Unique Network Configuration, Help Appreciated!

Hi all,

I have the following network topology:

image995×720 83 KB

I'm trying to use my Beryl as a 3rd internet connection (GSM Modem #2). Because I live in a 5th wheel and travel, I switch between 3 types of wireless internet connections (Starlink, ATT, T-Mobile). Initially, I was able to get the Beryl to provide connectivity to the 3rd internet connection. Because it only has a single LAN port and a single WAN port, both are in use and so clients connect to it via Wi-Fi by switching over to SSID #2.

I understand this is a unique design, but I have a few reasons for desiring this, for instance I may have a long download or set of Windows Updates, and I would prefer to not use that data on my first two internet connections. Also, if I'm making config changes on my Asus router, the Beryl serves as a backup for my family for an internet connection.

Initially, I setup the Beryl with it's WAN connected to GSM Modem #2 and setup Wi-Fi and it was able to serve internet just fine. The complicating factor is that I'd like for the Beryl to also connect to my local network so that I can access my NAS without having to swap Wi-Fi connections. I've connected the Beryl's LAN port to the Asus and configured this connection to be dhcp as follows:

config interface 'lan'
        option device 'br-lan'
        option proto 'dhcp'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option isolate '0'

config interface 'wan'
        option device 'eth0'
        option force_link '0'
        option ipv6 '0'
        option proto 'static'
        option ipaddr '192.168.3.100'
        option gateway '192.168.3.1'
        option netmask '255.255.255.0'
        option peerdns '0'
        option dns '8.8.8.8 1.1.1.1'

A little progress with this configuration - when I connect to the Beryl over Wi-Fi I have both internet and local LAN access however the internet connection being used is from the Asus but my goal was to use it's local WAN's GSM Modem #2. Also, I can't access the web interface of my modem on 192.168.3.1.

I know that the local WAN on the Beryl works because when I SSH into it and run a "trace route" the connection that's used is the right connection (GSM Modem #2 192.168.3.1) so the design works locally but not for clients connected over Wi-Fi.

I don't know where to go next... I basically need a rule somewhere that routes 192.168.1.x to traffic through the LAN port of the Beryl and everything external through the WAN port.

If anyone has any ideas, I'd very much appreciate the help. Thanks!

It looks like your network clients are getting an address in the 192.168.1.0/24 network via DHCP serviced by the RT-AX92U, correct? This is almost certainly providing the clients a gateway IP address of 192.168.1.1 which means that they will egress through GSM modem 1 or Starlink. The clients do not know that there is another potential gateway (the MT3000 + GSM Modem 2), nor does the main router (AX92U).

Does SSID 2 need to be on the same subnet/network as SSID 1? You mentioned needing to be able to reach the NAS that is on the 192.168.1.0/24 network... aside from that, are there any other reasons you need the two SSIDs on the same LAN? Or, conversely, will any of the other device require internet access via the MT3000?

Does your RT-AX92U support static routes?

Hi psherman, and thank you for your insight.

Indeed - when I connect to the Beryl over Wi-fi I'm getting the following:

   Connection-specific DNS Suffix  . : lan
   Link-local IPv6 Address . . . . . : fe80::67e6:68d3:73c8:4c01%14
   IPv4 Address. . . . . . . . . . . : 192.168.1.154
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

This is a typical assignment that I get when connecting to my Asus router. I already have a multi-wan configuration on SSID #1 (Asus) that works and routes fine except that it's limited to two WAN ports (leaving us with a third internet plan that isn't typically used). My goal for the second SSID (the Beryl) was to serve as a backup internet source for downloads when speed and time isn't a concern. My family consumes a lot of bandwidth and we try to distribute the load as "unlimited bandwidth" truly isn't unlimited, especially when it's over the air-waves.

SSID #2's (Beryl) subnet doesn't need to be the same as SSID #1 (Asus). Out of the box it's actually set to 192.168.8.x however I commented that out when I set lan to be dhcp:

config interface 'lan'
        option device 'br-lan'
        option proto 'dhcp'
#       option ipaddr '192.168.8.1'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option isolate '0'

Right now, the Beryl is being assigned an IP of 192.168.1.132 by my Asus (Beryl's single LAN port is connected to an Asus LAN port). I believe the Asus supports static routes, there is this page and I can also SSH into it and it looks like a typical Linux back-end but I'm not sure what's under the hood.

image985×562 25.5 KB

Finally the only devices that would need internet access via the MT3000/Beryl is over Wi-fi when we have a need for it. This is definitely not a must have situation, as our multi-wan setup works fine - it's just that it would be nice to be able to use our third internet connection from time-to-time, if it's available. Also, I work on the road and do a lot of Teams meetings - having the ability to flip to a different internet connection on the fly is quite useful if/when my primary internet connection flakes out.

Thanks again

I would VLAN bridge the third ISP over to the Asus, use that as a main router. The GL would be essentially a LAN device, it would not hold a wan3 IP itself.

With all the WANs passing through a single router, conventional multiwan and / or policy routing can be used.

Since the main reason for this "unique" physical topology is lack of ports, consider adding a managed switch.

I agree that this is the best option. I don't know if the Asus supports this -- hopefully it does.

Otherwise, you can easily set up a different network that is routed through modem 2 when connected to SSID 2. Since static routes are supported on the Asus, you would setup static a static route there such that the clients on SSID 2 would be able to route to the NAS and other devices on the 192.168.1.0/24 subnet and the return traffic would be able to find its way back to your MT3000 connected devices. In this scheme, though, your regular clients off the AX92U won't be able to leverage the internet connection from modem 2.

That said, neither of your devices are running OpenWrt (your Asus isn't supported, and your MT3000 is actually running GL-Inet firmware, not OpenWrt -- you could run 23.05 (currently in RC2))

So beyond the general advice here, you really need to ask the questions in their appropriate forums:

• Asus support channels/user forums: Does the device support VLANs and can you use that to add additional WANs to the multi-wan configuration.
• GL-inet suport/user forums for all things on that device that weren't covered by the above descriptions (unless you install OpenWrt 23.05 in which case can help you here).

Thanks psherman and mk24,

The constraints I have is that the Asus router supports Dual-WAN only, a third isn't an option and having a separate SSID with it's own internet connection is handy at times. I had asked these questions to the Gl-inet forums and they directed me here. But they did suggest swapping the Asus out with the new Flint v2 router which is much more configurable.

I'm going to table this attempt for now. Thanks for your help and suggestions.

Any router running OpenWrt can use 2+ WANs, so you might consider that, for sure.

in the meantime, if your primary questions have been answered...

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.