Do you happen to have a tutorial on how to do this? I'm having trouble finding instructions on this. I'd really like to get rid of my silly double NAT as I use pFsense for my main firewall.RussWestrem wrote: ↑Tue Jul 17, 2018 5:19 pm Openwrt actually bridges interfaces just fine, it's the rooter scripts that stops the bridge from working. Rooter is just not set up for this feature. If you want a true bridge just dont use rooter. Install your drivers and packages you need to run the modem then just bridge the lan and wan and it's pretty much done.
DMZ - Alternative to Bridging a Router
Forum rules
This forum is for tutorials only--not for help or assistance.
This forum is for tutorials only--not for help or assistance.
-
- Posts: 565
- Joined: Thu Aug 30, 2018 8:21 pm
- Location: NE GA Mountains
- Has thanked: 1 time
- Been thanked: 68 times
Re: DMZ - Alternative to Bridging a Router
-
- Posts: 34
- Joined: Tue Aug 06, 2019 12:47 pm
- Has thanked: 8 times
- Been thanked: 8 times
Re: DMZ - Alternative to Bridging a Router
I was successful using this tutorial hooking up my wg3526 on GoldenOrb_2019-03-10 to my other (asus) router. Tried reversing the process but got locked out of my wg3526. So after recovering firmware and getting reconfigured I seen that DHCP server in goldenorb starts at 100 so nothing needs to be done on wg3526. In my asus, I changed the LAN IP to 192.168.1.2 (that will be my new login for asus now) since it was the same as the wg3526. I then turned the dhcp off on the asus and set the ip starting to 192.168.1.20. Not that the ip starting should matter since the wg3526's dhcp should be handling the ip assignments.
Applied all settings and was up and running. Now i can access the wg3526 directly through my asus via ethernet and still have the wg3526's wifi capabilities.
Applied all settings and was up and running. Now i can access the wg3526 directly through my asus via ethernet and still have the wg3526's wifi capabilities.
- BillA
- Posts: 1166
- Joined: Sun Dec 01, 2019 6:46 pm
- Location: USA
- Has thanked: 212 times
- Been thanked: 320 times
- Contact:
Re: DMZ - Alternative to Bridging a Router
Need4Speed wrote: ↑Sun Aug 18, 2019 7:06 pm I was successful using this tutorial hooking up my wg3526 on GoldenOrb_2019-03-10 to my other (asus) router. Tried reversing the process but got locked out of my wg3526. So after recovering firmware and getting reconfigured I seen that DHCP server in goldenorb starts at 100 so nothing needs to be done on wg3526. In my asus, I changed the LAN IP to 192.168.1.2 (that will be my new login for asus now) since it was the same as the wg3526. I then turned the dhcp off on the asus and set the ip starting to 192.168.1.20. Not that the ip starting should matter since the wg3526's dhcp should be handling the ip assignments.
Applied all settings and was up and running. Now i can access the wg3526 directly through my asus via ethernet and still have the wg3526's wifi capabilities.
Right, but your setup does the opposite what others wanted, using the modem/router in pass-through mode. In your case you're still using the WG3526's DHCP to assign IP's while the Asus acts as a simple access point/hub/switch. It all depends how you intend to use it.
Re: DMZ - Alternative to Bridging a Router
I know this is kind of old, but can you elaborate on how to "just bridge the lan and wan"? I'm going to try something similar with a unifi USGRussWestrem wrote: ↑Tue Jul 17, 2018 5:19 pm Openwrt actually bridges interfaces just fine, it's the rooter scripts that stops the bridge from working. Rooter is just not set up for this feature. If you want a true bridge just dont use rooter. Install your drivers and packages you need to run the modem then just bridge the lan and wan and it's pretty much done.
-
- Posts: 5
- Joined: Sun Oct 25, 2020 9:55 am
- Has thanked: 0
- Been thanked: 1 time
Re: DMZ - Alternative to Bridging a Router
We’re you able to bridge with the USG? I have basically this exact setup and the double Nat is giving me trouble.
Wrt1200ac with rooter / USB modem, and UniFi USG as my main router / all other UniFi hardware. I’m running 192.168.1.1 on the linksys and 10.0.1.1 on the USG. Followed the guide above pretty much to fix the IPs on the wan and disable dhcp and some devices work, some don’t.
Got to the point I’m running two networks / one with Visible / Linksys and my normal network ATT in a netgear modem / USG.
Upgrading my USG (it’s a really old rev) so I can rock double WAN as I also can’t seem to get the WAN load balancing / rules to work very well in the Rooter since it can’t see the 10.0.1.x devices I can’t setup rules.
Wrt1200ac with rooter / USB modem, and UniFi USG as my main router / all other UniFi hardware. I’m running 192.168.1.1 on the linksys and 10.0.1.1 on the USG. Followed the guide above pretty much to fix the IPs on the wan and disable dhcp and some devices work, some don’t.
Got to the point I’m running two networks / one with Visible / Linksys and my normal network ATT in a netgear modem / USG.
