WiFi Client Mode - UnBRIDGED not working - Subnets JOINED

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
E-Man
DD-WRT User


Joined: 10 Mar 2014
Posts: 85

PostPosted: Thu Aug 25, 2016 21:17    Post subject: WiFi Client Mode - UnBRIDGED not working - Subnets JOINED Reply with quote
Hi,

ROUTER: WRT54GL
FIRMWARE: DD-WRT v24-sp2 (10/10/09) vpn

I am experiencing a strange issue and was really hoping someone could help me out with some input.

I am trying to use this router in Wireless "Client Mode" (NOT "Client Bridge") and have it UNBRIDGED, meaning that subnets should be seperated.

WRT54GL ROUTER:
* Client Mode (NOT "Client Bridged")
* Subnet: 192.168.6.1

HOST ROUTER:
* Standard AP
* Subnet: 192.168.3.1

I am able to easily establish a Wireless connection successfully, but the strange behavior I am having is that the 2 different subnets of the routers can see and ping each other! How could this be happening?

I have tried every possibility to get this to work with no success. Whatever I do, the clients on both networks can ping each other over different subnets, or, if I change certain options then there is no network connectivity at all whatsoever.


I have also tried:
* Wireless -> Network Configuration = Unbridged (see screenshot), which permanently creates issues until I factory reset. Does anyone know what I should be putting here? There is no documentation I can find on these fields. Also when I select "Disable" on "Masquerade/NAT" and save it gets reset to Enable again so I can't change it.
* Setup -> Advanced Routing -> Operating mode = Router, which results in no connectivity at all

Please help!



ClientMode.jpg
 Description:
Client Mode UNbridged - No documentation
 Filesize:  81.73 KB
 Viewed:  18429 Time(s)

ClientMode.jpg


Sponsor
mrjcd
DD-WRT Guru


Joined: 31 Jan 2015
Posts: 5227
Location: Texas

PostPosted: Thu Aug 25, 2016 22:59    Post subject: Reply with quote
Might need to re-think what your doing Smile
Read
http://www.dd-wrt.com/wiki/index.php/Linking_Routers

In client mode wl0 acts as WAN interface.
Set whatever subnet you want in basic setup page for LAN
Create wl0.1 if you want other wireless to connect. (Repeater mode)...oops corrected my bad..
E-Man
DD-WRT User


Joined: 10 Mar 2014
Posts: 85

PostPosted: Fri Aug 26, 2016 13:10    Post subject: Reply with quote
mrjcd wrote:
Might need to re-think what your doing Smile
Read
http://www.dd-wrt.com/wiki/index.php/Linking_Routers

In client mode wl0 acts as WAN interface.
Set whatever subnet you want in basic setup page for LAN
Create wl0.1 if you want other wireless to connect. (Repeater mode)...oops corrected my bad..


Hi mfjcd, thank you for replying!

I have read this link before and again now, and tried to do follow the instructions in this link for:
"Client Mode - Join two wired networks by two Wireless routers (unbridged). Computers on one wired network can not see computers on other wired network in Windows Network."

Notice how this link says "(unbridged)" which is definately what I want. In my secondary router WRT54GL with DD-WRT installed, it is the "eth1" interface that is used as a WAN when you use Wireless -> Basic Settings -> Wireless Mode = Client.

I have done this, and also in main Setup -> Basic Settings -> Local IP Address, set a different Subnet from my main HOST router as well as tried setting the Gateway to something else.

Every time I do this, the 2 *DIFFERENT* subnets (WRT54GL = 192.168.6.1, and HOST = 192.168.3.1) are somehow LINKED meaning that clients from one subnet can ping clients on the other subnets. Example 192.168.6.103 can ping 192.168.3.101.

I am baffled by this and do not understand why this is happening. There is no "bridge" or custom iptables rules that I am aware of so (the WRT54GL was factory reset just in case) I am trying to understand how and why there is connectivity between the subnets.

How are the subnets linked?
mrjcd
DD-WRT Guru


Joined: 31 Jan 2015
Posts: 5227
Location: Texas

PostPosted: Fri Aug 26, 2016 13:17    Post subject: Reply with quote
setup/networking should be in 'gateway' mode for this.
If it already is then reboot router.

no change? -- ask in the advanced networking forum about some custom firewall rules
E-Man
DD-WRT User


Joined: 10 Mar 2014
Posts: 85

PostPosted: Fri Aug 26, 2016 15:29    Post subject: Reply with quote
mrjcd wrote:
setup/networking should be in 'gateway' mode for this.
If it already is then reboot router.

no change? -- ask in the advanced networking forum about some custom firewall rules


Thanks mrjcd, I also agree on this - I tried router mode in a desperate attempt to see what it would do but looks like it should be left as is in Gateway Mode.

