Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:network:routedclient [2018/03/04 13:23] – ↷ Links adapted because of a move operation | docs:guide-user:network:routedclient [2019/09/22 05:38] – links updated vgaetera | ||
|---|---|---|---|
| Line 8: | Line 8: | ||
| If you have no administrative access (e.g. ability to configure static route entries) to the target Access Point, the local LAN subnet must be // | If you have no administrative access (e.g. ability to configure static route entries) to the target Access Point, the local LAN subnet must be // | ||
| - | When configuration of the target Access Point is possible, start with the // | + | When configuration of the target Access Point is possible, start with the // |
| {{: | {{: | ||
| Line 88: | Line 88: | ||
| * ESSID is '' | * ESSID is '' | ||
| * Channel is '' | * Channel is '' | ||
| - | * The network uses WPA/WPA2 mixed mode\\ | + | * The network uses WPA/WPA2 mixed mode |
| - | \\ | + | |
| - | In ''/ | + | In ''/ |
| - | Change the '' | + | Change the '' |
| | '' | | '' | ||
| Line 155: | Line 155: | ||
| === Step 1: Change the firewall configuration === | === Step 1: Change the firewall configuration === | ||
| - | Edit the ''/ | + | Edit the ''/ |
| Disable masquerading and set the incoming traffic policy to ACCEPT: | Disable masquerading and set the incoming traffic policy to ACCEPT: | ||
| Line 166: | Line 166: | ||
| option ' | option ' | ||
| - | Proceed with adding a new [[doc:uci: | + | Proceed with adding a new [[docs:guide-user:firewall: |
| | '' | | '' | ||
| Line 216: | Line 216: | ||
| ==== After setup everything works BUT client subnet cannot access internet ==== | ==== After setup everything works BUT client subnet cannot access internet ==== | ||
| - | This is due to the reason that AP router (in this case 192.168.1.1) does not masquerade client subnet (192.168.2.0/ | + | This is due to the reason that AP router (in this case 192.168.1.1) does not masquerade client subnet (192.168.2.0/ |
| - | \\ | + | |
| If you cannot (or don't want to) modify AP router' | If you cannot (or don't want to) modify AP router' | ||
| - | Edit the ''/ | + | Edit the ''/ |
| | '' | | '' | ||
| Line 299: | Line 299: | ||
| In this way requests from the **WC** lan side are allowed to reach the **WC** wan side that contains the **WP** lan network. | In this way requests from the **WC** lan side are allowed to reach the **WC** wan side that contains the **WP** lan network. | ||
| - | But we should not forget about masquerading (explained briefly at least here [[doc:uci:network]] ). By default the wan zone has masquerading, | + | But we should not forget about masquerading (explained briefly at least here [[docs:guide-user:base-system: |
| < | < | ||
| config zone | config zone | ||
| Line 322: | Line 322: | ||
| First we should enable the possibility that packets coming on | First we should enable the possibility that packets coming on | ||
| the wan side of **WC** could reach the lan side of **WC**. This | the wan side of **WC** could reach the lan side of **WC**. This | ||
| - | is done through forwarding (see [[docs: | + | is done through forwarding (see [[docs: |
| In particular we want that if a packet coming on the wan side of **WC** has the source in the network | In particular we want that if a packet coming on the wan side of **WC** has the source in the network | ||