我有一個備用的WRT160NL,我將其配置為橋接客戶端,主要如下本指南。主路由器 IP 為 192.168.178.1,也連接到網際網路。 WRT的IP是192.168.178.2,該設備以客戶端模式透過wi-fi連接到主路由器。然後,相同的 SSID 在 AP 模式(「模式:主」)下廣播,並且 WRT 上的 DHCP 被停用。橋接介面連接「無線廣域網路」和WRT 上的無線網路。
問題
現在我想設定訪客 Wi-Fi,但似乎無法正常運作。我正在跟進本指南。新的訪客網路已廣播,我可以連接到它並透過 DHCP 取得 IP。第一步,我嘗試 ping 該網路的 WRT 介面位址,即 192.168.3.1。這失敗了,我不明白為什麼。在嘗試其他操作、調整防火牆設定等之前,我應該能夠從子網路內部 ping 通路由器 IP,不是嗎?由於我有一個橋接介面(“stabridge”),我將訪客介面新增到橋接介面中,但這也不起作用。
設定檔
/etc/config/網絡
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option ifname 'eth0'
option force_link '1'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option gateway '192.168.178.1'
option dns '192.168.178.1'
option delegate '0'
option ipaddr '192.168.178.3'
config interface 'wwan'
option proto 'static'
option netmask '255.255.255.0'
option gateway '192.168.178.1'
option delegate '0'
option ipaddr '192.168.178.2'
config interface 'stabridge'
option proto 'relay'
option ipaddr '192.168.178.2'
option delegate '0'
list network 'guest'
list network 'lan'
list network 'wwan'
config interface 'guest'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option delegate '0'
/etc/config/無線
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11g'
option path 'platform/ath9k'
option htmode 'HT20'
option disabled '0'
option channel '4'
option txpower '21'
option country 'US'
config wifi-iface
option network 'wwan'
option ssid 'wi-fi'
option encryption 'psk2'
option device 'radio0'
option mode 'sta'
option bssid '24:65:11:XX:XX:XX'
option key 'wifipassword'
config wifi-iface
option device 'radio0'
option mode 'ap'
option ssid 'wi-fi'
option network 'lan'
option encryption 'psk2'
option key 'wifipassword'
config wifi-iface
option device 'radio0'
option mode 'ap'
option network 'guest'
option ssid 'wifi_guest'
option encryption 'psk2'
option key 'wifiguestpassword'
/etc/config/防火牆
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan wwan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6 wireless_open'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config rule
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config zone
option name 'guest'
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option network 'guest'
config forwarding
option dest 'wan'
option src 'guest'
config rule
option target 'ACCEPT'
option src 'guest'
option proto 'tcp udp'
option dest_port '53'
option name 'Guest DNS'
config rule
option enabled '1'
option target 'ACCEPT'
option src 'guest'
option proto 'udp'
option dest_port '67-68'
option name 'Guest DHCP'
獎勵積分:我嘗試配置確切的與 DD-WRT 相同的設置這也失敗了,我也無法從訪客網路內部 ping 網關。我在這裡遇到了一些硬體限制嗎?
我缺少哪些步驟來配置訪客網路以使用“wwan”連接到互聯網?感謝您的關注!
防火牆設定:
如果從網橋中刪除訪客網絡,仍無法從訪客網絡內部 ping 訪客網關。
root@OpenWrt:~# ifconfig
br-lan Link encap:Ethernet HWaddr BE:0F:EC:XX:XX:XX
inet addr:192.168.178.3 Bcast:192.168.178.255 Mask:255.255.255.0
inet6 addr: fe80::bc0f:ecff:fe6f:f226/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6944791 errors:0 dropped:4991 overruns:0 frame:0
TX packets:11086842 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:581010664 (554.0 MiB) TX bytes:15224175749 (14.1 GiB)
eth0 Link encap:Ethernet HWaddr BE:0F:EC:XX:XX:XX
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:291345 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:18850062 (17.9 MiB)
Interrupt:4
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:149 errors:0 dropped:0 overruns:0 frame:0
TX packets:149 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10372 (10.1 KiB) TX bytes:10372 (10.1 KiB)
wlan0 Link encap:Ethernet HWaddr 00:03:7F:XX:XX:XX
inet addr:192.168.178.2 Bcast:192.168.178.255 Mask:255.255.255.0
inet6 addr: fe80::203:7fff:fec0:7cfa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10984215 errors:0 dropped:2 overruns:0 frame:0
TX packets:7134194 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2342342874 (2.1 GiB) TX bytes:830422933 (791.9 MiB)
wlan0-1 Link encap:Ethernet HWaddr 02:03:7F:XX:XX:XX
inet6 addr: fe80::3:7fff:fec0:7cfa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6989301 errors:0 dropped:0 overruns:0 frame:0
TX packets:11120218 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:714322711 (681.2 MiB) TX bytes:2590755125 (2.4 GiB)
wlan0-2 Link encap:Ethernet HWaddr 06:03:7F:XX:XX:XX
inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
inet6 addr: fe80::403:7fff:fec0:7cfa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:955 errors:0 dropped:6 overruns:0 frame:0
TX packets:270 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:90423 (88.3 KiB) TX bytes:47057 (45.9 KiB)
root@OpenWrt:~# ifdown br-lan
Interface br-lan not found
root@OpenWrt:~# ifdown eth0
Interface eth0 not found
root@OpenWrt:~# ifdown wlan0
Interface wlan0 not found
root@OpenWrt:~# ifdown wlan0-1
Interface wlan0-1 not found
root@OpenWrt:~# ifdown wlan0-2
Interface wlan0-2 not found
答案1
Ping 192.168.3.1 確實應該有效。所以我認為你應該首先關注這一點。我認為問題在於
config interface 'stabridge'
...
list network 'guest'
因為來賓不應該在網橋中(如果它在網橋中,它自己的 IP 可能會被忽略)。