Wifi client mode as 2nd WAN but not network

ewangyan · January 27, 2022, 10:32pm

Try to setup my OpenWrt router with 2 WANs, one is eth0 and 2nd is wlan0. Ifconfig can see both have ip addresses:
eth0: 192.168.4.100
wlan0: 192.168.137.83

ping -I eth0 www.google.com works
but ping -I wlan0 www.google.com doesn't work.

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.4.1     0.0.0.0         UG    0      0        0 eth0
192.168.2.0     *               255.255.255.0   U     0      0        0 eth1
192.168.4.0     *               255.255.255.0   U     0      0        0 eth0
192.168.137.0   *               255.255.255.0   U     20     0        0 wlan0

/etc/config/network
config interface 'wan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.4.100'
        option device 'eth0'
        option gateway '192.168.4.1'

config interface 'lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.2.1'
        option device 'eth1'

config interface 'wwan'
        option proto 'dhcp'
        option metric '20'

/etc/config/wireless
config wifi-device 'radio0'
        option type 'mac80211'
        option channel '36'
        option hwmode '11a'
        option path 'pci0000:00/0000:00:1c.1/0000:02:00.0/bcma0:1'
        option country 'US'
        option cell_density '0'

config wifi-iface 'wifinet1'
        option device 'radio0'
        option mode 'sta'
        option network 'wwan'
        option key 'XXXX'
        option bssid 'xx:xx:xx:xx:xx:xx'
        option encryption 'psk2'
        option ssid 'XXXXXXX'

Update: I added 192.168.137.1 as wlan0's gateway but still doesn't work. I can't even ping 192.168.137.1. Not sure if the wifi is really up or not.

Where I did wrong? Newbie for the network here. Wonder where I can debug further?

ewangyan · January 28, 2022, 5:31pm

Tried connect wifi (client) to another AP which is my main AP/Router 192.168.4.1, connection all fine. I can ping via either wlan0 or eth0. This proves the wifi driver setup is fine.

Seems this is not firewall since I can't even ping 192.168.137.1 which is AP's address.

Routing? Really got stuck here.

lleachii · January 28, 2022, 5:34pm

Of course it doesn't work:

Your gateway is on the other interface.

You can only have 1 gateway under normal circumstances...so what are you trying to do/what is your use case?

Huh???

ewangyan · January 28, 2022, 6:33pm

I try to setup 2 WAN ports. One is on the eth0 which is for most of traffic. The 2nd WAN port is from WIFI in client mode, which hooks up to a wifi hotspot from a Windows laptop. The reason is I am using a VPN service which only has an application (Windows, Mac, etc). So I run the VPN app on a Windows 10 PC and expose it via hotspot. I have tested that sharing VPN via hotspot works as I can connect PC, Mac etc to this hotspot and they all get VPN connection. The OpenWrt's wifi runs as client mode which is the 2nd WAN on my OpenWrt router.

Once this works I plans to setup mwan3 to direct traffic between these 2 WANs based on destination IP address.

lleachii · January 28, 2022, 6:38pm

You likely have to do this first.

ewangyan · January 28, 2022, 8:49pm

Thanks for reply.

I enabled mwan and setup rule that all traffic go to wlan0. Not working. Same as before. Seems nothing can go out from wlan0.

Actually mwan3 also reports wlan0 doesn't work.

Fri Jan 28 12:39:43 2022 user.info mwan3track[2494]: Check (ping) failed for target "8.8.8.8" on interface wwan (wlan0). Current score: 8
Fri Jan 28 12:39:47 2022 user.info mwan3track[2494]: Check (ping) failed for target "208.67.222.222" on interface wwan (wlan0). Current score: 8
Fri Jan 28 12:39:51 2022 user.info mwan3track[2494]: Check (ping) failed for target "208.67.220.220" on interface wwan (wlan0). Current score: 8
Fri Jan 28 12:40:00 2022 user.info mwan3track[2494]: Check (ping) failed for target "8.8.4.4" on interface wwan (wlan0). Current score: 7
Fri Jan 28 12:40:04 2022 user.info mwan3track[2494]: Check (ping) failed for target "8.8.8.8" on interface wwan (wlan0). Current score: 7

Saw a warning:
WARNING: Interface wwan has no default route in the main routing table

wwan has no routing table?

root@OpenWrt:~# ifstatus wwan
{
	"up": true,
	"pending": false,
	"available": true,
	"autostart": true,
	"dynamic": false,
	"uptime": 463,
	"l3_device": "wlan0",
	"proto": "dhcp",
	"device": "wlan0",
	"updated": [
		"addresses",
		"routes",
		"data"
	],
	"metric": 20,
	"dns_metric": 0,
	"delegation": true,
	"ipv4-address": [
		{
			"address": "192.168.137.113",
			"mask": 24
		}
	],
	"ipv6-address": [
		
