, from the TL router point of view, is 192.168.1.x and its LAN is 192.168.2.x.
Am I misunderstanding something?
(so far network and wireless look good. You shoulda kept the default WAN firewall config and be OK...if you added WWAN to the WAN firewall zone, that is. )
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config rule
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config forwarding
option dest 'wan'
option src 'lan'
That appears to be properly configured. Check IP config on the PC make sure it has properly set up its gateway and DNS to be the TP-Link (routed client) router. The PC should ping 192.168.2.1 of course and also the main router 192.168.1.1. Try a traceroute to a numeric public IP address see if it at least gets to the main router.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 192.168.2.164/24 brd 192.168.2.255 scope global dynamic noprefixroute enp2s0
valid_lft 43061sec preferred_lft 43061sec
inet 192.168.1.203/24 brd 192.168.1.255 scope global noprefixroute enp2s0
valid_lft forever preferred_lft forever
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
default via 192.168.1.201 dev enp2s0 proto static metric 100
169.254.0.0/16 dev enp2s0 scope link metric 1000
192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.203 metric 100
192.168.2.0/24 dev enp2s0 proto kernel scope link src 192.168.2.164 metric 100
Failed to list table names in /proc/net/ip_tables_names: Permission denied
I actually wanted you to run this on the TL, but it revealed the issue.
You already have an IP from the WAN network on the interface.
Moreover this doesn't look right. default via 192.168.1.201 dev enp2s0 proto static metric 100
Should be 192.168.2.1.
Does this mean it is cached somewhere? I've hard-reset the ISP router, which has a tab for DNS in which it had that IP (192.168.1.203) associated with the PC I am making tests with (switching between the 2 networks).
It sure is still active on your PC. Normally you can turn off the ethernet then on and it should disappear. If not reboot your pc and keep it connected only on OpenWrt.
I'm now replying from the PC connected to the TL router!
I swear I didn't had the IP in the Networking Manager configuration but deleting the ethernet configuration and creating a new one solved the issue! This was achieved in the PC GUI running Ubuntu 18.04.4 LTS. Just deleted and created a new one with the default settings.