FYI
with r41401 the homegroups are visible..
I love OPENWRT.
Now my bridge is running perfect..
Topic: Repeater configurations here! Both ways, bridged and simple repeater
The content of this topic has been archived between 5 Oct 2014 and 6 May 2018. Unfortunately there are posts – most likely complete pages – missing.
Page 7 of 11
I am making a mistake applying these changes. I am posting config files in case anyone sees the issue.
Network: DHCP server and gateway is 192.168.1.1; subnet mask 255.255.255.0.
Goal: This TP-Link 841ND v9 should connect as a Wifi client to another Access Point, and act as Access Point for other devices, extending my wifi network. (A repeater is what I would call it).
Status: Cannot tell if it is connecting to the network; not pingable on 192.168.1.5; LAN/WAN ports no longer active.
I've tried three times and each time I end with restoring the AP and starting over. It's not clear to me what the wwan's ipaddr means, so I just put 192.168.1.254...but I don't know if it's correct. Any help is appreciated.
/etc/config/wireless
config wifi-device radio0
option type mac80211
option channel 11
option hwmode 11g
option path 'platform/qca953x_wmac'
option htmode HT20
# REMOVE THIS LINE TO ENABLE WIFI:
option disabled 0
config wifi-iface
option device radio0
option network wwan
option mode sta
option ssid MILLER
option encryption WPA2
option key 'STEELERS'
option wifi-iface
option device radio0
option mode ap
option ssid MILLER
option encryption WPA2
option key 'STEELERS'
option network lan/etc/config/network:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd31:75be:89c6::/48'
config interface 'lan'
option ifname 'eth0'
option force_link 0
option type 'bridge'
option proto 'static'
option ipaddr '192.168.5'
option gateway '192.168.1.1'
option netmask '255.255.255.0'
option dns 8.8.8.8
config interface 'wwan'
option ptoto 'static'
option ipaddr '192.168.1.254'
option netmask '255.255.255.0'
option gateway '192.168.1.1'
config interface 'stabridge'
option proto 'relay'
option network 'lan wwan'
option ipaddr '192.168.1.254'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 4'it seems that you missed this page:
http://wiki.openwrt.org/doc/howto/clientmode
so do you need bridged client or not? in both cases lan ip should be in a different subnet and gateway must go on wwan interface!
Of course, in bridged mode you will not get IP address if something is wrong.
Bad encryption settings:
encryption WPA2------>encryption 'psk2'
In bridged mode, LAN IP should be different from the main network. You can access to this IP by manually setting your ip to that range. And the IP you set is incomplete!
option ipaddr '192.168.5'------>option ipaddr '192.168.10.1'
If you want to access the router at 192.168.1.5, then:
config interface 'wwan'
option proto 'static'
option ipaddr '192.168.1.5'
option netmask '255.255.255.0'
option gateway '192.168.1.1'
config interface 'stabridge'
option proto 'relay'
option network 'lan wwan'
option ipaddr '192.168.1.5'(Last edited by dabyd64 on 25 Jul 2014, 16:50)
dadyd64, in the first post there is an error in the /etc/config/network in MODE 1: BRIDGED REPEATER
config 'interface' 'stabridge'
option 'proto' 'relay'
option 'network' 'lan wwan'
option ipaddr '192.168.1.254' #Same IP as in WWAN
it should be:
config interface 'stabridge'
option proto 'relay'
option network 'lan wwan'
option ipaddr '192.168.1.254' #Same IP as in WWAN
As far as I remember there is no difference between network and 'network', same for the rest. It will work the same.
Correct me if I am wrong. Anyone?
http://wiki.openwrt.org/doc/uci#file.syntax
Usually you do not need to enclose identifiers or values in quotes. Quotes are only required if the enclosed value contains spaces or tabs.
New to OpenWRT as I have just aquired a router with it installed. (Hame MPR-A1)
Currently it has an address of 192.168.2.1 and can only connect to the internet when I plug into one of my main router's (TP link WDR3600) LAN ports.
It has a LIRC server running on 192.168.2.1 and I want to be able to port forward traffic from WAN on port 8765 across the Wifi to it.
Current config
(main router) (Hame MPR-A1)
WAN--------------->WDR3600 stock fw-------------------------->OPENWRT
¦ ¦
various devices LIRC server
192.168.0.x 192.168.2.1:8765
I assume at the moment it is operating as mode 2 . "bridged repeater, different network" as it can see the internet but none of the devices on the 192.168.0.x LAN can see it.
Do I need to go for option 1 "Bridged repeater" and change the address range of the OPENWRT device to make this work?
Or can I leave alone and still make it work somehow.
whats the best way? Any pointers greatly appreciated.
