Hello everyone! Sorry for such long post…
Please allow me to start from the beginning, so that this conversation can be of help even to novice users. I want to learn and understand the why behind the required configuration options that will work in the following scenario. Your comments, corrections and suggestions are very welcome.
I have searched the internet and was persuaded to have found enough information to achieve the desired setup. Unfortunately, the information was either outdated (concerning old software versions), too technical (focusing on low-level details) or simply not applicable to Turris devices. Additionally, the likely presence of software bugs and the lack of knowledge to debug the underlying configuration have made it an arduous and unsuccessful task.
I’m experimenting with a Turris Omnia (HW revision CZ11NIC20) running Turris OS (SW version 4.0.3).
The desired setup is to use Turris Omnia LAN and Access Point as an extension of an existing network. The device provided by the ISP is a Modem / Router with LAN and Wireless capabilities. A computer connected to Turris Omnia LAN should be able to communicate with other computers on the ISP router LAN and vice-versa. Seamless wireless client roaming between both Access Points should also be possible. Isolation between LAN and Wireless is not required. Wireless guest network is not required.
1) Connecting the devices
A standard ethernet cable was used for this purpose. One end of the cable was connected to a LAN port on ISP device. Another end of the cable was connected to a LAN port on Turris Omnia.
I have found this LAN-to-LAN connection pretty much on every tutorial concerning similar setups and it seems to be the simplest approach. I know that in Turris OS it’s possible to assign the WAN port to the LAN and maybe it would also work, but it requires more advanced configuration and probably it has some other implications (e.g. firewall settings).
2) Configuring Turris OS
The configuration of Turris OS should be quite simple! Disable DHCP server and maybe update firewall settings. However, this is where things started to go wrong and beyond my basic knowledge.
I need your help to understand the situation and to find a working solution…
I’ve made several attempts, starting from a fresh USB re-flash of Turris OS version 4.0.3 and using the first run wizard of Foris (SW version 100.6) for the initial configuration, resulting on various degrees of misconfiguration and malfunction.
I’ve also tried to use LuCI (SW branch git-19.354.01383-590ecd6) and SSH to inspect the configuration in detail. Even without understanding many aspects of it, I was able to identify some unexpected contradictions.
2a) Local server workflow
Foris configuration:
-
WAN: port disconnected
-
LAN: port 0 connected to ISP router
-
LAN mode: Computer
-
Static IPv4 address, Netmask, Gateway (LAN connection tests OK)
-
Guest Network: disabled
-
DNS forwarding to provider’s resolver (DNS connection tests OK)
-
Wi-Fi 1 & 2 enabled and configured (wireless guests disabled)
Result: a computer connected to LAN port or to wireless Access Point was given an IP address from an unexpected network and unable to reach the internet on both situations.
LuCI configuration: Network > Interfaces:
-
LAN: br-lan aggregates LAN0…4 and WLAN0…1
-
LAN: br-lan displays a “random” MAC address
-
DHCP server: enabled
-
IPv6 settings: enabled
I’ve tried to disable DHCP server and IPv6 settings in LuCI. After a reboot they appear disabled, as expected.
Result: a computer connected to LAN port was unable to obtain an IP address. A computer connected to a wireless Access Point was given an IP address from an unexpected network and unable to reach the internet.
SSH configuration: ifconfig:
- br-lan displays the same MAC address as wlan1
2b) Router mode changed to Computer mode
Started Foris wizard to configure the router mode, with the WAN port connected to the ISP router.
Result: a computer connected to LAN port or to wireless Access Point was given an IP address from an expected network, different from existing network, and able to reach the internet on both situations.
Followed by changing the configuration to Computer mode in Foris, then disconnected the WAN port and connected a LAN port to the ISP router.
Result: a computer connected to LAN port was unable to obtain an IP address. A computer connected to a wireless Access Point was given an IP address from an unexpected network and unable to reach the internet.
LuCI configuration: Network > Interfaces:
-
LAN: br-lan aggregates LAN0…4 and WLAN0…1
-
LAN: br-lan displays the same MAC address as LAN0…3
-
DHCP server: disabled
-
IPv6 settings: enabled
I’ve tried to disable IPv6 settings in LuCI. After a reboot they appear disabled, as expected.
Result: a computer connected to LAN port was given an IP address from the existing network and able to reach the internet. A computer connected to a wireless Access Point was given an IP address from an unexpected network and unable to reach the internet.
SSH configuration: ifconfig:
- br-lan displays the same MAC address as LAN0…3