SUMMARY: Configure an OpenWrt router to use one radio (5GHz probably) as the WAN link to an upstream network and to pass all traffic via one of the ethernet ports to a second OpenWrt router which works as a standard home router (wired WAN, wired and dual-band WiFi LAN), avoiding double NAT.
I live in a basement apartment without a dedicated internet connection. My only Internet access is via WiFi connection to my landlord's home subnet. I don't have any admin or configuration privileges there, just a standard client connection. I run a personal subnet hanging off that client connection.
Currently I have one OpenWrt router (Linksys EA6350v3 running OpenWrt 21.something) using the 2.4GHz radio as a WAN connection. This works fine, except that leaves me without 2.4GHz WiFi and I have some devices that need it. I also have an unused Netgear R6220 running 23.05.
My plan is to return the Linksys to standard operation (WAN link via dedicated Ethernet port, two WiFi radios and other ethernet ports serving my personal subnet). The Netgear will sit upstream, connecting to the landlord's subnet via one of the WiFi radios, and funneling all traffic to and from one of the Ethernet ports that will connect to the Linksys WAN port.
Ideally, I want the Linksys to receive its WAN IP from the landlord's router, avoiding double NAT. Maybe keep one of the Ethernet ports on the Netgear enabled as a maintenance interface, but otherwise I want it to be as dumb as is reasonably possible.
- How do I do this? Is Poor Man's Bridge the way to go? None of the guides and forum questions seem quite right.
- Is this even a sensible approach to my problem? I've looked into just using one router and plugging a USB WiFi adapter into to act as the WAN link, or leaving the Linksys handling the WAN connection and turning the Netgear into a dumb AP downstream of the Linksys, but I worry about making sure everything on my subnet will talk to everything else.
I'm happy to read docs or forum posts if this has been answered before, but I'm having trouble finding something that addresses my setup.
Thanks for the help.
edit: remove doubled words, close parenthesis.
I don't know if it will work but have you tried 'Adding' a new SSID to the 2.4 GHz radio and bind it to the LAN interface?
fwiw, Linksys EA6350 v3 running Linksys firmware also offers wireless bridge mode (as well as wireless repeater mode), but it is Very slow to boot and connect (2 minutes?).
Otherwise, look at relayd option for the R6220 but it is not without minor issues.
The Poor Man's bridge link you provided requires you to access your landlord's wifi router to place your chosen device into its DMZ btw.
May I ask: why is this important to you?
I have that router too (well, V4 not V3). Can it connect to the 5GHz signal from landlord?
I don't have a great reason, TBH. Double NAT just seems like an unnecessary complication and bottleneck. It may not matter, particularly for the amount of traffic only one person will generate. I don't have the experience to know.
I haven't specifically tested, but there's no reason it shouldn't. I'm not at home right now, so I can't check. The 5GHz signal from the landlord is strong, and my devices that use 5GHz connect to the Linksys just fine. Is that enough information to answer your question, or should I run a test?
the best answer one way is to make the Linksys just one big lan, unmanaged, switch interface.
You would make a br-lan, add both radios and the lanports (should be bundled as one device by default), scan 5GHz, add the landlord's AP and join. Make the 2.4GHz radio an AP (you can add security).
This will use the landlord's device as dhcp server and make your router as dumb as possible and all it's clients really the landlord's router clients..
There will be no wan and no firewall but also no double nat.
If you want to have a subnet and firewall from their network it won't be dumb and will double nat but you get... ...some control.
You can do that if you trust your landlord and all off its guests for 100 % but otherwise setup your wireless uplink as WAN
Just offering options based on OPs criteria.
It is cool that people show that my suggestion is not sanboxed and it is as vulnerable as the IoT devices (or weakest link) on both networks.