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option path '10180000.wmac'
list ht_capab 'GF'
list ht_capab 'SHORT-GI-20'
list ht_capab 'SHORT-GI-40'
list ht_capab 'RX-STBC1'
option htmode 'HT20'
option disabled '0'
option txpower '20'
option hwmode '11ng'
option country '00'
config wifi-iface
option device 'radio0'
option network 'wifi'
option mode 'ap'
option ssid 'Irdroid'
option encryption 'psk'
option key 'xxx'/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fddd:ac55:8dab::/48'
config interface 'lan'
option ifname 'eth0.2'
option proto 'dhcp'
config interface 'wifi'
option ifname 'wlan0'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'/etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'hybrid'
option ra 'hybrid'
option ndp 'hybrid'
config dhcp 'wifi'
option interface 'wifi'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'hybrid'
option ra 'hybrid'
option ndp 'hybrid'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
config dhcp 'wan6'
option dhcpv6 'hybrid'
option ra 'hybrid'
option ndp 'hybrid'
option master '1'/etc/config/firewall
config defaults
option syn_flood 1
option input ACCEPT
option output ACCEPT
option forward ACCEPT
# Uncomment this line to disable ipv6 rules
# option disable_ipv6 1
config zone
option name lan
list network 'lan'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
option masq 1
option mtu_fix 1
config zone
option name wifi
list network 'wifi'
# list network 'wan6'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
option masq 1
#option mtu_fix 1
config forwarding
option src wan
option dest lan
config forwarding
option src wifi
option dest lan(Last edited by mitch1 on 2 Aug 2014, 18:30)
You must do bridged repeater. Read well the guide, changing and address is not enough.
Thanks for the guide . I have managed to get it working using the below changes. I have to admit i'm not really sure what I have ended up with :S ? as I used your guides combined with the wiki for routed client. I am a bit concerned my firewall is all "ACCEPT" but I guess it is protected from the internet behind my main router's firewall?
I have assigned a static DHCP lease to the router on my main router so that the client wireless picks up 192.168.0.2 on the main network. Also Port forwarded 8765 to 192.168.0.2.
result is I can reach the LIRC server on the new access point and if connected to the new AP I get internet via the main router.
One issue I have noticed is that if the main router is rebooted and the AP stays up it appears to lose its 192.168.0.2 address and not get it back until I pull the plug and reconnect. - Rebooting via the LUCI interface doesn't appear to do the trick but I can't figure out why - perhaps I need to change some more settings ?
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
config wifi-iface
option ssid 'linksys'
option device 'radio0'
option mode 'sta'
option key 'xxxxxx'
option encryption 'psk2'
option network 'wwan'
config wifi-iface
option device 'radio0'
option mode 'ap'
option ssid 'Irdroid'
option encryption 'psk'
option key 'xxxx'
option network 'wifi'/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fddd:ac55:8dab::/48'
config interface 'lan'
option proto 'dhcp'
option type 'bridge'
option ifname 'eth0.2'
config interface 'wwan'
option proto 'dhcp'
config interface 'wifi'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option mtu_fix '1'
option network 'lan'
config zone
option name 'wifi'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option network 'wifi wwan'
config forwarding
option src 'wan'
option dest 'lan'
config forwarding
option src 'wifi'
option dest 'lan'
config rule
option name 'Allow-DHCP-Renew'
option src 'lan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'lan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'lan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config zone
option name 'newzone'
option input 'ACCEPT'
option forward 'ACCEPT'
option network ' '
option output 'ACCEPT'(Last edited by mitch1 on 5 Aug 2014, 11:35)
That doesn't follow the routed repeater in any way, Where's relayd?
Why sepparate Wifi into a different network?
Try first in lan, if it works then try new things if you want. I suggest to start in the simplest mode possible, so you know what to check if it doesn't work.
Hello,
I have tried the MODE 2: REPEATER, DIFFERENT NETWORK.
There is a strange question, if I give the “RepeaterWirelessNetwork” encryption,it can not be networked,otherw it can be networked。I've tried turning off the firewall, but it still can not networked。
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path '10180000.wmac'
option htmode 'HT20'
option disabled '0'
option txpower '20'
option country '00'
config wifi-iface
option device 'radio0'
option encryption 'psk2'
option hidden '1'
option network 'wan'
option mode 'sta'
option ssid 'MainWirelessNetwork'
option key 'MainRouterWirelessPassword'
config wifi-iface 'config'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'RepeaterWirelessNetwork'
option key 'RepeaterWirelessPassword'
option encryption 'psk'
/ete/config/network
config interface 'lan'
option ifname 'eth0.1'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option proto 'dhcp'
config interface 'wwan'
option proto 'dhcp'
/etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
/etc/config/firewall
config zone
option name lan
option network 'lan'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
config zone
option name wan
option network 'wan wwan'
option input ACCEPT
option output ACCEPT
option forward REJECT
option masq 1
option mtu_fix 1
config forwarding
option src lan
option dest wan
Is "option ipaddr '192.168.1.1'" in a different range from the main router?
