Wireless clients unable to browse

Hi everyone,
I'm new to Openwrt platform & devices. I'm facing a few issues in my Openwrt based router & will be grateful & you can help me out. They're as follows -

1. Wireless clients unable to browse when DHCP mode set as NONE - Here I've disabled DHCP sever from router IPv4 settings & enabled static IP on the wireless clients. I've also used dynamic DNS in clients as it's required condition. Wired clients are able to browse in this scenario but wireless clients don't.
2. Unable to browse with Iphone clients when static IP is configured - This problem is limited to iphones only. Here, I've enabled DHCP server in the router, but used static IP & dynamic DNS server on client , just as above. Still, Iphone cleint was unable to browse.
   P.S- Automatic/dynamic DNS is necessary requirement here for both the scenarios.

Here's the router's logs -

root@OpenWrt:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 12:51:C6:8F:4D:41
          inet addr:192.168.31.1  Bcast:192.168.31.255  Mask:255.255.255.0
          inet6 addr: fe80::1051:c6ff:fe8f:4d41/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52 errors:0 dropped:0 overruns:0 frame:0
          TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5551 (5.4 KiB)  TX bytes:7778 (7.5 KiB)

eth0      Link encap:Ethernet  HWaddr D6:D3:54:A9:49:8D
          inet6 addr: fe80::d4d3:54ff:fea9:498d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52 errors:0 dropped:0 overruns:0 frame:0
          TX packets:66 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:6487 (6.3 KiB)  TX bytes:8474 (8.2 KiB)
          Interrupt:124

eth1      Link encap:Ethernet  HWaddr E8:22:B8:73:4F:72
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth1-gmac Link encap:Ethernet  HWaddr 12:51:FD:3C:28:D6
          inet6 addr: fe80::1051:fdff:fe3c:28d6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1964 (1.9 KiB)
          Interrupt:124

eth1.4    Link encap:Ethernet  HWaddr E8:22:B8:73:4F:72
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

home-ap-24 Link encap:Ethernet  HWaddr 6A:22:B8:73:4F:74
          inet6 addr: fe80::6822:b8ff:fe73:4f74/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1363 (1.3 KiB)

home-ap-50 Link encap:Ethernet  HWaddr 6A:22:B8:73:4F:75
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'
        option cwmp_ethlink_instance '1'

config globals 'globals'

config device 'eth1'
        option name 'eth1'
        option macaddr 'e8:22:b8:73:4f:72'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option cwmp_ethlink_instance '2'
        option cwmp_ip_int_instance '1'
        option ipaddr '192.168.31.1'
        option force_link '1'
        option ipv6 '1'
        option delegate '1'
        option mtu '1500'
        option ip6ifaceid 'eui64'
        option cwmp_BridgingBridge_instance '2'
        option ip6assign '64'
        option ip6class 'wan6'

config interface 'wan'
        option cwmp_dhcpv4client_instance '1'
        option cwmp_ethlink_instance '3'
        option cwmp_ip_int_instance '2'
        option defaultroute '1'
        option cwmp_BridgingBridge_instance '3'
        option device 'eth1'
        option proto '464xlat'
        option ip6prefix '64:ff9b::/96'

config interface 'wan6'
        option proto 'dhcpv6'
        option cwmp_dhcpv6client_instance '1'
        option cwmp_ethlink_instance '4'
        option cwmp_ip_int_instance '3'
        option reqaddress 'try'
        option reqprefix 'auto'
        option ip6ifaceid 'eui64'
        option iface_464xlat '0'
        option dhcpv6 '0'
        option device 'eth1'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0t 1 2 3 4'

config switch_vlan
        option vlan '2'
        option device 'switch0'
        option ports '0t 5'

config switch_vlan
        option device 'switch0'
        option vlan '4'
        option ports '0t 5t'

root@OpenWrt:~# cat /etc/config/wireless

config wifi-device 'RADIO_2G'
        option type 'mac80211'
        option path 'platform/18000000.wbsys'
        option channel 'auto'
        option band '2g'
        option htmode 'HE20'
        option disabled '0'
        option txpower '30'
        option rts '2347'
        option beacon_int '100'
        option bgprotect '0'
        option acschecktime '1'
        option short_gi_20 '1'
        option short_preamble '1'
        option country 'IN'
        option vendor 'ralink'
        option hwmode 'none'
        option legacy_rates '1'
        option macaddr 'e8:22:b8:73:4f:74'

config wifi-iface 'PRIMARY_2G'
        option device 'RADIO_2G'
        option network 'lan'
        option mode 'ap'
        option ssid 'Jio_2.4G'
        option encryption 'psk2+ccmp'
        option hidden '0'
        option disabled '0'
        option wmm '1'
        option uapsd '1'
        option wpa_group_rekey '0'
        option maxassoc '40'
        option wps_pushbutton '1'
        option ieee80211k '1'
        option bss_transition '1'
        option ieee80211r '1'
        option macfilter 'disable'
        option dtim_period '1'
        option ieee80211w '1'
        option macaddr 'e8:22:b8:73:4f:74'
        option ifname 'home-ap-24'
        option key '1234567890'

config wifi-device 'RADIO_5G'
        option type 'mac80211'
        option path 'platform/18000000.wbsys+1'
        option channel 'auto'
        option band '5g'
        option htmode 'HE80'
        option disabled '0'
        option txpower '30'
        option rts '2347'
        option beacon_int '100'
        option bgprotect '0'
        option acschecktime '1'
        option short_gi_80 '1'
        option short_preamble '1'
        option doth '1'
        option country 'IN'
        option vendor 'ralink'
        option hwmode 'none'
        option macaddr 'e8:22:b8:73:4f:75'

