Tp-link wa801nd convert to router

Hello all! Im successfully compiled and installed openwrt on tp-link wa801nd v5. Now im trying convert it to router. I was setup DHCP and LAN on wireless interface only. WAN is only 1 ethernet port on AP.
Wireless is 192.168.3.1/24, dhcp on, firewall zone LAN.
Ethernet 0 is 192.168.0.229/24, gw 192.168.0.1, dns 192.168.0.1, DHCP on interface off, firewall zone WAN.
But with this settings openwrt not pinging wan subnet. What im doing wrong?

P.S: Switch is not configured. Luci Switch "switch0" has an unknown topology - the VLAN settings might not be accurate.

What exactly are you pinging? show us the exact command

You should really take care of the switch situation, either set it up or remove the switch from configuration

You must enable forwarding and masquerading in the firewall config.

firewall config
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'

config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'WAN'

Network config
cat /etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fdf8:5913:176e::/48'

config interface 'lan'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option ip6assign '60'

config device 'lan_dev'
option name 'eth0'
option macaddr 'b0:4e:26:9f:8d:60'

config switch
option name 'switch0'
option reset '1'

config interface 'WAN'
option proto 'static'
option ifname 'eth0'
option netmask '255.255.255.0'
option gateway '192.168.0.1'
option dns '192.168.0.202 192.168.0.1'
option ipaddr '192.168.0.229'
option delegate '0'

already done

im pinging from router itself. Connected via ssh from LAN

--- 192.168.0.1 ping statistics ---
28 packets transmitted, 0 packets received, 100% packet loss

what is the output of this command?
ip -4 addr; ip -4 ro; ip -4 ru

Use the Preformatted text (Ctrl-Shift-C) when pasting. Makes it more easy to read.

Moving a single ethernet port device from LAN-only to a router should be a rather trivial matter, but it's not very thoroughly documented. Personally, with single physical port devices, I find it easiest to change LAN over to the 'lo' device and create and configure WAN using the 'eth0' device, everything else (including the firewall config) left completely default.

In the case of the OP, this would amount to this /etc/config/network:

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fdf8:5913:176e::/48'

config interface 'lan'
option ifname 'lo'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option ip6assign '60'

config switch
option name 'switch0'
option reset '1'

config interface 'wan'
option proto 'static'
option ifname 'eth0'
option macaddr 'b0:4e:26:9f:8d:60'
option netmask '255.255.255.0'
option gateway '192.168.0.1'
option dns '192.168.0.202 192.168.0.1'
option ipaddr '192.168.0.229'
option delegate '0'

But I would like to put this up for discussion. Comments?

Edit: Now that I copy&paste it, I see the interface 'WAN' was capitalized. Could this already be reason the OP's config does not work?

ip -4 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    inet 127.0.0.1/8 brd 127.255.255.255 scope global lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN qlen 1000
    inet 192.168.0.229/24 brd 192.168.0.255 scope global eth0
       valid_lft forever preferred_lft forever
8: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    inet 192.168.3.1/24 brd 192.168.3.255 scope global br-lan
       valid_lft forever preferred_lft forever

ip -4 ro
default via 192.168.0.1 dev eth0
192.168.0.0/24 dev eth0 scope link  src 192.168.0.229
192.168.3.0/24 dev br-lan scope link  src 192.168.3.1

 ip -4 ru
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

i changed it to non capitalized. Its doesnt work. I think the problem is in routes or firewall...

You should not have to change anything about routes or firewall. Even on single-port routers, OpenWrt comes with perfectly appropriate firewall rules for a separate LAN and WAN.

At the moment, however, your "LAN" is dangling in the breeze. It has nothing assigned to it, and nothing to bridge. I would suggest assigning option ifname 'lo'. Also, you do have a completely unnecessary, and possibly even counterproductive "lan_dev" that is assigned to eth0 -- that will have to go anyway since your eth0 is assigned to WAN below.

I'll second @takimata here. You don't need the bridge in LAN interface anymore. It should only be connected to the wireless interface. Post here the contents of /etc/config/wireless to verify that everything looks good.

JFTR: My suggestion to not just leave LAN hanging without an interface but to assign the lo loopback interface to it is not just out of the blue. If you run a service on the router that needs to bind to the LAN interface, I ran into massive problems if the LAN interface is only there when wifi is up. Also, there are devices with only one physical interface and no wifi (think NAS boxen). I actually went to great lengths and created dummy interfaces before finding out that it's stupidly easy just to assign lo.

Edit: A long time ago, I started on a wiki page with the intent of outlining how to re-configure single-port devices for LAN and WAN, but it never went very far. Should we have an RFC and set this up? I have the feeling, this is an FAQ topic long overdue for a generic best-practice answer.