If the main router uses this ip you must change to different network like 192.168.2.1 ( 192.168.x.1 whatever you want).
Are you sure that the main router use PSK2?
Also:
config wifi-iface
option device 'radio0'
option encryption 'psk2'
option hidden '1'
option network 'wan'
option mode 'sta'
option ssid 'MainWirelessNetwork'
option key 'MainRouterWirelessPassword'Put "option network 'wwan'"
(Last edited by dabyd64 on 7 Aug 2014, 14:38)
Thanks for answering,
1. the main route and the repeater router are in a different range.
2. I login in to the main route.I am sure the main router use psk2.
3. The “option network” is “wwan”,this is my fault.
The quesetion is if the repeater router put "option encryption 'none'",it can ping.If put "option encryption 'psk'" or "option encryption 'psk2',it can not ping.
is this related to the system of the main route? I dont know what is the main route system。
I change the main route. the system is OpenWrt,then it works normally.The reason may be incompatible.
Thanks for the guide .
If you put encryption "none" and it works then your main router doesn't have encryption.
You can decide encryption only in the AP wireless, but the STA wireless must use the same encryption as the main router.
You must put the main router in WPA2 mode before you can use psk2 in openwrt to connect to it
confirmed working on BB rc3 with a tp-link 3020.
i used the configs from the first post and edited just the IPs that needed editing for my network.
Glad that still works. Thanks for your feedback!
dabyd64 wrote:
Due I'm seeing a lot of confusion to make a repeater with OpenWRT, I will put the 2 modes available, with its configs.
I hope its easy to understand.
Of course, first install the latest Trunk version of OpenWrt:
http://downloads.openwrt.org/snapshots/trunk/
Working in Atheros hardware and Attitude Adjustment. I don't know if it works on other hardware or OpenWrt versions.MODE 1: BRIDGED REPEATER
Both wireless networks will be the same network, DHCP addresses wil be given by the main router, all computers will see each other.
First connect the router to internet, by connecting an ethernet cable between the openwrt's router WAN port and the main router.
Install Relaydopkg update opkg install relayd /etc/init.d/relayd enable.
.
/etc/config/wirelessconfig wifi-device 'radio0' #blahblah (default settings) option channel '1' #Match with the main wireless network channel option disabled '0' config wifi-iface option ssid 'MainWirelessNetwork' option encryption 'psk' # Set wep, psk or psk2 for WEP, WPA or WPA2 option device 'radio0' option mode 'sta' option network 'wwan' option key 'MainRouterWirelessPassword' config wifi-iface option device 'radio0' option mode 'ap' option ssid 'RepeaterWirelessNetwork' option encryption 'psk' option key 'RepeaterWirelessPassword' option network 'lan'.
.
/etc/config/networkconfig interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan' option ifname 'eth0' option type 'bridge' option proto 'static' option ipaddr '192.168.10.1' option gateway '192.168.1.1' # Your main router's IP option netmask '255.255.255.0' option dns '192.168.1.1' config interface 'wwan' option proto 'static' option ipaddr '192.168.1.254' #match you main router network 192.168.x.254 option netmask '255.255.255.0' option gateway '192.168.1.1' #your main router's IP config 'interface' 'stabridge' option 'proto' 'relay' option 'network' 'lan wwan' option ipaddr '192.168.1.254' #Same IP as in WWAN.
.
/etc/config/dhcpconfig dhcp lan option interface lan option start 100 option limit 150 option leasetime 12h option ignore 1 config dhcp wan option interface wan option ignore 1.
.
As we want to make all the same network, we can disable the firewall:/etc/init.d/firewall stop /etc/init.d/firewall disable.
.
.
MODE 2: REPEATER, DIFFERENT NETWORKRepeater's clients will be able to see Main Network's devices, but not vice versa.
Addresses in the Repeater network are managed by the repeater.Nothing has to be downloaded, the stock openwrt is enought. This is the easiest and simplest way of making a repeater
/etc/config/wireless
config wifi-device 'radio0' #blahblah (default settings) option disabled '0' option channel '1' #Match with the main wireless network channel config wifi-iface option ssid 'MainWirelessNetwork' option encryption 'psk' # Set wep, psk or psk2 for WEP, WPA or WPA2 option device 'radio0' option mode 'sta' option network 'wwan' option key 'MainRouterWirelessPassword' config wifi-iface option device 'radio0' option mode 'ap' option ssid 'RepeaterWirelessNetwork' option encryption 'psk' option key 'RepeaterWirelessPassword' option network 'lan'.
