Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
| docs:user-guide:network:routedclient [2018/02/20 20:55] – ↷ Links adapted because of a move operation bobafetthotmail | docs:guide-user:network:routedclient [2021/07/23 14:39] (current) – [Using MASQUERADE] someothertime | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| In the default configuration, | In the default configuration, | ||
| - | Most wireless drivers do not support bridging in client mode (see [[doc/ | + | Most wireless drivers do not support bridging in client mode, therefore the traffic between LAN and the wireless client must be routed. |
| - | therefore the traffic between LAN and the wireless client must be routed. | + | |
| Line 9: | Line 8: | ||
| If you have no administrative access (e.g. ability to configure static route entries) to the target Access Point, the local LAN subnet must be // | If you have no administrative access (e.g. ability to configure static route entries) to the target Access Point, the local LAN subnet must be // | ||
| - | When configuration of the target Access Point is possible, start with the // | + | When configuration of the target Access Point is possible, start with the // |
| {{: | {{: | ||
| Line 15: | Line 14: | ||
| The steps outlined below cover the process of putting the radio into client mode and reusing the existing WAN interface and its NAT firewall rules to connect to the target network. | The steps outlined below cover the process of putting the radio into client mode and reusing the existing WAN interface and its NAT firewall rules to connect to the target network. | ||
| + | {{section> | ||
| ==== Configuration ==== | ==== Configuration ==== | ||
| The changes below assume an OpenWrt default configuration, | The changes below assume an OpenWrt default configuration, | ||
| - | * [[docs: | + | * [[docs:guide-user:base-system:basic-networking|/ |
| - | * [[docs:user-guide: | + | * [[docs: |
| Line 38: | Line 38: | ||
| * Start wireless using the //wifi// command | * Start wireless using the //wifi// command | ||
| - | Now we can issue the '' | + | Now we can issue the '' |
| + | |||
| + | Attention - Update according to forum entries | ||
| + | |||
| + | mk24 wrote: | ||
| + | Whoever wrote the wiki was using an old Broadcom device. | ||
| + | For anything modern, use: | ||
| + | < | ||
| + | iwinfo wlan0 scan | ||
| + | </ | ||
| + | A low level scan (more detailed) can be done directly through iw: | ||
| + | < | ||
| + | iw dev wlan0 scan | ||
| + | </ | ||
| + | And of course on a **dual band router** changing to wlan1 would scan the other band. | ||
| + | The scan is not necessary if you already know the SSID and encryption type of the AP that you want to connect to. | ||
| | '' | | '' | ||
| Line 89: | Line 104: | ||
| * ESSID is '' | * ESSID is '' | ||
| * Channel is '' | * Channel is '' | ||
| - | * The network uses WPA/WPA2 mixed mode\\ | + | * The network uses WPA/WPA2 mixed mode |
| - | \\ | + | |
| - | In ''/ | + | In ''/ |
| - | Change the '' | + | Change the '' |
| | '' | | '' | ||
| Line 152: | Line 167: | ||
| In addition to the files in the [[# | In addition to the files in the [[# | ||
| - | * [[docs:user-guide: | + | * [[docs: |
| === Step 1: Change the firewall configuration === | === Step 1: Change the firewall configuration === | ||
| - | Edit the ''/ | + | Edit the ''/ |
| Disable masquerading and set the incoming traffic policy to ACCEPT: | Disable masquerading and set the incoming traffic policy to ACCEPT: | ||
| Line 167: | Line 182: | ||
| option ' | option ' | ||
| - | Proceed with adding a new [[doc:uci: | + | Proceed with adding a new [[docs:guide-user:firewall: |
| | '' | | '' | ||
| Line 217: | Line 232: | ||
| ==== After setup everything works BUT client subnet cannot access internet ==== | ==== After setup everything works BUT client subnet cannot access internet ==== | ||
| - | This is due to the reason that AP router (in this case 192.168.1.1) does not masquerade client subnet (192.168.2.0/ | + | This is due to the reason that AP router (in this case 192.168.1.1) does not masquerade client subnet (192.168.2.0/ |
| - | \\ | + | |
| If you cannot (or don't want to) modify AP router' | If you cannot (or don't want to) modify AP router' | ||
| - | Edit the ''/ | + | Edit the ''/ |
| | '' | | '' | ||
| Line 300: | Line 315: | ||
| In this way requests from the **WC** lan side are allowed to reach the **WC** wan side that contains the **WP** lan network. | In this way requests from the **WC** lan side are allowed to reach the **WC** wan side that contains the **WP** lan network. | ||
| - | But we should not forget about masquerading (explained briefly at least here [[doc:uci:network]] ). By default the wan zone has masquerading, | + | But we should not forget about masquerading (explained briefly at least here [[docs:guide-user:base-system: |
| < | < | ||
| config zone | config zone | ||
| Line 323: | Line 338: | ||
| First we should enable the possibility that packets coming on | First we should enable the possibility that packets coming on | ||
| the wan side of **WC** could reach the lan side of **WC**. This | the wan side of **WC** could reach the lan side of **WC**. This | ||
| - | is done through forwarding (see [[docs:user-guide: | + | is done through forwarding (see [[docs: |
| In particular we want that if a packet coming on the wan side of **WC** has the source in the network | In particular we want that if a packet coming on the wan side of **WC** has the source in the network | ||