Wifi Extender Bridge

mrutilman · February 25, 2019, 8:31pm

Hello guys.
I have upstairs the main router (Swisscom Box) with fiber internet.
Down in the basement is me with a TP Link C7 Router with OpenWRT flashed.
My wish is:
I want to connect with the OpenWRT Router in the basement to the Swisscom Box Main Router, because of what?
I have downstair some servers. My wish is, to connect these servers to the same network as the main router becuase of what? I want to reach the server from outside over the internet. Is there any chance or is it physicaly not impossible?
I tried now for 24 hours many times, i used this guide for example:
https://openwrt.org/docs/guide-user/network/wifi/relay_configuration
The good use is: I see the Swisscom Box Router Icon on my Computer, i can click it but when firefox opens it loads and loads, i even don´t know why i can not any more connect to any router, not the extender and not the main router.

Im totaly confused and ask you kindly to support me if you have ideas.
I´m not a professionel, just basics
Greetz utilman

jeff · February 25, 2019, 8:40pm

Before chasing down configuring a wireless bridge, is it possible to run Ethernet cable, or to use, for example power-line modems?

If not possible, we can help with something that will work for you. It is much easier if they can be on a different subnet and just set up routing, which seems to be the case from "I want to reach the server from outside over the internet."

mk24 · February 25, 2019, 9:02pm

If you can't run cable, make your C7 a client of the main router, and forward the ports twice: first through the main router to the C7 then again through the C7 to the server itself.

mrutilman · February 25, 2019, 9:15pm

@jeff
No, that is not possible, its such an poor old house that the ways wo drag a cable downstairs is not well seen by the owner of the building. I tried electric repeater but they did not want to connect i think its because the grounding is not the same or the neutral , what i mean the electric circuit they are different. Yes, I know i would also like to have a direct CAT6 connection but thats not going at the moment.
@mk24
i thought as well this option would work, i will try it again. But the IP´s between main router and repeater are different. Or how should i set the IP4´s, gateway and subnet mask for both routers? That´s so weird for me to understand, i am only an electrician, IT is something i wish i could understand. But okay I will give me an other try

Btw: I have also an TP Link Archer MR 200 with LTE and LEDE installed on in my basement, problem is that he only solve 100Mb/s and the TP LINK C7 1 Gig/s what i use because of the local data transfer between Servers and Computer. Would this work better for me? For example:
All local devices such as Servers, PC (everything in the basement) connect to the C7. I get 1Gig/s. And connect then the LTE Router in the WAN Port of the C7.
ONLY PROBLEM: I think my operator (Yallo/Sunrise) has closed the ports on the Sim Card because it was once a SIM Card not for internet, it was used in my cell phone. So This option wont work i think.

Thank you so far for your help.
I will try out now.

Greetz

utilman

mk24 · February 25, 2019, 9:40pm

The IP ranges do need to be different.

(Public IP) [wan]Main routerlan <---wifi---> (192.168.1.2)[wan] ArcherC7 lan <--ethernet cable Basement LAN --> (192.168.1.2) WWW Server

Consider in this example the server in the basement serves regular https on port 443(TCP). This port should not be in use on either router, so no complications there. In the main router forward external port 443 to 192.168.1.2 port 443. Then in the Archer C7 forward WAN port 443 (which is the wifi from the main router) to 192.168.2.2 port 443.

jeff · February 25, 2019, 9:44pm

I was thinking along the lines of:

"Downstairs" router
- 192.168.0.2 -- wireless client of "Main" router
- Has 10.0.0.0/24 attached on 10.0.0.1
- Server is on 10.0.0.123
  - Has default route via 10.0.0.1
  - Gets its DNS from wherever is appropriate
- No NAT, just "standard" routing
"Main" router
- 192.168.0.1/24
- Forwards public:443 to 10.0.0.123:443
- Has static route to 10.0.0.0/24 via 192.168.0.2

mrutilman · February 25, 2019, 10:43pm

Oh my god, i am still confused, but seems like there is a solution and that makes me happy.

