[Solved] Wavlink WL-WN531A6 - LAN access to internet, no WLAN access to internet

Hi All, I have recently changed my Wavlink WL-WN531A6 from router only access to access a PPPOE connection directly to the internet. Currently running latest version avialble for this hardware (23.05.0)

My LAN has access to the internet but my wireless is not connecting to the internet. mt config files are as follows:

wireless:

config wifi-device 'radio0'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
	option channel '1'
	option band '2g'
	option htmode 'HT20'
	option country 'AU'
	option cell_density '0'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option mode 'ap'
	option ssid 'LAB2g'
	option encryption 'psk2'
	option key '**password**'
	option network 'lan wan'

config wifi-device 'radio1'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
	option channel '36'
	option band '5g'
	option htmode 'VHT80'
	option country 'AU'
	option cell_density '0'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option mode 'ap'
	option ssid 'LAB5g'
	option encryption 'psk2'
	option key '**password**'
	option network 'lan wan'
	option wmm '0'
	option multicast_to_unicast_all '1'

firewall:

config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option synflood_protect '1'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'lan'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	list network 'wan'
	list network 'wan6'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config rule
	option name 'Support-UDP-Traceroute'
	option src 'wan'
	option dest_port '33434:33689'
	option proto 'udp'
	option family 'ipv4'
	option target 'REJECT'
	option enabled 'false'

config include
	option path '/etc/firewall.user'

config redirect
	option dest 'lan'
	option target 'DNAT'
	option name 'Nginx80'
	option src 'wan'
	option src_dport '80'
	option dest_ip '192.168.99.9'
	option dest_port '40080'

config redirect
	option dest 'lan'
	option target 'DNAT'
	option name 'Nginx443'
	option src 'wan'
	option src_dport '443'
	option dest_port '40443'
	option dest_ip '192.168.99.9'

config redirect
	option dest 'lan'
	option target 'DNAT'
	option name 'DNS'
	option src 'wan'
	option src_dport '52'
	option dest_ip '192.168.99.118'
	option dest_port '52'

config zone
	option name 'wlan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option masq '1'

config forwarding
	option src 'wlan'
	option dest 'lan'

config forwarding
	option src 'wlan'
	option dest 'wan'

config forwarding
	option src 'lan'
	option dest 'wlan'

config forwarding
	option src 'wan'
	option dest 'wlan'

What am I missing to connect the wireless to the internet?

Many thanks!

Hi,

could you post the /etc/config/network as well?

Besides that...

There is the current release 23.05.3 available for this device:
https://firmware-selector.openwrt.org/?version=23.05.3&target=ramips%2Fmt7621&id=wavlink_wl-wn531a6

I've updated the ToH page.

Edit:
I think I saw something wrong.
For the wireless interfaces:

Pretty sure it should be just 'lan'.
At least it is in my config.

Also my firewall defaults are like this:

config defaults
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'

But not sure, if it makes a difference.

1 Like

hi @dnd,

thank you for your time having a look at your config.

I will update to 23.05.3 later after I have finished work.

I did change the wireless interface:

option network 'lan'

I think i tracked down another error --> the device i was using to access the wifi had incorrect DNS server setting.

All appears to be in order now.

Again many thanks for your assistance.

1 Like

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks! :slight_smile:

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.