[sagem2000]

Hi

I am currently using 2 TP-Link TL-WR841ND v9 Wifi Routers with DD-WRT v3.0-r36410 std (07/28/1 on both.

The primary router 192.168.1.1 is connected to the internet providers modem and configured as DHCP server (DHCP Range 192.168.1.50 - 192.168.1.100) with WPA2 Mixed Wifi Encryption, the secondary router 192.168.1.2 is connected to one of the LAN ports on the primary router using a LAN cable and the LAN cable is inserted into the WAN port of the secondary router. The ‘Use WAN port as switch’ option in the secondary router is on. The DHCP server option is disabled in the secondary router.

The secondary router is used to extend the wireless range of the primary router and is currently set as an access point. (the secondary router is also secured using WPA2 settings similar to those in the primary router).

It is important that all devices connected whether wirelessly or through wire to either routers be in the same network and able to see each other. (Currently this is working with my current configuration i.e. Type of WAN disabled and DHCP Server off in secondary router). The routers are far away from each other so wireless linking from router to router is not possible.

I want to enforce MAC address filtering using a whitelist so that unauthorized devices are unable to connect. (MAC filtering is important to me despite popular opinion that MAC address filtering is of no use)

Now, I have set up a Mac address list on the primary router which is working fine but currently I also need to add the same MAC addresses to the secondary router as well, otherwise unauthorized clients are able to connect to my network from the secondary routers WIFI AP (due to password sharing), I have read in a couple of posts that DD-WRT allows a secondary router to share the Mac address filter list from the primary router without having to re-enter it in the secondary router.

What are the settings that I need to have on the primary as well as secondary router to do the above.

Thanks in advance.

[Per Yngve Berg]

Probably easiest to copy the list over.

SSH/Telnet into the main router:

nvram show | grep NC_MACWhiteList

On the secondary router:

nvram set NC_MACWhiteList="....."
nvram commit


Note that you have to quote the value when setting it.

What you are looking for is probably authenticating the wifi with a RADIUS Server.

Services->Freeradius to start the Server.
Select RADIUS on the wifi security.

[sagem2000]

Thanks for your reply..

However, is there any way to have it automatically updated? without having to run commands every time a new mac id is added to the primary router?

[Per Yngve Berg]

If you store the addresses on the Radius Server, you don't have to copy them around.