Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
02-14-2015, 05:02 PM
|
#1
|
Member
Registered: Jan 2012
Location: Central Europe
Distribution: Manjaro, Kubuntu
Posts: 171
Rep:
|
OpenWRT home router isn't liking ISP's router
Hello, I have my complete home network behind my Openwrt router, which is in turn hooked up to the ISP's router for internet connection.
Now I'm trying a new ISP and hooked my Openwrt up to their router, and as a consequence, everything behind my own router has no internet. Is it normal for this to happen? Should I need to change any settings?
I was counting on OpenWRT (it's doing NAT, i.e. I don't have the ISP router's firewall turned off ) to just pick up the new internet connection and pass it on to my home network as usual.
|
|
|
02-14-2015, 05:59 PM
|
#2
|
Member
Registered: Jun 2003
Location: Washington
Distribution: Raspbian, Ubuntu, Chrome/Crouton
Posts: 374
Rep:
|
I'm guessing the ISP "router" is trying to be the gateway/NAT/router. You need to turn that mode off. It should just act as the ISP's modem.
|
|
1 members found this post helpful.
|
02-14-2015, 06:11 PM
|
#3
|
LQ Newbie
Registered: Feb 2015
Posts: 6
Rep:
|
You did not mention is it a ADSL modem/router ?
They come (most of them) from providers by default in a router mode.
for your setup: home PC > OpenWrt > ADSL modem/route > INternet
you need to change proveider's router into bridge mode, and setup OpenWRT
to connect with PPPoE (on ADSL) and enter user/pass for the PPPoE.
Hope this helps
|
|
1 members found this post helpful.
|
02-14-2015, 08:16 PM
|
#4
|
Member
Registered: Jan 2012
Location: Central Europe
Distribution: Manjaro, Kubuntu
Posts: 171
Original Poster
Rep:
|
Quote:
Originally Posted by pwalden
I'm guessing the ISP "router" is trying to be the gateway/NAT/router. You need to turn that mode off. It should just act as the ISP's modem.
|
Alright, I did it, I now have internet behind the Owrt router:
1.) I placed openwrt in the ISP box's DMZ
2.) I set them to be on different subnets 192.168.1. (Openwrt) and 192.168.2. (ISP router).
3.) In the Openwrt firewall settings, I set all of Input, Output and Forward to "accept" for both the WAN and LAN interfaces.
I don't know if the combination of all three measures was necessary, or just the last one or two would have sufficed (success came only after no3).
I also wonder whether my whole home network is now completely exposed to the outside world??
Last edited by bennypr0fane; 02-15-2015 at 12:54 PM.
|
|
|
02-15-2015, 12:58 PM
|
#5
|
Member
Registered: Jun 2003
Location: Washington
Distribution: Raspbian, Ubuntu, Chrome/Crouton
Posts: 374
Rep:
|
Quote:
Alright, I did it, I now have internet behind the Owrt router:
1.) I placed openwrt in the ISP box's DMZ
2.) I set them to be on different subnets 192.168.1. (Openwrt) and 192.168.2. (ISP router).
3.) In the Openwrt firewall settings, I set all of Input, Output and Forward to "accept" for both the WAN and LAN interfaces.
|
Sounds like you have eliminated the symptoms, but not the disease. As suggested by M0nteZ, you should see if you can turn off the gateway/router mode of the ISP's "box". My guess is that you now have 2 gateways and that will slow down your network a bit.
|
|
|
02-15-2015, 01:53 PM
|
#6
|
Member
Registered: Jan 2012
Location: Central Europe
Distribution: Manjaro, Kubuntu
Posts: 171
Original Poster
Rep:
|
Quote:
Originally Posted by pwalden
Sounds like you have eliminated the symptoms, but not the disease. As suggested by M0nteZ, you should see if you can turn off the gateway/router mode of the ISP's "box". My guess is that you now have 2 gateways and that will slow down your network a bit.
|
The problem is that I cannot jsut switch off the gateway/routing completely, because there also other devices on the network that are not behind my OpenWrt and that cannot be left unprotected.
If anything, I would need to switch it off *only* for the OpwnWRT. Slowdown is however beside the point.
The disease is not double NAT (which may or be not in place right now, definitely was before I put the OpenWRT in the DMZ of the Huawei router I got from the ISP), it was that I had no internet at all.
So I take it you don't know either what exactly are the effects of measures 1.) and 3.), security-wise and routing-wise?
Because that's what I need to find out now.
|
|
|
02-15-2015, 02:02 PM
|
#7
|
Member
Registered: Jan 2012
Location: Central Europe
Distribution: Manjaro, Kubuntu
Posts: 171
Original Poster
Rep:
|
Quote:
Originally Posted by M0nteZ
You did not mention is it a ADSL modem/router ?
They come (most of them) from providers by default in a router mode.
for your setup: home PC > OpenWrt > ADSL modem/route > INternet
you need to change proveider's router into bridge mode, and setup OpenWRT
to connect with PPPoE (on ADSL) and enter user/pass for the PPPoE.
|
It's actually an LTE mobile internet line. I don't know if that counts as ADSL or not?
Either way, I don't know if the ISP will let any devices other than their own routers act as gateways, with nothing in between - seems unlikely to me, but I could try.
To summarize, two(+) questions:
1.) Can I bridge the ISP's box only for my personal router, without leaving the rest of the network unprotected?
2.) If yes, how can I do that? a.) Do I have an ADSL line? and b.) what are the credentials I'd have to enter where in Openwrt for it to act as gateway and connect directly to the internet? c.) will my provider even allow that?
|
|
|
02-16-2015, 07:06 AM
|
#8
|
Member
Registered: Jan 2012
Location: Central Europe
Distribution: Manjaro, Kubuntu
Posts: 171
Original Poster
Rep:
|
I now took my router out of the DMZ again to see what happens, and I still get internet, so that wasn't crucial to fixing my problem.
My web server still can't get its content out to the internet though. It seems it can't get the public IP forwarded from the ISP router.
To explain why I have this setup, the whole reason why I put my network behind the Openwrt router is so I can use its DNS resolver, as explained here.
So either
A.) I have to continue using the slowed-down setup with two firewalls, or
B.) I take out my home router and won't have the DNS resolver on the home network, or
C.) There is (?) a third solution, which neither leaves the other computers on the network exposed nor cuts the performance while still letting me use the OpenWRT DNS resolution - and you guys can tell me how it works.
At the moment, I should have A.) in place, but it's still flawed because the server can't get out. I guess I'll best keep working on this in a separate thread, unless some guru can show me the way to plan C.) :-)
|
|
|
02-16-2015, 11:14 AM
|
#9
|
Member
Registered: Jun 2003
Location: Washington
Distribution: Raspbian, Ubuntu, Chrome/Crouton
Posts: 374
Rep:
|
It would help to know of the specific ISP provider, and the router-modem (manufacturer, model, version, etc) that they require you to use.
I would recommend reviewing and documentation on the router-modem and look for options to turn off the router and DHCP server features.
|
|
|
All times are GMT -5. The time now is 10:09 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|