TL-WA855RE v1, need help to configure openwrt

"Hello, I'm trying to configure my OpenWRT router to connect to my WiFi operator's network, which only allows a single MAC address.

Here's my situation:

• My WiFi operator allows only one MAC address.
• I want to connect my OpenWRT router as a client to the operator's WiFi network using the allowed MAC address.
• I want to use the Ethernet port to connect multiple devices to the internet.

Here's what I've tried:

1. Scanned and connected to the operator's WiFi network in client mode.
2. Overrode the original MAC address with the one allowed by my device.

However, I'm facing an issue:

• I can SSH into OpenWRT and ping 8.8.8.8, indicating that OpenWRT can access the internet as a client.
• But, my laptop (connected via Ethernet cable) cannot access the internet.

Can anyone help me identify the issue and provide guidance on how to resolve it?"

here is attached configuration file of my Openwrt router
configuration file

Update: I tried the same configuration on other wifi which has no macc adresss lock to single device and it's working fine, but it's not working on my operators wifi

make sure your WAN and LAN subnets aren't the same.
make sure your uplink WAN connection via wifi is in the wan firewall zone.

If the upstream network is also using 192.168.1.X (which you can see on the main status page) you will need to change your LAN to be something that does not conflict such as 192.168.2.1.

The "join this network" GUI wizard should have set up the firewall properly by creating a new interface for the upstream wireless called wwan and adding it to the wan zone.

Thanks for replying
Sorry for my little understanding of openwrt as I am new to this can you guys tell how can I upload my current configuration here that you can check and identify problem.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

thanks Mr frollic for instructions, here are the results if i did it correctly..

root@OpenWrt:~# ubus call system board
{
        "kernel": "4.9.184",
        "hostname": "OpenWrt",
        "system": "Qualcomm Atheros QCA9533 ver 2 rev 0",
        "model": "TP-Link TL-WA855RE v1",
        "board_name": "tl-wa855re-v1",
        "release": {
                "distribution": "OpenWrt",
                "version": "18.06.4",
                "revision": "r7808-ef686b7292",
                "target": "ar71xx\/tiny",
                "description": "OpenWrt 18.06.4 r7808-ef686b7292"
        }
}

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd5e:61d0:2cd3::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wwan'
        option proto 'dhcp'

root@OpenWrt:~# cat /etc/config/wireless
config wifi-device 'radio0'
        option type 'mac80211'
        option hwmode '11g'
        option path 'platform/qca953x_wmac'
        option htmode 'HT20'
        option disabled '0'
        option channel '10'
        option country 'US'
        option legacy_rates '1'

config wifi-iface
        option ssid '5G'
        option encryption 'none'
        option device 'radio0'
        option mode 'sta'
        option network 'wwan'
        option bssid '48:22:54:14:13:F6'
        option macaddr '8E:40:DF:2E:9C:94'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6 wwan'
        option forward 'ACCEPT'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

root@OpenWrt:~# login as: root
        option path 'platform/qca953x_wmac'
        option htmode 'HT20'
        option disabled '0'
        option channel '10'
        option country 'US'
Password:         option legacy_rates '1'

config wifi-iface
        option ssid '5G'
        option encryption 'none'
        option device 'radio0'
        option mode 'sta'
        option network 'wwan'
        option bssid '48:22:54:14:13:F6'
        option macaddr '8E:40:DF:2E:9C:94'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6 wwan'
        option forward 'ACCEPT'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'

apart from all that i am also facing another issue that every time i disconnect router from power and reconnect again all the configuration is lost and router like resets, for this reason i have save configuration tar file from luci interface but whenever i upload this file back on router it say configuration applied and rebooting but after rebooting nothing is on it and its in the same unconfigure state so every time i turn on my openwrt router i have to manually reconfigure every thing throu luci interface again.
here is the tar file of last configuration i had
tar configuration file

This is a very old, EOL, and unsupported version of OpenWrt. It is not safe to use since there are many serious unpatched security vulnerabilities.

Beyond that, the syntax and configuration methods have changed significantly over the last 5 major releases (and 7 years), so advice you get now may not even work as expected since few people will rember the nuances of such an old version.

Your hardware is not capable of running anything more recent, so it is time to replace this with a device with sufficient resources to run the latest openwrt.

I suspect that you may in face not even have enough flash storage to save the configuration itself.

Thanks for the reply, I will upgrade to new hardware but this one was laying around so I gave it a go, but the goal is to find out whether or not it is possible to achieve what I am looking for in my scenario, if I am successful in doing it, I will be going after new hardware soon, if not then I am doing all that stuff already on windows pc...

after reading this thread i came to know that i had a bad luck that my hardware is some how not new enough to support this OpenWrt 18.06.4 but some people are suggesting to install and old version like 17.01.5 could you guys suggest me to wehere i can find this 17.01.5 version for my hardware(TP-Link TL-WA855RE v1)
https://forum.openwrt.org/t/tp-link-tl-wa855re-v1-not-save-config-settings/18887

read the (whole) thread you linked to.

Is it possible to go back from openwrt to oem stock firmware on my TP-Link TL-WA855RE v1?

serial, but there's also this in the git commit.

Warning: this device does not include any kind of recovery mechanism
in the bootloader and disassembling process is not trivial.

you need to find the original firmware, too.

is it really worth it ?
pretty much anything you can buy used (supported or unsupported, here), will be better than the WA855RE.

Yes you can go back to stock. The most straightforward method generally is to remove some bytes from the start of the stock file ("strip the headers") then flash the modified file like a sysupgrade from within OpenWrt. If not done properly it could brick.

Serial is always possible but requires hardware, opening the case and soldering. On a wall plug form factor, there is dangerous voltage present operating with the case open. This effort may not be worth it on something obsolete.

i read the whole thread but with my little knowledge i was unable to find the 17.01.05 downloadable image file that i can upgrade to my device. i find this link but i am new with little knowledge that how i can download 17.01.05 firmwarehttps://downloads.openwrt.org/releases/

yes, that's exactly what one of the posts in it will confirm.

There is no v17 build for RE855. That model was not ported until later. (and only begrudgingly, since even at that time it was increasingly difficult to do much useful on 4/32 hardware. The "ar71xx/tiny" build paradigm was started in v18.)

so if i am able to remove some byte as you said from stock firmware i can upgrade from the luci directly through system>flash firmware?

the tricky part isn't to remove parts of the file, it's finding out where to cut, you only get one chance.

you could try the 18.06.0 release, it appears to be slightly smaller than the .4 release you're on.
if you're lucky, small enough for you to be able to save the config.

https://archive.openwrt.org/releases/18.06.0/targets/ar71xx/tiny/

i am going to try 18.06.0 as you suggested.