config wifi-iface 'PRIMARY_5G'
        option device 'RADIO_5G'
        option network 'lan'
        option mode 'ap'
        option encryption 'psk2+ccmp'
        option hidden '0'
        option disabled '0'
        option wmm '1'
        option uapsd '1'
        option wpa_group_rekey '0'
        option maxassoc '80'
        option wps_pushbutton '1'
        option ieee80211k '1'
        option bss_transition '1'
        option ieee80211r '1'
        option macfilter 'disable'
        option dtim_period '1'
        option ieee80211w '1'
        option macaddr 'e8:22:b8:73:4f:75'
        option ifname 'home-ap-50'
        option ssid 'Jio_2.4G'
        option key '1234567890'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option family 'any'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option target 'REJECT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option src_port '547'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled 'false'

config include
        option path '/etc/firewall.user'

config rule
        option name 'ACS'
        option src 'wan'
        option dest_port '7547'
        option target 'ACCEPT'
        option proto 'tcp'
        option enabled 'yes'

config rule
        option name 'mdns_flooding'
        list proto 'udp'
        option src 'lan'
        option dest 'wan'
        option dest_port '5353'
        option target 'DROP'

config rule
        option src 'lan'
        option name 'Allow/Block lan to wan forwarding'
        option family 'any'
        option dest 'wan'
        list proto 'all'
        option target 'ACCEPT'

config forwarding
        option name 'Allow clat ip6 address'
        list proto 'tcp'
        list proto 'udp'
        option src_ip '*'
        option dest_ip '64:ff9b::/96'
        option target 'ACCEPT'
        option enabled 'yes'

config rule
        option name 'Allow-IPSec-AH'
        option src 'wan'
        option dest 'lan'
        option proto 'ah'
        option target 'ACCEPT'

config rule
        option name 'Allow-4500'
        option src 'wan'
        option dest 'lan'
        option dest_port '4500'
        option proto 'udp'
        option target 'ACCEPT'

config include 'miniupnpd'
        option type 'script'
        option path '/usr/share/miniupnpd/firewall.include'
        option family 'any'
        option reload '1'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'
        list addnhosts '/tmp/localurl.conf'
        option nonwildcard '0'
        list interface 'lan'

config dhcp 'lan'
        option interface 'lan'
        option start '2'
        option limit '253'
        option leasetime '8h'
        option ndp 'relay'
        option ra_preference 'high'
        option dns_service '1'
        list dhcp_option '6,192.168.31.1'
        option ra_maxinterval '30'
        option dhcpv6 'relay'
        option ra_lifetime '3600'
        list ra_flags 'other-config'
        option dhcpv4 'disabled'
        option ra 'relay'
        list dns '2409:40f2:2f:2a38:309a:cbff:fea6:1448'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config dhcp 'wan6'
        option ra 'relay'
        option ndp 'relay'
        option dhcpv6 'relay'
        option master '1'
        option interface 'wan6'

I know there might be some stupid mistake since I'm new to this field Pls, have a look into it.
Thanks in advance.

I think you posted on the public forum a private message addressed to "Mike"...

Anyway, is this official OpenWrt, or some derivative?

Hi,
It's a derivative of Openwrt, but all it's configurations are based on Openwrt. I'll be glad if you can point out the problem.
thanks

Ask them, not us, or install proper openwrt.

It appears you are using firmware that is not from the official OpenWrt project.

When using forks/offshoots/vendor-specific builds that are "based on OpenWrt", there may be many differences compared to the official versions (hosted by OpenWrt.org). Some of these customizations may fundamentally change the way that OpenWrt works. You might need help from people with specific/specialized knowledge about the firmware you are using, so it is possible that advice you get here may not be useful.

You may find that the best options are:

1. Install an official version of OpenWrt, if your device is supported (see https://firmware-selector.openwrt.org).
2. Ask for help from the maintainer(s) or user community of the specific firmware that you are using.
3. Provide the source code for the firmware so that users on this forum can understand how your firmware works (OpenWrt forum users are volunteers, so somebody might look at the code if they have time and are interested in your issue).

If you believe that this specific issue is common to generic/official OpenWrt and/or the maintainers of your build have indicated as such, please feel free to clarify.

Hi Frolic,
I completely agree with you that it's not an official Openwrt FW, & hence the customizations are somewhat different than Openwrt. Yet, I would like to highlight that these customizations haven't changed the way Openwrt works, wrt basic functioning (like IP addressing, DNS resolution, DHCP etc).
Therefore, I believe that this specific issue is common to generic/official OpenWrt.
I hope, I'm clear. Thanks in advance.

great, feel free to prove it.

as all routers then, even those running something else than openwrt (and derivates there of).

The problem is that "based on" is not enough, we cannot know how those differences affect the issue you are reporting. For example, I cannot find any documentation about those "cwmp" parameters...

If it works with DHCP it's going to be a client configuration issue.

Statically configured clients need a gateway (the router) and a DNS. A reachable unencrypted DNS server is necessary to for the client to initially look up the IP of an encrypted DNS server. Configuring only an encrypted DNS will not work.

To distinguish whether the client has a DNS probllem or an overall connectivity problem, try pinging a numeric IP such as 1.1.1.1 Reaching a numeric address does not depend on DNS.

Thanks a lot man. That helped me to proceed in the right direction.
Well, I tried to explore various possible configurations & found a simple solution for both the scenarios -

1st Scenario - Just by removing the default gateway, wireless clients are able to browse. Here DNS queries get resolved at the WAN.
2nd Scenario - Enabling Default Gateway, wireless clients are able to browse. Here, DNS queries are resolved at the router only.

thanks.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.