I do realize that iptables rules will block connectivity but do not think that I should have to create rules just so different subnets are isolated. By default, isn't this the way it should be?
mrjcd
DD-WRT Guru


Joined: 31 Jan 2015
Posts: 5227
Location: Texas

PostPosted: Fri Aug 26, 2016 15:43    Post subject: Reply with quote
I see said the blind man Smile
Probably that build you are using -- BS worked on that when he was just a kid.
Install
14929
ftp://ftp.dd-wrt.com/betas/2010/08-12-10-r14929/broadcom/dd-wrt.v24_mini_generic.bin
or
21676 also runs well on the wrt54g boxes
ftp://ftp.dd-wrt.com/betas/2013/05-27-2013-r21676/broadcom/dd-wrt.v24_mini_generic.bin
or newer
27858
ftp://ftp.dd-wrt.com/betas/2015/09-28-2015-r27858/broadcom/dd-wrt.v24_mini_generic.bin
Recommended builds are in the peacock thread
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486&sid=ca81e71cbf331c475d126908e3287038

I should have caught that first read
Would have saved you alot of time....
E-Man
DD-WRT User


Joined: 10 Mar 2014
Posts: 85

PostPosted: Fri Aug 26, 2016 15:58    Post subject: Reply with quote
mrjcd wrote:
I see said the blind man Smile
Probably that build you are using -- BS worked on that when he was just a kid.
Install
14929
ftp://ftp.dd-wrt.com/betas/2010/08-12-10-r14929/broadcom/dd-wrt.v24_mini_generic.bin
or
21676 also runs well on the wrt54g boxes
ftp://ftp.dd-wrt.com/betas/2013/05-27-2013-r21676/broadcom/dd-wrt.v24_mini_generic.bin
or newer
27858
ftp://ftp.dd-wrt.com/betas/2015/09-28-2015-r27858/broadcom/dd-wrt.v24_mini_generic.bin
Recommended builds are in the peacock thread
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486&sid=ca81e71cbf331c475d126908e3287038

I should have caught that first read
Would have saved you alot of time....


WOW thanks! But I also need OpenVPN client functionality. Might you know what is the latest VPN build I can safely load on this WRT54GL v1.1? I don't want to brick it

Many thanks once again!
mrjcd
DD-WRT Guru


Joined: 31 Jan 2015
Posts: 5227
Location: Texas

PostPosted: Fri Aug 26, 2016 16:07    Post subject: Reply with quote
ftp://ftp.dd-wrt.com/betas/2015/09-28-2015-r27858/broadcom/dd-wrt.v24_vpn_generic.bin
I don't know if openVPN is there but should be...it is on mega builds for the wrt54g boxes but your router only has 4MB flash... can't run a mega build.

ftp://ftp.dd-wrt.com/betas/
E-Man
DD-WRT User


Joined: 10 Mar 2014
Posts: 85

PostPosted: Fri Aug 26, 2016 16:23    Post subject: Reply with quote
mrjcd wrote:
ftp://ftp.dd-wrt.com/betas/2015/09-28-2015-r27858/broadcom/dd-wrt.v24_vpn_generic.bin
I don't know if openVPN is there but should be...it is on mega builds for the wrt54g boxes but your router only has 4MB flash... can't run a mega build.

ftp://ftp.dd-wrt.com/betas/


MrJcd, I am willing to try the "dd-wrt.v24_vpn_generic.bin" file you quoted above, but is it safe to load on the WRT54GL v1.1? How can I find out.

@BrainSlayer or @<Kong>, can you PLEASE help mrjcd and me to confirm what is the latest build I can safely flash on WRT54GL v1.1 with OpenVPN client support? I am having issues with build "v24-sp2 (10/10/09) vpn"
mrjcd
DD-WRT Guru


Joined: 31 Jan 2015
Posts: 5227
Location: Texas

PostPosted: Fri Aug 26, 2016 18:06    Post subject: Reply with quote
E-Man wrote:
....
but is it safe to load on the WRT54GL v1.1?

Yea should be just fine.
You really should reset the router...since it has that prehistoric build on it.
Install 27858 and reconfigure as you want.
E-Man
DD-WRT User


Joined: 10 Mar 2014
Posts: 85

PostPosted: Sat Aug 27, 2016 0:28    Post subject: Reply with quote
mrjcd wrote:
E-Man wrote:
....
but is it safe to load on the WRT54GL v1.1?

