Wrt3200acm-Bridged connection to guest wifi

So I have a main modem/router that supplies my internet etc. (1st modem/router). My Linksys wrt3200acm router (2nd router) needs to be able to connect to it on its "GUEST NETWORK which is open no security" via WiFi (5ghz radio) and then be able to forward/bridge needed "original guest login page etc.", to my main network (on 2.4ghz radio).

I have gotten this to work on ddwrt firmware, but somewhere down the line, something, probably dumb and small changed. When issues first happened I could connect like normal to network via ( 2nd router) but no internet, without first establishing a connection to NordVPN (My VPN provider). Before, it didn't matter what device connected to the (2nd router) it would ask for guest network login credentials just as if it were connected to the (1st modem /router) hardware provided by my isp.

Upon first noticing the issue I was no longer able to view my plex media server I made for movies etc., It would always say it had no internet connection blah blah blah. Then after a while, I was no longer able to get on internet with any device. Probably when I was trying to figure out the plex media server not being able to connect to internet.

I decided that since my device had so many problems or unfixed bugs with dd-wrt, that I should switch n learn a new firmware that "just fukkan works tbh!" (Pardon meh French!) I can configure my wrt3200acm to work with my cellphone hotspot, pretty much has everything I needed like before. Internet, local intranet with plex server, files can be shared. But... If I try to just swap the client network that's being connected, to the network that exists from my modem router provided by my isp......

It does not show a login page for my devices to see or provide any infobfo login, and if I do somewhat get it to connect with any device . Any of those devices need to to have my NordVPN app/software installed in order to resolve some sort of limited connectivity issues . I will also say, if I do get it half ass working with the (connect first, then have to use a VPN to get to internet method, I also never see the guest login captive portal from my isp device/modem, it will just connect to internet and work nicely in that aspect lol.

I feel like something in my mid tells my it has something to do with dns settings or dns authorive, or dnsmasq settings . I say this, bc at one point I could connect to (2nd router) and had 8.8.8.8 set in one of the dns settings somewhere on ddwrt, but could do Google searches all the time . But the moment I clicked on a website from search results it was right back to "page cannot be displayed".....

I'm feeling like this is a simple thing I'm overlooking as I've gotten it to work before. But now that I'm on a new firmware, that I also believe is making leaps and bounds over what maybe considered a upscale firmware. I don't know really where the settings are for each area, and find myself trying slot of things that seem similar to what I had before, but to only have to reboot/ erase settings on my wrt3200acm back to defaults and go back to the drawing board

This issue had made me do angry and not only upset myself, but my own family as well since it has also "cockblocked" the home media server with all the kids; shows, movies etc. As well as the wifes ; TV shows, or new movies I add etc. As you can see I would to have this working again and feel like I'm possibly just overthinking things or missing something simple .

Could anyone chime in on this please !?!

@Nickelz34, welcome to the community!

To be honest, I cannot follow:

• when you started using OpenWrt
• why
• the actual problem you're having on OpenWrt now

I'm guessing you still want to make a guest WiFi bridged upstream?

Can you show us your configs?

• /etc/config/network
• /etc/config/wireless
• /etc/config/firewall

I have the router config settings erased right now so everything is at defaults. I'm at work so when I get off later in 6 hours or so I'll take a look at it.

And making the other modem / routers (router 1) already created and working guest network bridged upstream sounds right. How should I go about this and will it give me the other modem/ routers guest login portal etc?

So like I said before I'm sitting here with the router erased at default settings and can't come up with a plan for this situation...

My previous op and only other reply ,explains clearly, what I need to figure out. I appreciate any and all available help in this situation.

Happy New Year everyone!

Thanks again!

Why do you have the OpenWrt device? what is it intended to provide for you? Is it just a range extender? Is it providing a firewall for certain devices??? Since you're keeping the upstream ISP device in the loop here... Why can't you just connect your client devices to the upstream ISP device?

I think once we understand this question, then it's easier to figure out what to do with the OpenWrt device.

Read the message @lleachii posted, and try to answer his questions. I also couldn't follow your posts here.

You have not explained clearly what you're needing to figure out. As you reply, try to expound on:

• what you mean by "login portal" - do you mean the ISP's public WiFi AP?
  • if so, why don't you use your provided AP?
• if your devices work with OpenWrt default settings
• what you're doing when it stops working
• as many details as possible about this no Internet situation
  • this time, please be clear if the issue is running OpenWrt or another firmware
  • details on the upstream router (e.g. its IP assingement) and why you're not using it
• more details on this guest and upstream connection you desire
• details on what network the media server and family exists on and how you previously set it up (e.g. firewall, IPs, etc.)

EDIT: It really sounds like you're trying to use your ISP's public WiFi AP - then connect through it to devices in the customer LAN. For security reasons, that obviously shouldn't work. If it did before, that was a security flaw in your ISP's router firmware.

For some reason I am just now seeing all of your replies sorry , idk why it showed only one reply for a bit there .

Anyways device 1 is at my brother's house next door . It is the standard wireless modem/router he got from his ISP. He has a main wireless network both 2ghz and 5ghz. Then he enabled the guest network on the device . Both 2 ghz and 5 ghz.

Now I could just login to his guest network from any device in my home. It will bring up a standard captive portal for me to login with credentials, that all works fine.

What I am trying to do is make my wrt3200acm connect to his guest network via the 5ghz radio in client mode. Then bridge it to my 2ghz radio setup as my house access point.

I used to do it with dd-wrt firmware, but something went wrong after while. I don't know what really. So I decided that since I could not longer get it to work on dd-wrt, and dd-wrt had so many issues or bugs with my hardware, that it may work better on openwrt firmware.

The way it used to work was perfect . I could pull out my laptop and try to get on the internet, the captive portal page from my brother's guest network would ask me to provide login credentials . Once I typed in correct login info , it would say success in a pop-up and I was online with all devices in house.

I've tried to setup the wireless and use 5ghz radio to connect via client mode and it will connect . But I'm not doing something right as it doesn't ever show the captive portal login page thus also never gets a internet connection. It just says it's associated and whatnot. Maybe I'm not bringing it right or it's a firewall / dns setting problems IDK.

So I've erased my wrt3200acm settings back to fresh defaults nothing changed but created a password etc . at beginning. I was hoping maybe someone could give me an idea of where to start etc with fresh default settings .

@lleachii

You have not explained clearly what you're needing to figure out. As you reply, try to expound on:

• what you mean by "login portal" - do you mean the ISP's public WiFi AP?
  • if so, why don't you use your provided AP?
• if your devices work with OpenWrt default settings
• what you're doing when it stops working
• as many details as possible about this no Internet situation
  • this time, please be clear if the issue is running OpenWrt or another firmware
  • details on the upstream router (e.g. its IP assingement) and why you're not using it
• more details on this guest and upstream connection you desire
• details on what network the media server and family exists on and how you previously set it up (e.g. firewall, IPs, etc.)

EDIT: It really sounds like you're trying to use your ISP's public WiFi AP - then connect through it to devices in the customer LAN. For security reasons, that obviously shouldn't work. If it did before, that was a security flaw in your ISP's router firmware

• So what I mean by login portal is : The portal that is usually displayed when I connect to the dual band guest network. It is setup on the main modem / wireless router provided to my brother's home next to me. My brother also has his own private dual band network on this same device .

And yes all my devices work fine in my home when connected to my wrt3200acm router. I can even setup a hotspot on my phone that my wrt3200acm connects to in client mode wirelessly and once bridged it correctly provides internet to the other radio which is in wireless AP mode.

• The router at my brother's house has a up assignment as such:

Default Gateway -192.168.103.1
Dns 1- 192.168.103.1
Assigned IP- 192.168.103.17

The router at my house is setup like so:

Default Gateway - 192.168.0.1
Dns - Blank ( I have tried to enter the 192.168.103.1 dns from my brother's device with no luck)
Assigned IP- 192.168.0.101

• As far as my server on my network :
  It is setup on a static IP address 192.168.0.20
  It is connected to the router via cable connection on port 2.

• and to answer your last question:

I'm not trying to connect with my devices via public guest AP to access things on the customer LAN ( my brother's private network) .

That's why we setup the guest dual band network. As I didn't want to have any access to his own LAN or devices, just a connection separate from his private network that could provide my wrt3200acm internet access, which then is broadcast to my own home and devices etc.

Edit: Sorry I'm just getting off work and trying to think of everything you asked lol. My phone for replying isn't helping me either with stupid auto correct .

I will add more detailed information with screenshots when I get home on my laptop which will be connected via cable to my wrt3200acm

Ok here is a image of what my connection looks like, connected directly to the 5g guest Network from my brother's house.

IMG_20200103_0142551440×2560 768 KB

Usually I just have to turn on my wifi on phone, and it will show my list of Available Networks. I will select my brother dual band guest network. Then after a few seconds I get a pop-up saying to sign in to this wifi network. Once I type credentials I can get in to guest network with internet access.

Occasionally after some time has passed, like 2.5 weeks or less, I will be prompted to relogin again, with the captive portal login page for my brother's guest Network. This situation is depicting nothing but my phone connecting to the wireless guest network directly at my brother's router / modem provided by his cable ISP.

Now I will say for sure (when it was working of course), that when wireless client connections to this access point were made from my wrt3200acm at my home. They behaved in the same manner. Meaning occasionally, it was like a lease expired after some time, and one of my devices in home would get the guest Network login screen/page while trying to access a webpage ( got redirected) .

BUT..... After whatever device (seemed like the phones usually got page to login first when it was time ) logged into the guest network captive portal (that was bridged wirelessly from my brothers router/ modem from ISP, to my own wrt3200acm in my home ), then all my devices where able to connect to internet and view web pages etc . Like just one device had to complete the login and it reset the lease time for internet access on the whole network for however long .

My main purpose for this device (wrt3200acm) is for my own private network that does include a server assigned with a static IP on the same subnet of all the other devices in my home. The server provides plex media to all TV's in "MY HOME" not my brother's. He has no access to my devices, I have no access to his etc. The only purpose of his guest Network, from his ISP provided router / modem hardware is to give my network nothing but a glorified internet connection via a client connection on one of my radio bands (either 2.4 or 5 ghz), the opposite unsused band would be setup as the wireless access point broadcasted to " my own home devices "

I simply love the functionality without the headache that openwrt has since I've flashed it . It has software packages for the device and a million other things all placed into a actual (what seems to be) almost bug-less web interface that actually works the way it should.

When the network went down for whatever reason, my wrt3200acm was on dd-wrt, I have been through the ringer on that firmware trying to compensate for things that........ Just should work ... Period .... TBH....

It's like they are not able test the firmware they provide for their decices, but ...... It looks good lol

It's really hard to follow you in this extended story format. It took a lot to understand what's not working, especially when you skipped over my solution.

• Let's try this again - The Login - I assume now that you're logging into an ISP guest hotspot running at your brother's house
• I asked you this already

I explained why. And you explained why:

• Then, in your next response (perhaps just one sentence long) - only explain what's not working.
• Do you actually have a problem?

(It sounds like you want OpenWrt to fix the captive portal login problem...on the other router?)

The dns is given to the guest network on my brother's device he has a separate assigned dns on his own network on same hardware .

I remembered that when this worked before with wrt3200acm connected as a client it would show this dns address . So it was simply myself trying to figure things out or trying everything I could think of.

Idk if i I said this before, but his device broadcasts 4 networks . 2- 5ghz networks , one for his own use and one for guest network. Then 2 - 2ghz networks one for his own use and one for guest network.

When you scan for example it looks like this

Cgnm-8433
Cgnm-8433 5g
^^^^^^
These are his networks with their own ip subnet and different dns totally separate from the guest network. i believe that when we set this up his default gateway was 192.168.1.1 or 192.168.0.1.

Guest network on same device is on its own ip subnet for my own use cases .

Nfhd-8432
Nfhd-8432 5g

This is the network I connect to for internet . Which has a subnet like this 192.168.103.1, which when I had this working this address also showed up in dns settings. Hence why I tried to manually input it earlier like I was saying.

I do not want to connect to his hardware with all my devices directly. Just one device (my router) that turns around and just shares the internet on its own created network.

I don't understand why the captive portal doesn't come up and maybe since you've brought it up it is something to do with his hardware. But the thing that's frustrating is that if I setup the wrt3200acm in client mode on one radio to connect to the guest network it will say associated / connected . If I bridge it to 2nd radio setup as a access point it will then give all signs of having internet access. When my devices try to connect and become connected the bottom system tray icon says "connected - internet access".

But I really don't have any access to internet, just my own network, and devices . So then I try to load up a VPN, if I load up NordVPN on any device in (my network) it will connect and instantly give internet access to just that device.

Maybe I can just bypass the whole guest captive portal login by setting up NordVPN directly on the router so the WAN can get a connection to share with the whole network in my home idk.

I don't have explicit access to his hardware other than with what I am given to access it via wireless. So I can't exactly just go ask for him to login to his hardware via his main network to look at settings on device etc.

So all in all , I need internet to connect somehow on this thing . I'm open to any and all suggestions and understand I have a oddballish network setup sorry for any confusion.

Edit: is there a way to force a captive portal page to load if not then is there ways to set things up going around it ? For example Mac cloning of devices currently connected directly etc .

I assume you can't use a wire? because if he's downstairs or something you are likely to get better results running a wire.

one thing you should know about the wrt3200 is that the drivers are no longer being developed as the manufacturer abandoned them. sometimes the device gets quirky with it's wifi.

I understand you want your wrt device to connect to his device. Is it possible to get rid of that captive portal on his device? those suck, their entire purpose is to keep you from getting on the net unless to acknowledge them.... if not, then can you at least connect one of your devices to that network and see if the captive portal does come up?

Yeah I would love to have it hardwired with a totally different setup. He is next door in a whole different house, and he would also... most likely deny me plotting.... to somehow ...run anymore wires through or out of his house lol.

You are absolutely correct about the drivers on my device . In the past I've had to do things like disable USB 3.0 and the 3rd radio used for radar detection etc. Then most issues disappeared when it came to WiFi dropouts etc.

When we first setup the guest network I did look extensively for options to get rid of the damn portal and just password protect the dual band guest network . I came up empty handed , there was no options to get rid of it completely.

And yes I'm on my phone right now connected directly to the guest network setup on his hardware. Last week the power went out, and when it came back on my phone showed the captive portal login page and I logged in successfully. Since that initial login my phone just connects right away no captive portal. I assume it's added my Mac or some other info about my device to a whitelist with lease that expires in some amount of time.

ok, I'm understanding more about what you want to set up. and I understand you have your wrt device associated as client to your brothers network. but now your devices don't see the captive portal and so they don't get on the net.

Can you ping from the wrt device itself to something on the net, like Google.com? or is it only client stuff on your WiFi that can't get network access?

No ping to Google at all, but if I manually enter 8.8.8.8 for dns . I can do Google searches all day lol. If I click a site in search results it does not display.

If I click on update software lists in Luci ui I also get errors explaining there's no connection or could not resolve.

Edit: I'm following these instructions for the settings

https://openwrt.org/docs/guide-user/network/wifi/connect_client_wifi

Which I will say worked great with my phone in a test where I setup a hotspot to connect to instead of my brothers network hardware.

I used a direct cable connection when I tried this , did not setup a wireless AP.

I'm wondering if I am missing something stupid in some sort of setting that is not included in the guide, that would apply more to my situation.

Well, that certainly sounds like you're on the network, but don't have your DNS set up properly.

I suggest to log into LuCi, go to Network > DHCP and DNS and set up 1.1.1.1 and 1.0.0.1 as your "dns forwardings". These are like the google 8.8.8.8 but more privacy oriented, from cloudflare (with independent audits verifying that they don't log DNS lookups etc)

Ok I will try this asap soon as I'm off work, prop like 8 hours or so for tonights shift. Just to be sure, I'll erase current config and resetup from fresh default settings with dns info you have given. Thanks for the help so far guys sorry for any confusion .

Before you go resetting to defaults, just input those DNS numbers and see what happens... you might introduce a different problem when you re-set-up.

If it works with the new numbers... then take a backup of the config, and try resetting and reconfiguring from scratch to get the minimal config. If things go wonky you can at least restore from the config backup.