WAN doesn’t take DHCP

Hi guys, new here, hope I’m not doing something wrong.
I have an Arcadyan AR7516 Bright Box Router. I installed the last 19.07.1 firmware. I planing to use it with a 4G LTE usb modem(Huawei).
For the beginning I want to try WAN on cable, directly connected to my personal router.
I setup everything but guess what, no internet.
I wanted to attach a txt with setups but because I don’t have internet on Box It may take a while..

image

Jizs Christ! I cannot put more then one picture , txt file!!! I mean, come on!!!

It is highly likely that there is an ip address conflict. Try changing the openwrt lan address to something else in a different subnet (for example 192.168.5.1). Then try the dhcp process again.

The chain from internet is this: ONT(bridge)- myRouter Dhcp(192.168.100.1) - OpenWrt(192.168.2.1).
Where should be the problem? I know is double Nat somehow but that’s not block internet totally...

It appears that this is a DSL modem/router, so the WAN is configured for the DSL connection (which you are not using). So, you'll have to separate out one of the LAN ports to act as a WAN. Assuming the hardware supports it, you can do this either via LuCI (Network > Switch), or by ssh using UCI commands or editing the /etc/config/network file.

Copy the text from your terminal then paste it into the forum with code tags. It is much easier to read and there is no limit.

The CPU switch port (likely 0) needs to be tagged in both VLANs, e.g. option ports '0t 1 2' and option ports '0t 3'

Name the new WAN network 'wan' not 'WAN' there is a difference (it is already 'wan' in the firewall configuration). Always use lowercase for network names. This is really confusing because LuCI converts them to uppercase.

1 Like

I do that from the beginning. From four port, three are LAN and one is WAN

NETWORK:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdcb:4ca7:0ad0::/48'

config interface 'lan'
	option ifname 'eth0.1'
	option type 'bridge'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option stp '1'
	option ipaddr '192.168.2.1'

config switch
	option name 'eth0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'eth0'
	option vlan '1'
	option ports '0 1 2'

config switch_vlan
	option device 'eth0'
	option vlan '2'
	option ports '3'

config interface 'WAN'
	option proto 'dhcp'
	option ifname 'eth0.2'
	option force_link '1'

FIREWALL:


config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'lan'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	option family 'ipv4'
	option network 'WAN'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fe80::/10'
	option src_port '547'
	option dest_ip 'fe80::/10'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

config rule
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config forwarding
	option dest 'wan'
	option src 'lan'

DHCP:


config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'
	list server '8.8.8.8'
	list server '8.8.4.4'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'

Thank you for support. I reset the OpenWRT and setup again all parameters with your instructions. Now works like a charm.
Now, I want to add a USB Modem to be the main WAN or to work like a failover. Should I open new thread?

Yes, you should.

2 Likes

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.