Yea should be just fine.
You really should reset the router...since it has that prehistoric build on it.
Install 27858 and reconfigure as you want.


Hi mrjcd,

Progress! I flashed 27858 and now there is a new option called "Net Isolation" which *sounds like* it would do what I want, but setting it to Enable doesn't work and clients on the subnets can still ping each other. I also tried to disable "Masquerade/NAT" but it did not change anything.

I know what "Net Isolation" is supposed to do when the Wireless Mode is "AP", but what in the world is it supposed to do when it is in "Client Mode"?



27858 Client Mode NEW.jpg
 Description:
New Options in 27858
 Filesize:  22.73 KB
 Viewed:  18286 Time(s)

27858 Client Mode NEW.jpg


mrjcd
DD-WRT Guru


Joined: 31 Jan 2015
Posts: 5227
Location: Texas

PostPosted: Sat Aug 27, 2016 2:03    Post subject: Reply with quote
I'm not sure why you keep messing with the bridged/unbridged settings for the wireless interface.

Client mode is a very simple setup.
1. Reset the router
2. wireless setting = Client
3. Wireless Network Mode = G-Only for that router (whatever you want to bridge with must be in G or NG mixed)
3. put in exact same SSID as what you want to bridge to
3. put in exact password as device you want to bridge to
wait couple minutes and you should see WAN IP in upper right corner --- this will be in the subnet range of what you are bridged to --- that is this routers WAN -- It's WAN interface is the wireless wl0.
This router will hand out DHCP according to whatever is set in basic settings.
From your main network you cannot see devices attached to this router --- you cannot even ping this router from your main network.... OK
Devices (wired) to your Client router can reach any device by IP --- you will have to block that if you want to using firewall rules on the main router.

I use this type setup often connected to hotspots ...mainly at RV parks. Allows me internet plus still have my private network -- to serve whatever I want within Smile
E-Man
DD-WRT User


Joined: 10 Mar 2014
Posts: 85

PostPosted: Sat Aug 27, 2016 7:03    Post subject: Reply with quote
mrjcd wrote:
I'm not sure why you keep messing with the bridged/unbridged settings for the wireless interface.

Client mode is a very simple setup.
1. Reset the router
2. wireless setting = Client
3. Wireless Network Mode = G-Only for that router (whatever you want to bridge with must be in G or NG mixed)
3. put in exact same SSID as what you want to bridge to
3. put in exact password as device you want to bridge to
wait couple minutes and you should see WAN IP in upper right corner --- this will be in the subnet range of what you are bridged to --- that is this routers WAN -- It's WAN interface is the wireless wl0.
This router will hand out DHCP according to whatever is set in basic settings.
From your main network you cannot see devices attached to this router --- you cannot even ping this router from your main network.... OK
Devices (wired) to your Client router can reach any device by IP --- you will have to block that if you want to using firewall rules on the main router.

I use this type setup often connected to hotspots ...mainly at RV parks. Allows me internet plus still have my private network -- to serve whatever I want within Smile


I hear you. I guess I am just looking for a fully GUI solution. I guess I will have to resort to iptables... Its unfortunate, because I wanted to dynamically use Client Mode to connect to random AP's and not have to change my settings so I might have to think of some sort of dynamic iptools rule...
tty32
DD-WRT Novice


Joined: 28 Mar 2018
Posts: 1

PostPosted: Wed Mar 28, 2018 15:54    Post subject: Reply with quote
Don't want to revive old threads but if someone gets here by google (just like me) it might help them out.
I was going bananas getting the same setup working. I didn't even get wlan interface to connect, until I saw directions from mrjcd: "Wireless Network Mode" must be set explicitly (to G or N, not mixed modes).

So, to summarize:

- You can safely use "Status" > "Wireless" > "Site Survey" and join the SSID of interest. The web interface then redirects you to "Wireless" > "Basic settings" and pre-fills "Wireless Network Name (SSID)". You have to set "Wireless Network Mode", "Network Configuration" to "Unbridged", "Masquerade / NAT" to "Enable". Save, and set "Wireless security" settings appropiately.
- Other instructions are given in above replies already, but for completeness: in "Basic Setup", "WAN Connection Type" to DHCP, ensure your router ip is in another subnet, and "Advanced routing" > "Operating Mode" set to "Gateway".

Hope this helps someone.
IanTsai
DD-WRT Novice


Joined: 03 Jan 2020
Posts: 1

PostPosted: Fri Jan 03, 2020 14:09    Post subject: Reply with quote
Thank you very much,It is work Very Happy
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum