OpenWrt Forum Archive

Topic: HOWTO: WL-520Gu 2.4 Client bridge (managed mode)

The content of this topic has been archived on 16 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
lizby
31 Dec 2009, 05:23

Here is the configuration which works for me to make a WL-520gU associate as a client to my AP.  Not everything is tested, but a web page created on the router with 'echo "<html><body><p>Hello, World from wl62</p></body></html>" > /www/hello.htm' is accessible from another PC wirelessly connected to the AP, that PC can ssh into the WL-520gU, the router is successful with "opkg update", and is successful with "ping www.google.com".

This is with trunk, r18957, and the 2.4 kernel.

Thanks to rjw4 in this thread: https://forum.openwrt.org/viewtopic.php … 589#p99589

And hscottm on this one: https://forum.openwrt.org/viewtopic.php?id=22644

And to many other postings which pointed the way but weren't quite there in terms that I could understand.

/etc/config/wireless

config wifi-device  wl0
  option type     broadcom
  option channel  6

# REMOVE THIS LINE TO ENABLE WIFI:
#    option disabled 1

config wifi-iface
  option device   wl0
  option network  lan
  option mode     sta
  option ssid     Omnibus0
  option encryption none

/etc/config/network

config 'switch' 'eth0'
  option 'enable' '1'

config 'switch_vlan' 'eth0_0'
  option 'device' 'eth0'
  option 'vlan' '0'
  option 'ports' '1 2 3 4 5*'

config 'interface' 'loopback'
  option 'ifname' 'lo'
  option 'proto' 'static'
  option 'ipaddr' '127.0.0.1'
  option 'netmask' '255.0.0.0'

config 'interface' 'lan'
  option 'type' 'bridge'
  option 'ifname' 'eth0.0'
  option 'proto' 'static'
  option 'netmask' '255.255.255.0'
  option 'dns' '192.168.1.1'
  option 'gateway' '192.168.1.1'
  option 'ipaddr' '192.168.1.60'

/etc/config/firewall

config defaults
option syn_flood    1
option input        DROP
option output        ACCEPT 
option forward        DROP

config zone
option name        lan
option input    ACCEPT 
option output    ACCEPT 
option forward    ACCEPT
option masq    1 

config zone
option name        wan
option input    ACCEPT
option output    ACCEPT 
option forward    ACCEPT
option masq    1 
option mtu_fix    1

config forwarding 
option src      lan
option dest     wan
 ...

Essentially, I have done away with the wan connection (might need it for other devices plugged into the router, but how do that without losing what I have?).  I'm not sure that the firewall settings are needed or are safe.  In particular, I don't know if the wan settings have any significance in the absence of wan in network or wireless. 

Any suggestions for cleaning this up or extending it would be welcome.

(Last edited by lizby on 5 Jan 2010, 17:45)

Post #2
rjw4
31 Dec 2009, 18:59

Good deal.  Thanks for posting.  This looks like an unrouted client bridge, since you're bridging the wifi to the lan side instead of to the WAN side.

Post #3
lizby
31 Dec 2009, 20:28

>This looks like an unrouted client bridge

I think this means, effectively, that devices plugged into the client router do not have access to devices on the other side of the wireless link, even if they have static ips in the same network and "dns" and "gateway" set.  That is the behaviour I have seen so far, which does not matter for my primary purpose, but internet access would be nice to have.

If anyone can suggest how to achieve this while maintaining the present functionality, that would be appreciated.  Also, my setup omits port 0.  What is that for and could I just add it to the "option ports" line?

(Last edited by lizby on 31 Dec 2009, 20:29)

Post #4
lizby
5 Jan 2010, 17:43

The problem of devices plugged into the router not having access to the internet is fixed by adding masquerading to the lan zone in /etc/config/firewall by adding the line "option masq    1".

I have edited the original post to include this.

This has also enabled pinging and access between devices on either side of the wireless bridge.

The discussion might have continued from here.