[Cold-Lemonade]

I am having trouble finding information about how to set up a wireless access point on my Linksys WRT1900ACSv2. Here's what I'm trying to do:

I have a Netgear r7000 running DD-WRT v3.0-r49567 std (07/27/22) which connects to my ISP. I've run an ethernet cable to another part of my house where the wifi signal is weak. I'd like to connect this cable to the WAN port on my WRT1900ACSv2 so that the WAN port acts as just another LAN port. The WRT1900ACSv2 would broadcast the same SSID as the r7000.

Can someone please offer some guidance?

[egc]

For one if you do not need the WAN port do not use it, for some routers the WAN is alwasy routed via the CPU and is slower and or you can have problems with VLANS's

I use port 4 as connecting port

Setting up a WAP is fairly simple, this is the way I do it:

A Wireless Access Point is a secondary router connected wired LAN<>LAN on the same subnet as the primary router:
• WAN disabled
• DHCP server Disabled (=off and NOT set as Forwarder!)
• Local IP address in subnet of primary router but outside DHCP scope, make sure the used IP address is unique on your network you cannot have duplicates.
You can run udhcpc to give the WAP a static lease but because you can it doesn't mean you should
• Gateway and Local DNS pointing to primary router
• DNSMasq enabled
• Router kept in the default Gateway mode (the wiki says Router mode but do not do that, either it does not matter (this case) or break things)
• Connect LAN <> LAN (do not use the WAN port unless you really need that extra port, for most routers traffic still must use the CPU so performance is lacklustre )
• I do not change the Firewall settings although you do not want a firewall, the Firewall is automatically disabled as there is no WAN, but it does not hurt to follow the wiki and Disable the Firewall anyway.


If setup you have to add the following rule to the firewall in order to get internet access from unbridged interfaces e.g. an ubridged VAP or Bridge.
In the web-interface of the router (the WAP): Administration/Commands save Firewall:
#Always necessary (alternatively set static route on main router and NAT traffic from VAP/Bridge out via WAN):
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to $(nvram get lan_ipaddr)

#Replace with the appropriate interface of your VAP, e.g. wl0.1, wlan0.1 etc:
GUEST_IF="wlan1.1"
#Net Isolation does not work on a WAP so keep it disabled, add for isolating VAP/Bridge from main network:
iptables -I FORWARD -i $GUEST_IF -d $(nvram get lan_ipaddr)/$(nvram get lan_netmask) -m state --state NEW -j REJECT

#For isolating the WAP itself from the VAP:
iptables -I INPUT -i $GUEST_IF -m state --state NEW -j REJECT
iptables -I INPUT -i $GUEST_IF -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i $GUEST_IF -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i $GUEST_IF -p tcp --dport 53 -j ACCEPT

(note: not all firmwares have the multiport directive)

Of course there is also a wiki but I deviate from it on some points

[Cold-Lemonade]

Thank you again @egc. I didn't know that using the WAN port as a LAN port is slows down the throughput. That is very useful information.

[egc]

It depends on router model, but in general better avoid the wan port if possible.