	],
	"ipv6-prefix": [
		
	],
	"ipv6-prefix-assignment": [
		
	],
	"route": [
		
	],
	"dns-server": [
		"192.168.137.1"
	],
	"dns-search": [
		
	],
	"neighbors": [
		
	],
	"inactive": {
		"ipv4-address": [
			
		],
		"ipv6-address": [
			
		],
		"route": [
			{
				"target": "0.0.0.0",
				"mask": 0,
				"nexthop": "192.168.137.1",
				"source": "192.168.137.113/32"
			}
		],
		"dns-server": [
			"192.168.137.1"
		],
		"dns-search": [
			"mshome.net"
		],
		"neighbors": [
			
		]
	},
	"data": {
		"leasetime": 604800
	}
}

Need to do anything special to set WIFI as WAN instead of LAN?

ewangyan · January 28, 2022, 9:12pm

Added route for wwan but still doesn't work.
/etc/config/network

config interface 'wwan'
        option proto 'dhcp'
        option metric '20'
        option defaultroute '0'

config route
        option interface 'wwan'
        option target '0.0.0.0'
        option netmask '0.0.0.0'
        option gateway '192.168.137.1'

ifstatus wwan
root@OpenWrt:~# ifstatus wwan
{
	"up": true,
	"pending": false,
	"available": true,
	"autostart": true,
	"dynamic": false,
	"uptime": 513,
	"l3_device": "wlan0",
	"proto": "dhcp",
	"device": "wlan0",
	"updated": [
		"addresses",
		"routes",
		"data"
	],
	"metric": 20,
	"dns_metric": 0,
	"delegation": true,
	"ipv4-address": [
		{
			"address": "192.168.137.113",
			"mask": 24
		}
	],
	"ipv6-address": [
		
	],
	"ipv6-prefix": [
		
	],
	"ipv6-prefix-assignment": [
		
	],
	"route": [
		{
			"target": "0.0.0.0",
			"mask": 0,
			"nexthop": "192.168.137.1",
			"source": "0.0.0.0/0"
		}
	],

root@OpenWrt:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.4.1     0.0.0.0         UG    10     0        0 eth0
default         192.168.137.1   0.0.0.0         UG    20     0        0 wlan0
192.168.2.0     *               255.255.255.0   U     0      0        0 eth1
192.168.4.0     *               255.255.255.0   U     10     0        0 eth0
192.168.137.0   *               255.255.255.0   U     20     0        0 wlan0

lleachii · January 28, 2022, 9:47pm

Ummmm yes, you'd make it the main/priority gateway in mwan3 (I'm not familiar with the app for things like this, so someone would have to give that information if you need it)
...instead of LAN??? (I'm guessing you meant "wwan instead of WAN" in that sentence)

ewangyan · January 29, 2022, 1:43am

"instead of LAN" I meant typically the WIFI on a router is an AP. LAN was not right way to describe it. But here I want to use the WIFI as another WAN.

I am stuck here as it seems the wlan0 has IP address but not connect to any where.

mk24 · January 29, 2022, 2:32am

The wwan needs to be in the wan firewall zone (or in a new zone that is set up like wan, including masquerade).

Disable/remove the wired WAN and confirm that you can route everything out wireless.

Then you can go back to a dual setup, which will require a helper application. This use case is more suitable for vpn-policy-routing than mwan3.

ewangyan · January 29, 2022, 4:54pm

Seems this is related to Windows side firewall. The VPN service I have to use only have VPN application for Windows, Mac etc. So I use Windows Mobile Hotspot to expose the VPN connection to OpenWrt router and other devices. I tried other devices hook up to this hotspot. All can surf internet but can't ping anywhere. After disable Windows Firewall as an experiment, at least I can ping 192.168.137.1 which is the hotspot IP address. Still can't ping other places yet but this is something I need to figure out next.

Since the VPN service I use can't setup on router, not sure if vpn-policy-routing can be used. Mwan3 uses ping to detect availability of WAN so without ping fully working, I can't use mwan3 too.

ewangyan · January 30, 2022, 9:01pm

Update: The ping issue is likely Malus VPN specific. Can't ping www.google.com etc even on the Windows laptop once Malus VPN is on. Strangely can ping a few specific sites but resolved IP address I can't find its location, and if ping with Malus VPN disabled I got different IP addresses.

Anyway, should be able to use those special IP address for mwan3's connection detection. Overall the issue is not related to OpenWrt.