Which solution should i try out?
And I´m now connected via 5GHz between both routers and i have internet access. Should i better use 2,4GHZ or is it not importent?
Okay i try out now...
I am not sure if i understand the x.x.x.x/24 thing, what does it mean for me?

___UPDATE:

Ok Main Router IPv4 adress is set to 192.168.0.1, subnet mask 255.255.255 and DHCP range: 192.168.0.20-192.168.0.161
Downstair Router IPv4 adress is set to 10.0.0.1
1x Test Server is configured with static ip adress 10.0.0.123, Subnet mask 255.255.255.0 and Gateway 10.0.0.1, can connect local via my PC
Downstairs PC IPv4 adress: 10.0.0.208, subnet mask: 255.255.255.0, getaway: 10.0.0.1

Downstairs Router (OpenWRT)

---- Next Problem: when i go into the main router and try to forward the 443 Port like this:
Name: SSL Forward
Incoming Port: 443
Outgoing Port: 443
Destination adress: 10.0.0.123 --- I get an error: The IP is outside of the valid adress zone.

mrutilman · February 26, 2019, 12:01am

I´ve made it!!!!!!

Willy · February 26, 2019, 12:03am

Can you explain it, please?

mrutilman · February 26, 2019, 12:25am

Yes of course, I´ll try it!

Main Router IP4 Adress: 192.168.0.1 on subnet 255.255.255.0 and DHCP range between 192.168.0.2 -192.168.0.161
In the Main Router I enabled the DMZ to the Basement Router.
Also i set Port forward 443 to the Basement Router OpenWrt.
And Static Route: Destination Network 192.168.2.0 with Subnet Mask 255.255.255.0 forward to the Basement Router OpenWrt (192.168.0.28) (!! But i think this doesn´t matter! Not sure!)

So far so good for the main router upstairs.

Downstair Router OpenWrt
I go to Interfaces/Lan and change Lan IPv4 adress to 10.0.0.1 and subnet mask to 255.255.255.0 and Interface-Lan Firewall to "lan"
I created a 5GHz WLAN by scanning and connect to my Main Router.

Overview of the Basement Router Interfaces:

LAN

Type: Bridge
Device: br-lan
Connected: yes
MAC: B0:BE:76:23:6C:0C
RX: 26.37 MB (47816 Pkts.)
TX: 38.79 MB (52664 Pkts.) ( Type: Software VLAN
Device: eth0.1
Connected: yes
MAC: B0:BE:76:23:6C:0C
RX: 26.46 MB (49754 Pkts.)
TX: 38.79 MB (52664 Pkts.))
br-lan

Protocol: Static address
Uptime: 1h 4m 32s
MAC: B0:BE:76:23:6C:0C
RX: 26.37 MB (47816 Pkts.)
TX: 38.79 MB (52664 Pkts.)
IPv4: 10.0.0.1/24
IPv6: fda3:d774:87db::1/60

WAN

Type: Software VLAN
Device: eth0.2
Connected: no
MAC: B0:BE:76:23:6C:0C
RX: 0 B (0 Pkts.)
TX: 448.06 KB (1337 Pkts.)
eth0.2

Protocol: DHCP client
MAC: B0:BE:76:23:6C:0C
RX: 0 B (0 Pkts.)
TX: 448.06 KB (1337 Pkts.)

WAN6

Type: Software VLAN
Device: eth0.2
Connected: no
MAC: B0:BE:76:23:6C:0C
RX: 0 B (0 Pkts.)
TX: 448.06 KB (1337 Pkts.)
eth0.2

Protocol: DHCPv6 client
MAC: B0:BE:76:23:6C:0C
RX: 0 B (0 Pkts.)
TX: 448.06 KB (1337 Pkts.)

