Turris Shield - no internet connection with the WLAN router

bender916 · September 11, 2020, 3:08pm

Hi together

I have an issue with my WLAN router, Netgear WNR 1000v2. Connected with the Turris Shield it cannot get an internet connection. I hoped it would be more or less plug and play, but it did not turned out this way.

Following is my network setup:
ISP router <–> Turris Shield <–> WLAN router

What points do I need to consider during the setup of the Shield and/or my WLAN router?

Frank_Hamm · September 12, 2020, 4:27pm

Hi, I’m using a AVM FritzBox but this shouldn’t consider. You have to choose a different network for your wan and you network. For example the isp-modem should have 192.168.190.1 and the wan port 192.168.190.2 . And on the “network” side you could youse the build in DHCP or something else. But the ip-range should different from the wan-port. For example 192.168.191.1-249. I hope this helps.

Vojtech_Raim · October 9, 2020, 4:01pm

Hello. I have a similar problem. I tried to install the Shield between the modem and the router.
optic modem — shield — router.
I have set the router to be at 192.168.1.2, so it doesn’t collide with the shield at 192.168.1.1. Both shield and router have DHCP on WAN as well as LAN side. The router itself works okay after the change to 192.168.1.2. But all stops working as soon as I put the shield in between. Neither 192.168.1.1 nor 192.168.1.2 is reachable, and the network is disconnected from the internet as well as the network is “unknown”.

I tried setting the shield to “computer” mode. It did not work. I tried to set it back (via factory reset). No success. I tried setting the router to “bridge”. Now the internet passed trough to a cable-connected computer, but all devices at WLAN were connected to the WLAN but not connected to the internet.

Please, do you know how to help with this?

Tenn · October 14, 2020, 8:45pm

Hi @Vojtech_Raim,

I don’t know exactly whether they recognized the problem correctly.
But if you want to operate the shield between ISP / modem / router -> shield -> private route, you have to use a subnet, as far as I know …

ISP / WAN -> (xx.xx.xx.xx / XX) <-> Shield <192.168.1.0/24> Private Router <(LAN) 192.168.2.x or 192.168.0.x

Otherwise you would have to switch to NAT (network address translation) in your private router to use the 192.168.1.0/24 area in the internal network …

The problem is probably due to the fact that you have 2 DHclients each, maybe you can deactivate the dhclient on the shield (via ssh -> root@192.168.1.1.

TODO: PrivateRouter -> Try Via Nat?
Shield -> all settings are correct? -> dns forwarding etc? Shield tests must all be green, except for ipv6 and dnssec.

Deactivate vtl Shield dhclient …

I hope my information is helpful

greeting