Looking for help setting up an isolated network within my apartment complex’s network. I have a Linksys router running OpenWrt, with the ethernet connection from my aprtment running to the uplink port on the router. When I SSH into the router, it has WAN access, but none of the LAN devices connected to it (by ethernet or wireless) do. Anyone have any experience with this?
You must log in or register to comment.
My guess is responses aren’t NATing properly with the double NAT. Make sure you have a source NAT masquerade rule set up for traffic out, you may also need a masquerade to replace your client’s IP with the LAN gateway address on the way out.
Basically right now without masquerading as your LAN port the router loses the originating client’s IP when it src NATs, so the responses get delivered to the internal gateway address and never forwarded on to the client to establish the connection. Forcing it to masquerade will maintain that connection tracking.
That’s exactly what it was. Thank you so much
deleted by creator
Can I get a a screenshot of the firewall page?
Off the top of my head, this is low hanging fruit:
- Verify your LAN devices are pulling dhcp or alternatively put a static IP on one of them
- Verify the/a correct default gateway is set on the LAN side (should be the internal IP of your router)
- Verify DNS (ping 1.1.1.1 from a LAN device, if you can, then make sure you’ve configured DNS servers for the LAN side within the router)
Yep ran all this.
- Did both of these
- It is
- Tried will all LAN devices. Router itself can ping 1.1.1.1 (and 8.8.8.8) but none of the LAN devices can reach the internet.
One other thing I forgot is to verify a LAN device can ping the router IP, but I’m guessing you’ve already verified that. This is starting to sound like a FW issue
It’s been years since I setup my openwrt router, but here is some advice verifying your FW config
tl;dr Your WAN interface may be defined as ‘wan’ in your FW rules, since ‘WAN’ != ‘wan’ - correcting the case may solve the issue