.
/etc/config/networkconfig interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan' option ifname 'eth0' option type 'bridge' option proto 'static' option ipaddr '192.168.10.1' #set to different range of your main router's network"" option netmask '255.255.255.0' config interface 'wwan' option proto 'dhcp'.
.
/etc/config/dhcpconfig dhcp lan option interface lan option start 100 option limit 150 option leasetime 12h option ignore 0 config dhcp wan option interface wan option ignore 1.
.
/etc/config/firewallconfig defaults option syn_flood '1' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'lan' option network 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'wan' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'wan wwan' config forwarding option src 'lan' option dest 'wan'Once internet is running, its easy to install LuCi to get the nice web interface:
opkg update opkg install luci AND, IF YOU INSTALLED RELAYD opkg install luci-proto-relayI have tested both and they work. I think this are the easiest configs for making a repeater.
Edit the files manually with the VI editor.
If you don't know how to use it, check this:
---------------------------------------------------------------------------
vi editor small tutorial
Let's edit "network" filevi network
Now, navigate with the arrow keys to the line you want to read, modify, etc.
To start writing first type "i" (command to insert).
Now you can write, delete, etc as usual.
To exit the insert mode press "ESC".
To delete an entire line, press "d" twice.
Finally, to save the file press "Z" twice. Yes it must be UPPERCASE
If you screwed your file and want to discard changes press control+z to close without saving.Regards
So I've tried to do this on my WA901ND and didn't work, device wouldn't connect to PC, nor Telnet, turn wifi off... a mess.
Maneged to re-start it but I am new here and with OpenWRT. A total noob.
So, is there a way to configure the device within the web interface (luci) as a repeater with diferent SSIDs? Could someone teach me how without having to write lines of codes on vi or whatever?
Did you put the correct IP on the wwan interface?
Post the configs you tried so we can see possible causes
Is it all right in this config?:
Network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option ifname 'eth0'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'
option gateway '192.168.1.254'
option dns '192.168.1.254'
config interface 'wwan'
option proto 'static'
option ipaddr '192.168.1.4'
option netmask '255.255.255.0'
config interface 'stabridge'
option proto 'relay'
list network 'lan'
list network 'wwan'
option ipaddr '192.168.1.4'Wireless
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11ng'
option macaddr '10:fe:ed:75:05:f6'
option htmode 'HT20'
list ht_capab 'LDPC'
list ht_capab 'SHORT-GI-20'
list ht_capab 'SHORT-GI-40'
list ht_capab 'TX-STBC'
list ht_capab 'RX-STBC1'
list ht_capab 'DSSS_CCK-40'
option txpower '27'
option country 'US'
option channel '6'
option disabled '0'
config wifi-iface
option network 'wwan'
option ssid '^GeDa^'
option encryption 'psk2'
option device 'radio0'
option mode 'sta'
option bssid '00:21:29:xx:xx:xx'
option key 'ge31nna05ro78da'
config wifi-iface
option device 'radio0'
option mode 'ap'
option ssid '^GeDa^HotSpot'
option network 'lan'
option encryption 'psk2'
option key 'ge31nna05ro78da'Obviously IP of main router is 192.168.1.254
Almost OK, you missed the gateway line on WWAN:
config interface 'wwan'
option proto 'static'
option ipaddr '192.168.1.4'
option netmask '255.255.255.0'
option gateway '192.168.1.254' #your main router's IP(Last edited by dabyd64 on 16 Sep 2014, 22:32)
Careless mismatch...
Thank you.
It works fine
dabyd64, thank you for your guide, it works nicely. I configured relay variant. It was not working until I included also eth0 into bridge. I have no idea why it has to be there as I am not using eth0 at all, but I am not going to pretend I understand bridging.
Anyhow, thank you, perfect guide.
I've tried method 1 with current recommendations without a problem.
But i want to have more control over my clients.
I've tried to use wpa 2 enterprise with method 1 but my clients can not login from device 2. It seems wpa 2 enterprise can not be used in this methods ?
I am using the configuration below;
ADSL -- pfSense -(lan connection)- OpenWRT Device#1 -(Wireless connection sta mode)- OpenWRT Device#2
I want restrict access of device 2 clients. Record their activities and so on.
Are there any possible solution on this ?
Thanks
Page 7 of 11