Configure WAN port on OpenWRT/LEDE

 Author:   Posted on:   Updated on:  -
OpenWRT/LEDE are Linux based, embedded operating systems for networking devices. Besides being open source, they are highly configurable and versatile. This post will show how to configure one of the LAN ports as WAN input for xDSL routers. The problem with xDSL routers (mainly based on Boadcom platform) is that there are no opensource DSL drivers, so this function does not work.

Anyway, many DSL routers are in fact better platforms, with improved hardware, than ordinary routers. If you want to connect the router to wired LAN internet this is what you should do. I've done this on a router with LEDE Snapshot installed (the difference is that snapshots do not come with web interface preinstalled). If you have a regulare release, you can skip LuCI installation, as you already have access to the web interface of the router.

Install LuCI

LuCI is the web interface used by OpenWRT/LEDE. First of all you need internet. Connect the router in the home network and use the serial port to acces LEDE console (using PuTTY - 115200 8N1). Temporarily, the router will be set as a client in your home network. This is very simple to do - just run the following commands in the serial console:
uci set network.lan.ipaddr=192.168.1.15
uci set network.lan.gateway=192.168.1.1
uci set network.lan.dns=8.8.8.8
uci commit network
reboot
Adjust IP address and gateway depending on your local network configuration. The IP should not be allocated to another device and it should be in the range of allowable addresses for your local network device. After it reboots, the LEDE router will have access to the internet. You can test this by issuing ping commands in the serial console. It's time to install the web interface. Run these commands in serial console:
opkg update
opkg install luci
/etc/init.d/uhttpd start
Using a computer connected to the same local network as the LEDE router, open the browser and go to the IP address you set earlier (192.168.1.15 in my example). You should see LEDE login screen.

LEDE LuCI login screen
LEDE LuCI login screen
Click on Login button, then follow the warning message and set a password for the router.

Create VLAN

To be able to set a port of the switch as WAN port, you need to create a virtual LAN (VLAN) for it. To do so, go to Network - Switch and click the Add button to add another VLAN. You should have two VLANs with IDs 1 and 2. VLAN 1 will remain the switch LAN. VLAN 2 will be configured for WAN access.

Now, the port that you want to make WAN must be off in VLAN 1 and used in VLAN 2 (untagged). The rest of the switch ports that will be used for local clients must be untagged in VLAN 1 and disabled (off) in VLAN 2. Only the CPU port must be tagged in both VLANs.

If you want to set port 1 as WAN, your configuration must look like this:

VLAN with WAN port in LEDE
VLAN with WAN port in LEDE
Once you are done, click Save button.

Network protocol

You must configure VLAN 1 as DHCP server and VLAN 2 as DHCP client. Avoid applying setting - just click Save, not Save and Apply.

Go to Network - Interfaces. Click Add button. First of all, VLAN 2 configuration:
  • Name: whatever you want, something like wanport etc.
  • Protocol: DHCP Client.
  • Cover interface: eth0.2 (switch 0, VLAN 2).
  • Firewall zone: create a new one, give it any name (i.e. wanfw).
While in the Interfaces Overview screen, set VLAN 1 (which is by default named LAN - br-lan) to the default static address of 192.168.1.1. LAN should be a bridge between VLAN 1 (eth0.1) and wireless network.

You can now apply settings (see the top right messages) and make the correct connections. Connect with a wired PC at on of the switch ports and connect the WAN configured port to an internet line. The PC should obtain an IP address from the LEDE router and you should be able to access it at http://192.168.1.1. Login to the router. If you go to Network - Diagnostics and run the Ping command it should run without issues.

Internet access

You probably noticed, that although the router can connect to the internet, its clients cannot. This is because of the firewall. Go to Network - Firewall and route LAN to WAN. This is what you should have:

LEDE firewall configuration
LEDE firewall configuration
Reboot the router. You should now have internet access. If it doesn't work, edit LAN interface and add custom DNS servers 8.8.8.8 and 8.8.4.4. Go also to Network - DHCP and DNS and add DNS forwardings to 8.8.8.8 and 8.8.4.4.

No comments :

Post a Comment

Please read the comments policy before posting.