WWAN

Type: Wireless Adapter
Device: wlan0
Connected: yes
MAC: B0:BE:76:23:6C:0B
RX: 21.74 MB (24627 Pkts.)
TX: 18.97 MB (21668 Pkts.)
Client "5GHZ Schlampen"

Protocol: DHCP client
Uptime: 0h 25m 49s
MAC: B0:BE:76:23:6C:0B
RX: 21.74 MB (24627 Pkts.)
TX: 18.97 MB (21668 Pkts.)
IPv4: 192.168.0.28/24

Here comes the Overview in Basement Router OpenWrt:

Status

System

Hostname

OpenWrt

Model

TP-LINK Archer C7 v5

Architecture

Qualcomm Atheros QCA956X ver 1 rev 0

Firmware Version

OpenWrt 18.06.2 r7676-cddd7b4c77 / LuCI openwrt-18.06 branch (git-19.020.41695-6f6641d)

Kernel Version

4.9.152

Local Time

Tue Feb 26 00:24:15 2019

Uptime

1h 5m 58s

Load Average

0.02, 0.03, 0.01

Memory

Total Available

97836 kB / 125272 kB (78%)

Free

95220 kB / 125272 kB (76%)

Buffered

2616 kB / 125272 kB (2%)

Network

IPv4 Upstream

Protocol: DHCP client
Address: 192.168.0.28
Netmask: 255.255.255.0
Gateway: 192.168.0.1
DNS 1: 192.168.0.1
Expires: 23h 33m 7s
Connected: 0h 26m 53s

Device: Wireless Network: Client "5GHZ Schlampen"
MAC-Address: B0:BE:76:23:6C:0B

IPv6 Upstream

Protocol: Not connected
Address: ::
Gateway: ::

Device: -

Active Connections

45 / 16384 (0%)

Active DHCP Leases

Hostname

IPv4-Address

MAC-Address

Leasetime remaining

SRV01

10.0.0.176

00:11:32:78:C3:38

10h 38m 31s

Active DHCPv6 Leases

Host

IPv6-Address

DUID

Leasetime remaining

SRV01 (SRV01.lan)

fda3:d774:87db::a83/128

0003000100113278c338

10h 54m 38s

Wireless

radio0

Type: Qualcomm Atheros QCA9880 802.11ac
Channel: 100 (5.500 GHz)
Bitrate: 6 Mbit/s

SSID: 5GHZ Schlampen
Mode: Client
BSSID: B0:BE:76:23:6C:0B
Encryption: WPA2 PSK (CCMP)
Associations: 1

radio1

Type: MAC80211 802.11bgn
Channel: -
Bitrate: -

Associated Stations

Network

MAC-Address

Host

Signal / Noise

RX Rate / TX Rate

Client "5GHZ Schlampen" (wlan0)

A0:64:8F:83:90:19

?

-50 / -99 dBm

780.0 Mbit/s, 80MHz, VHT-MCS 5, VHT-NSS 3, Short GI
6.0 Mbit/s, 20MHz

I will put next days some photos to this post to really not forget any detail.

Thank you guys for suporting me and helping me. I´m very very very glade now .

ease to all the humans and nature

Greetz,
utilman

And here comes the proof my Server is accessable from the internet : https://mayramax.internet-box.ch

Willy · February 26, 2019, 12:41am

Thank you. Interesting trick.
Can any "Guru" confirm that this is the only reason it works?
Thanks in advance

mrutilman · February 26, 2019, 1:16am

Hello again.
I tried disable DMZ and it still works. So it´s not the DMZ.
I will try to find out what´s the importing thing to make it run.
It´s also not the static route in the Main Router how connects to the basement router IP adress

Greetz
utilman

Hegabo · February 26, 2019, 8:40am

@mrutilman
Try to void displaying your MAC addresses and your public IP online. It's a good security practice.

Also there is on need to sign your posts, as per
https://forum.openwrt.org/guidelines#keep-tidy

system · March 8, 2019, 8:40am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.