Upgrading my USG (it’s a really old rev) so I can rock double WAN as I also can’t seem to get the WAN load balancing / rules to work very well in the Rooter since it can’t see the 10.0.1.x devices I can’t setup rules.
- BillA
- Posts: 1166
- Joined: Sun Dec 01, 2019 6:46 pm
- Location: USA
- Has thanked: 212 times
- Been thanked: 320 times
- Contact:
Re: DMZ - Alternative to Bridging a Router
52electrons wrote: ↑Sun Oct 25, 2020 10:02 am We’re you able to bridge with the USG? I have basically this exact setup and the double Nat is giving me trouble.
Wrt1200ac with rooter / USB modem, and UniFi USG as my main router / all other UniFi hardware. I’m running 192.168.1.1 on the linksys and 10.0.1.1 on the USG. Followed the guide above pretty much to fix the IPs on the wan and disable dhcp and some devices work, some don’t.
Got to the point I’m running two networks / one with Visible / Linksys and my normal network ATT in a netgear modem / USG.
Upgrading my USG (it’s a really old rev) so I can rock double WAN as I also can’t seem to get the WAN load balancing / rules to work very well in the Rooter since it can’t see the 10.0.1.x devices I can’t setup rules.
The best solution for channel bonding two or more modems with speed aggregation (not just simple load balancing), including bridging interfaces in any combination using a GUI interface, is by using OpenMPTCProuter. As an added bonus, you also get a VPN protected connection.
https://wirelessjoint.com/viewtopic.php?f=21&t=1078
Re: DMZ - Alternative to Bridging a Router
I have a USG Pro 4 (and a USG 3P as backup) with two routers, one on each WAN port. It won't do WAN bonding, but it does load balance properly. You can use weighted values or failover setting via the GUI. Not bad if you don't have equal data plans for each connection.
Re: DMZ - Alternative to Bridging a Router
Anyone have any luck setting this method up in the 11/23 1608 firmware? I can follow the tutorial but it won't let me leave the external port empty to save the port forward.
You do not have the required permissions to view the files attached to this post.
-
- Posts: 166
- Joined: Wed May 13, 2020 7:04 pm
- Has thanked: 12 times
- Been thanked: 45 times
Re: DMZ - Alternative to Bridging a Router
I know this is an older guide, I but I used it to solve an issue I was having. Would I still be able to use OpenVPN on this setup or do I have to have dhcp, etc. turned on to do so?
- BillA
- Posts: 1166
- Joined: Sun Dec 01, 2019 6:46 pm
- Location: USA
- Has thanked: 212 times
- Been thanked: 320 times
- Contact:
Re: DMZ - Alternative to Bridging a Router
DHCP has to do with assigning local IP's to your connected devices. A VPN is used to established an encrypted connection. You can run it with or without DHCP depending if you're using your mobile router in bridge/bypass mode connected to a second router which serves DHCP instead. Generally you don't want two routers on the same network both serving DHCP, it can create conflict.
Re: DMZ - Alternative to Bridging a Router
Does this break the custom TTL settings in GO if I follow the tutorial? Meaning will my TTL still be reported as 65 to tmobile even though my ER12 is taking care of all the router functions?
- Didneywhorl
- Posts: 3616
- Joined: Fri Mar 23, 2018 5:37 pm
- Location: USA
- Has thanked: 1363 times
- Been thanked: 756 times
- Contact:
Re: DMZ - Alternative to Bridging a Router
iptables should apply the mangle to all traffic through the interface specified. I think at least.
Re: DMZ - Alternative to Bridging a Router
Thank you so much Didney !Didneywhorl wrote: ↑Sun Jan 10, 2021 2:46 pm iptables should apply the mangle to all traffic through the interface specified. I think at least.
Re: DMZ - Alternative to Bridging a Router
Hey guys I have followed the guides for DMZ but for some reason my WG1608 is still trying to handle DNS assignment, any ideas? Is there a config file I can paste in here to make sure I have everything configured properly?
-
- Posts: 75
- Joined: Wed Apr 29, 2020 7:17 pm
- Has thanked: 1 time
- Been thanked: 8 times
Re: DMZ - Alternative to Bridging a Router
I have zbt-we826 with ep06 running goldenorb_2020-03-01. Because of the external antenna setup, the we826 is not in a good wifi location, so I'm using an asus router for wifi. I have the wifi disabled on the we826, and ethernet is connecting the we826 lan to the asus wan, so the asus router is just the access point. Everything seems to be working just fine... what are the benefits/reasons for setting things up (via this tutorial) instead?
- BillA
- Posts: 1166
- Joined: Sun Dec 01, 2019 6:46 pm
- Location: USA
- Has thanked: 212 times
- Been thanked: 320 times
- Contact:
Re: DMZ - Alternative to Bridging a Router
lawnmowerman wrote: ↑Wed Feb 03, 2021 2:33 pm I have zbt-we826 with ep06 running goldenorb_2020-03-01. Because of the external antenna setup, the we826 is not in a good wifi location, so I'm using an asus router for wifi. I have the wifi disabled on the we826, and ethernet is connecting the we826 lan to the asus wan, so the asus router is just the access point. Everything seems to be working just fine... what are the benefits/reasons for setting things up (via this tutorial) instead?
