Update from 23.05.03 to 23.05.4: the acces point lost the local IP and luci is not reachable anymore

Update with auc to include "full" packages like dnsmasq or wpad, as basic package will bail if encountering more advanced config options from full one.

Since you noted the devices were APs, can you clarify this statement?

Have you tested this yet?

I always did a normal update with keep the settings and had never problems. As mentioned I haven't installed any packages.

Sorry, because I had to reconfig the other ones (which no work as normal with 25.05.4). The last 25.05.3 is a problem, because it is build in and I can't reach the ports. It is a working week and the wlan has to work and 25.05.03 is running flawlessly since a long time. I will try it next weekend.

The devices work only as wlan APs, no WAN, no firewall no dhcp and other services.

You are all over the place with this, where are the firewall or firewalls?

And where is the router and dhcp server in this network.

I think you mean 23, not 25.
ā€œBuild inā€, what do you mean? Like ā€˜build inā€™ in to the wall?

But anyway, since it work with default setup and not with your backup the problem is with the files in your backup, the quickest way to solve this is to start allover with a reset and redo the setup manually.

There is a middle way also, you can open the backup file and manually only take the config files and move only those to the AP and reboot/reload everything and it maybe work better then.

1 Like

You can also try 23.05.3->23.05-SNAPSHOT to see if v23 upgrade problem is solved. I have 7 APs, 4 of them quite far and all updates .3->.4 happened with AUC right away, it is wg for me and AP+iot for family members.

  • Sorry, I don't understand your statement.
  • There is no version 25, did you mean 23?
  • The test was to revert to working 23.05.03 - so now, we'll wait a week for you to revert to the version that last worked for you (unless I misunderstood the quoted statement)

Having to reconfigure 23.05.4 indicated problems with your .3 config. I intended to ask for the config upon failure, but we must wait a week.

I mean 23.05., typing error.
Just tested a backup and restore with 23.05.03.
No problems, luci is reachable.

1 Like

Build in means the AP is build in the floor and if it is not reachable after an update, I have to press a reset button (one hour work).
In the meantime I tried the backup and restore with 23.05.03 and no errors.
Which means the backup file is ok and something is wrong with 23.05.04.

It is only you that have this problem and I guess many have it installed without problems. It could theoretically be a corrupt firmware install, did you check the sha256 checksum before you installed it.

If you have built it integrated in to the house core, then it is your problem if you canā€™t reach it.
I am also a bit curious, what is your longterm plan with this design since electronics physical lifetime can be as long as the first thunderstorm passing by.

1 Like

I think this goes nowhere unless you provide config files you changed. 23.05.x can be up and downgraded in any way imaginable.

2 Likes

It is my second AP in 10 years and I never had to push the reset button.
I just tried the 23.05.04 and it crashed, but I need only 40mins to reach the reset button :-).

I highly doubt you have used OpenWrt for 10years and never used the reset button.
(And donā€™t say you are a pro because pro 19ā€ rack mounted network equipment always have the reset button easy available on the front panel!)

But does that also mean the content of your backup file and config files is 10years old?

How old are the original contents of the backup files and on what OpenWrt version did you actually do the original config?

Do you really think I care even the smallest amount about you doing physical exercises for 40min?

Maybe you had the same problem like me and your firewall input setting has changed through the update to "reject". The you must switch in the failsafemode and fix the file /etc/config/firewall

Thank you, I will try it, when the next update will come. I use the APs only for Wlan and several vlans. The firewall service and dhcp is disabled at startup.

I dont find any mention of firewall in /rom/etc/uci-defaults ie no change would be done even upgrading from 22.03.x - can you check the scripts to implicate some package?

When the system is upgraded, the firewall may be re-enabled (same with dnsmasq). This can cause issues if the configurations are not explict. Specifically

  • With DNS masq and the DHCP server, any active interfaces that should have the DHCP server disabled must include the option ignore '1' line added to the respective DHCP server.
  • And in the firewall, the network interface that is used for managing the device should always be associated with a zone that sets option input 'ACCEPT'. (this can actually be achieved in a few other ways, but this is the easiest and most straight forward).

With the two above conditions met, if the firewall and/or dnsmasq become re-enabled as services, the functional expectations will not change.

As a side note, this is specifically why I personally recommend against disabling those services and instead just setting the explicit config items. Sure, they can be disabled, too, but explicit config settings are the way to ensure that you are never surprised by a service status change. FWIW, those services will be essentially idle and will not impact system performance in any meaningful way.

If the above is what is causing the problem, first boot into failsafe mode, then add the network interface to the lan firewall zone (unless it has been removed) where input should be set to ACCEPT. Then disable the DHCP server by adding that ignore line (if relevant in the OP's config). Then reboot and you should have access.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.