I have a Flint 2 as my main router, with a Flint 1 behind it in access point mode. A wire runs from a LAN port on the Flint 2 (main router) to the WAN port on the Flint 1 (AP). I used an ARP table to find the IP address of the Flint 1 (AP), but when I try to access the login page, I am prompted with an error that says the page is unreachable.
Are there any firewall rules that need to be changed? I do have a VPN client running for the whole network.
There are multiple possibilities as to why you are not able to reach Flint 1 (AP). Unfortunately, due to the absence of more accurate information, I will start from the top with my questions:
Have you kindly followed the "Dumb" Access Point user guide documentation from OpenWRT for your Flint 1 as an access point?
If so, to answer your question regarding firewall rules for most propably the Flint 1 access point, there are none, as the routing, firewall, DHCP, or DNS is supposed to be handled by your Flint 2 main router. (Source: "Dumb" Access Point OpenWRT)
Could you please elaborate more accurately on what you are referring to as the "VPN client running for the whole network"?
Hello @moonstruck I have looked at the documentation. I only want to use Flint 1 (AP) as a switch only, no wireless access at this time.
Regarding the firewall rules, yes, I was asking what firewall rules need to be in place on the main router.
About the VPN, I just wanted to mention that I am running a VPN client in case that makes a difference.
@Denisimo the main router IP is 192.168.9.1 and the AP is 192.168.9.115 (currently unreachable). However, I have tried pinging the Flint 1 (AP) from a MacBook on the same subnet (192.168.9.116) and the ping was successful.
Indeed, as I comprehend from your transmissions, the connection of Flint 1 access point to the LAN port of the Flint 2 main router should, in theory, remain unaffected by the firewall, given that the connection exists within your network or subnet. You corroborated this by specifying the main router at 192.168.9.1 and the access point at 192.168.9.155.
From the perspective of the main router, no further actions are required.
Regardless of the wireless access, you have the option to configure it according to the "Dumb" Access Point OpenWRT documentation, and deactivate wireless afterwards. This action theoreticly should not impact the setup.
If you have reviewed the documentation, have you attempted or followed the instructions, such as disabling the firewall and DHCP for the Flint 1 access point?
Perhaps this YouTube video from the channel OneMarcFifty may provide further clarification and aid your understanding of my reference:
I understand what you are saying regarding the fact that since the Flint 1 is on the same subnet as the Flint 2, I should be able to access the login page of the Flint 1 freely. However, this is not the case, and makes me wonder if the fact that I have a VPN client running may be affecting this, since those IP addresses are not local.
The wireless on the Flint 1 was already deactivated a while ago, but I have just plugged back in the Flint 1 as an AP recently. Even though I have the IP address of the Flint 1, the login page remains unreachable.
I am not currently able to verify if the firewall and DHCP are disabled since I can't log into the Flint 1, but I believe they already should be.
If so, you may find the answer you are seeking in the third sentence within the documentation.
If not, and if you are willing to follow my instructions, kindly proceed as follows:
For users of Windows 10/11 devices: please connect your device to the Flint 1 via an RJ45 cable. Avoid connecting it to the WAN, as we do not have information about your specific settings.
Follow these instructions on setting a static IP using Windows 11.
Regarding your second statement towards Deniisimo, please configure your device with the following static IP settings:
IP Address: 192.168.9.120
Subnet Mask: 255.255.255.0
Gateway: 192.168.9.1 (optional)
After completing the setup, check if you can access your Flint 1 access point log in page and kindly provide us optionally with your configuration, ensuring that sensitive information such as personal IP, MAC addresses and anything related are removed.
To revert these settings, simply follow the steps in reverse.
Yes I have followed the documentation. When I plug directly into a LAN port on the Flint 1, I am still unable to access the Flint 1 login page. I have already set the static IP address for the Flint 1.
EDIT: I have successfully reached the login page by using LAN Port 1 (LAN1) on the back of the Flint 1 (AP), rather than just using a random ethernet port.
Hi @moonstruck I have another question though. Even though I am successfully able to reach the login page of the Flint 1 (AP) via the LAN1 port on the back of the Flint 1 (AP), the Flint 1 login page remains unreachable when I am on Wi-Fi.
While I was logged into the Flint 1, I made sure that I stopped the dnsmasq and firewall operations in Luci but that did not make it possible to reach the login page over Wi-Fi. Any suggestions? Please note that I am connected to the Wi-Fi radio on the Flint 2 (main router) because I don't want the Wi-Fi radios on the Flint 1 (AP) to be active.
As I thoroughly reviewed your recent posts, I observed the following:
If you followed the instructions provided in my previous messages, you should have noted that one of the key settings for the Flint 1 access point to properly connect to the Flint 2 main router is the correct setup of a static IP within the access point.
Please kindly visit the "Interface" page and, by clicking on Edit of "LAN," ensure you have the following settings saved within your access point:
IP Address: 192.168.9.115
Subnet Mask: 255.255.255.0
Gateway: 192.168.9.1 (This is essential)
In conclusion, please verify that the Gateway has the same IP address as your main router.
I would be delighted to hear confirmation that your issue has been resolved and that my assistance was helpful to you.
I am gratified that my assistance has proven beneficial to you.
I don't see anywhere to enter a default gateway on the edit page of the LAN interface. There is a box titled "use default gateway" and that box is already checked.
Edit: sorry, for some reason it started working. The last change I applied was disabling dnsmasq and firewall on the Flint 1 (AP) and all is well now.
As I conveyed in my previous communication, I am pleased that my assistance has been of benefit to you.
May you find fulfillment in your journey through the adventures and troubleshooting of OpenWRT.