OpenWrt Forum Archive

Topic: [Solved]: Setting secondary WAN to a WLAN using wr842n

The content of this topic has been archived on 25 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
juliovedovatto
30 Oct 2017, 01:38

Hi guys.

I have a wr842n wireless router, with a ppoe connection. Working perfectly with default setup. This is the main router of my network setup. Also, recently, I acquired fiber connection and the ISP give to me a ethernet router. Working perfectly when I use the ethernet connection. 

I want to setup both connections on my wr842n, using 2 different WLANs.  I read a bunch of articles and tutorials, but I was unable to make the secondary WLAN communicate with the ethernet router (with the fiber connection). I do not want to use the secondary internet connection as load balancer, I just want to have 2 different WLANs with different WAN connections.

What I tried:

  • created a vlans, one for tagging tthe specific ethernet port (Port 1) and other to use with the secondary WLAN

  • creating interfaces using those vlans (with distinct firewall rules)

  • using dhcp client in the interface with associated vlan

This is my config files:

/etc/config/network

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config globals 'globals'
    option ula_prefix 'fdbb:9da3:aaa5::/48'

config interface 'lan'
    option force_link '1'
    option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'
    option ifname 'eth1'

config interface 'lan2'
    option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.2.1'
    option netmask '255.255.255.0'
    option ip6assign '60'
    option ifname 'eth1.2'

config interface 'wan'
    option ifname 'eth0'
    option proto 'pppoe'
    option username 'provider@isp'
    option password 'password'

config interface 'wan2'
    option ifname 'eth1.1'
    option type 'bridge'
    option proto 'dhcp'

config switch
    option name 'switch0'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'switch0'
    option vlan '1'
    option vid '1'
    option ports '1t'

config switch_vlan
    option device 'switch0'
    option vlan '2'
    option vid '2'
    option ports '1'

/etc/config/dhcp

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan/'
    option domain 'lan'
    option expandhosts '1'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.auto'
    option localservice '1'

config dhcp 'lan'
    option interface 'lan'
    option limit '150'
    option leasetime '12h'
    option dhcpv6 'server'
    option ra 'server'
    option ra_management '1'
    option start '2'

config dhcp 'lan2'
    option leasetime '12h'
    option limit '150'
    option interface 'lan2'
    option start '2'

config dhcp 'wan'
    option interface 'wan'
    option ignore '1'

config dhcp 'wan2'
    option interface 'wan2'
    option ignore '1'

config odhcpd 'odhcpd'
    option maindhcp '0'
    option leasefile '/tmp/hosts/odhcpd'
    option leasetrigger '/usr/sbin/odhcpd-update'

I'm having trouble trying to make eth1.1 (port 1, where the ethernet router is attached) communicate with eth1.2 (interface with the associated virtual WLAN).

Not sure if this is possible or if my wr842n is able to do it.

Someone could help me? Spent already 6 hours trying to figure this out.

(Last edited by juliovedovatto on 30 Oct 2017, 20:00)

Post #2
mk24
30 Oct 2017, 02:10

Don't use plain eth1 for anything.   All your references to eth1 need to be tagged with a VLAN.  You're going to run three networks through eth1: old LAN, new LAN2, and new WAN2.  Though you don't necessarily need an ethernet LAN2 if it's only going to be wireless.

You need three VLANs in the switch, with the CPU port tagged in each one and at least one Ethernet port untagged in each one (a VLAN with only one port in it isn't going to switch anything!).  An untagged external ethernet port can only be in one VLAN.  It must be off in the other ones.  This is much easier to understand on the LUCI page.

You also will need a parallel set of firewall zones and rules, e.g. lan2 and wan2, with forwarding from that lan to wan.

(Last edited by mk24 on 30 Oct 2017, 02:13)

Post #3
juliovedovatto
30 Oct 2017, 19:59

Thanks for you insight! I managed to make it work. Exactly (I think) as you suggested.

mk24 wrote:

Don't use plain eth1 for anything.   All your references to eth1 need to be tagged with a VLAN.  You're going to run three networks through eth1: old LAN, new LAN2, and new WAN2.  Though you don't necessarily need an ethernet LAN2 if it's only going to be wireless.

You need three VLANs in the switch, with the CPU port tagged in each one and at least one Ethernet port untagged in each one (a VLAN with only one port in it isn't going to switch anything!).  An untagged external ethernet port can only be in one VLAN.  It must be off in the other ones.  This is much easier to understand on the LUCI page.

You also will need a parallel set of firewall zones and rules, e.g. lan2 and wan2, with forwarding from that lan to wan.

My config now:

/etc/config/network

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option force_link '1'
    option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'
    option ifname 'eth1'

config interface 'wan'
    option ifname 'eth0'
    option proto 'pppoe'
    option username 'user@provider'
    option password 'password'

config interface 'wan2'
    option type 'bridge'
    option proto 'dhcp'
    option ifname 'eth1.2'

config switch
    option name 'switch0'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'switch0'
    option vlan '1'
    option vid '1'
    option ports '0t 2 3 4'

config switch_vlan
    option device 'switch0'
    option vlan '2'
    option vid '2'
    option ports '0t 1'

Few extra notes:

  • I made a bridge between wan2 interface and secondary wlan that I created (instated to create a lan interface just for it. Now when I connect to this wlan, I use the network IP of the ethernet router. And when I use the default wlan, I use the ppoe connection to navigate.

  • I created two vlans only, eth1.1 and eth1.2. Tagged CPU port for both, disabled port1 (off) for eth1.1, for eth1.2 I tagged port1 and disabled (off) the remaining ports.

  • eth1.2 is associated with wan2 interface, and naturally eth1.1 is being used for lan interface.

I will leave these notes for other staff who are having problems problems I had. I hope is making any sense at all.

The discussion might have continued from here.