Ideally you would want to keep the mobile router in full router/DHCP mode with WiFi turned off in order to handle various routing and carrier bypass functions properly. The second router should only act as a dummy access point with routing/DHCP functions turned off and possibly in DMZ mode.
It may work for now the other way around, however you're running the risk of the carrier blocking your service later down the line.
Here's more info on different setup options:
https://wirelessjoint.com/viewtopic.php?p=15956#p15956
-
- Posts: 75
- Joined: Wed Apr 29, 2020 7:17 pm
- Has thanked: 1 time
- Been thanked: 8 times
Re: DMZ - Alternative to Bridging a Router
Thanks bill! I followed your advice, turned off the WiFi on the mobile router and set the second router to access point mode.BillA wrote: ↑Tue Feb 16, 2021 2:11 am Ideally you would want to keep the mobile router in full router/DHCP mode with WiFi turned off in order to handle various routing and carrier bypass functions properly. The second router should only act as a dummy access point with routing/DHCP functions turned off and possibly in DMZ mode.
It may work for now the other way around, however you're running the risk of the carrier blocking your service later down the line.
Here's more info on different setup options:
https://wirelessjoint.com/viewtopic.php?p=15956#p15956
-
- Posts: 1
- Joined: Mon Mar 08, 2021 11:13 am
- Has thanked: 0
- Been thanked: 0
Re: DMZ - Alternative to Bridging a Router
Tried deleting it but it wouldn't let me because you'd replied to it lolDidneywhorl wrote: ↑Mon Mar 08, 2021 2:15 pm Repost this as a new topic under Routers Questions and support, then delete this one, please.
Anyway, I redacted it to a "." and also posted it as a new topic per your request.
Sorry about that.
- Didneywhorl
- Posts: 3616
- Joined: Fri Mar 23, 2018 5:37 pm
- Location: USA
- Has thanked: 1363 times
- Been thanked: 756 times
- Contact:
Re: DMZ - Alternative to Bridging a Router
Thanks, no worries.RealFlyITGuy wrote: ↑Mon Mar 08, 2021 5:22 pm Tried deleting it but it wouldn't let me because you'd replied to it lol
Anyway, I redacted it to a "." and also posted it as a new topic per your request.
Sorry about that.
Re: DMZ - Alternative to Bridging a Router
Thanks for the tutorial, Jim!
Is there a way to apply this to IPv6? It seems that my RMB11G is still serving IPv6 as my "primary" router is receiving an IPv6 IP (set to automatic) and clients on the network are getting IPv6 IPs but they all say "No Internet Access".
Is there a way to apply this to IPv6? It seems that my RMB11G is still serving IPv6 as my "primary" router is receiving an IPv6 IP (set to automatic) and clients on the network are getting IPv6 IPs but they all say "No Internet Access".
- Didneywhorl
- Posts: 3616
- Joined: Fri Mar 23, 2018 5:37 pm
- Location: USA
- Has thanked: 1363 times
- Been thanked: 756 times
- Contact:
Re: DMZ - Alternative to Bridging a Router
The ipv6 has to be setup as ipv4 over ipv6 on the router firmware to work properly with ipv6 based connections.
-
- Posts: 5
- Joined: Wed Mar 16, 2022 1:21 pm
- Has thanked: 0
- Been thanked: 0
Re: DMZ - Alternative to Bridging a Router
I attempted to setup the DMZ from the tutorial above on a wg1608 but when I complete the first setup above, it starts to apply the changes with the count down and then says changes failed reverting back to the previous setup at which time the device locks up and becomes unresponsive and have to reflash firmware.
Anyone else have this issue and know whats causing the device to lock up? I want to use a better router to route traffic and basically just use the 1608 as a modem only
Anyone else have this issue and know whats causing the device to lock up? I want to use a better router to route traffic and basically just use the 1608 as a modem only
Re: DMZ - Alternative to Bridging a Router
You have to manually set your IP on your PC to your newer subnet (turn DHCP off) and access the GUI before the time runs out or the changes won't take.
With that said I never have been able to get this to work well. I have better luck setting a static route in the WG1608 to the down stream router and then turning off the firewall & DHCP on the WG1608. This should give a single NAT setup but it also has its problems.
From what I am told there just isn't a simple way to do a bridge mode in these rooter versions of OpenWRT because they are already in bridge mode with the modem. Something about having to do a double bridge to get this to work. IDK there are smarter people than me that could explain better. This is just my understanding from the guys over on whirlpool.
With that said I never have been able to get this to work well. I have better luck setting a static route in the WG1608 to the down stream router and then turning off the firewall & DHCP on the WG1608. This should give a single NAT setup but it also has its problems.
From what I am told there just isn't a simple way to do a bridge mode in these rooter versions of OpenWRT because they are already in bridge mode with the modem. Something about having to do a double bridge to get this to work. IDK there are smarter people than me that could explain better. This is just my understanding from the guys over on whirlpool.