Jump to content

Recommended Posts

Posted (edited)

I just bought a WRT54GL router today and I just can't seem to get it working with the modem my apartment gave me (a T-LAN SU-400).

* The modem is working, if I plug it directly into my PC I have internet access.

* The router appears to be working - I can access its admin page, other devices on the LAN are accessible through it no problem.

I think my building gets its internet via some kind of cable or leased line, the modem is a bit weird (not an ordinary Pantip Plaza model). Usually when you try to open a webpage you will first be presented with a login screen.

I haven't been able to find any way to interact with the modem and the manufacturer's website is utterly useless. The router is using DHCP + the same default gateway as my PC has when it is directly connected and working, plus same 'connection-specific DNS suffix'. I can't think what the problem could be. Have tried resetting and rebooting everything.

Edit: I noticed that my router has been assigned a private IP in the range 192.168.1.x ... and of course it is also assigning private 192.168.x. IPs to devices within my LAN. Would that bugger things up?

Edited by Crushdepth
Posted

Plug the cable into one of the LAN ports and leave the WAN port unused. This way, you'll only use it as an accesspoint.

Connect to the wireless network and see if you get an IP address through dhcp

Posted

If its a routing problem then an easy fix is to put the modem on a 10.0.0.X network and the wireless on a 192.168.1.X network. PM me if those crap instructions mean nothing and I'll try and explain properly.

Posted
Plug the cable into one of the LAN ports and leave the WAN port unused. This way, you'll only use it as an accesspoint.

Connect to the wireless network and see if you get an IP address through dhcp

Yes that works - and I can access internet over wireless now (thanks!). However, I mostly need an internet connection via my wired PC.

Posted

Ok so I got things (kind of) working now:

* Plugged the modem into LAN port 1 on my PC.

* Plugged the router into LAN port 2 (forgot I had another one!).

* Plugged my NAS into the router (which I guess is now just working as a switch?).

So, I have internet on my PC and access to the NAS, which is good enough for now. I actually got the router because I'm moving into a new apartment next month I hope, with regular ADSL, I'll be able to get a less weird modem there.

If its a routing problem then an easy fix is to put the modem on a 10.0.0.X network and the wireless on a 192.168.1.X network. PM me if those crap instructions mean nothing and I'll try and explain properly.

I don't have access to the router admin (tried that!) but when I move I'll be buying my own. Thanks for your help :o

Posted

There is no need to use the linksys box as a router, so leaving the WAN port unused is the simplest way to go. utp cable between the router and the linksys and you've got 3 extra lan connections.

If you are determined to use the wan port, you'll need to create a 2nd ip range, turn off NAT and add that range to the routing table of the T-LAN SU-400. A more complicated setup, and more can go wrong, making troubleshooting a bit harder in case of problems. So not worth it unless you have a good reason to do this.

Posted

something seems a bit weird

maybe the apartment block is running its own DSLAM and then proxying the cable internet connection. Can you access the modem admin page at all - see what it says its external IP is and then put http://checkip.dyndns.org into a browser to see what the outside world thinks your external IP is.

are you going to be upgrading the firmware on the 54gl ?

I would still plug the modem to the WAN and set the WAN to DHCP and let it get a 192.168.1.x address

then put the LAN in the 10.x.x.x range.

I know you will be interested in running your own VPN server on the 54gl :o so it is a good idea to get your LAN range into the 10.x.x.x area so you will not have issues later when you are sitting at a wifi hotspot that is handing out 192.168.1.x addresses and your VPN server is also handing out 192.168.1.x - your routing table will be going <deleted> ?

any 54gl questions , happy to help.

Posted

I had another go this morning and got it working. I tried assigning the router a fixed IP on the internet side (which my PC had been using when directly connected) instead of DHCP and it worked. I'm pretty sure my building does use DHCP, so it will be interesting to see if it keeps working when the lease expires.

I'm pretty sure there is a proxy. Our building gets internet through WLANNET (a hotspot provider) and you have to log into their portal before you can get 'outside'. Sometimes their login server crashes out and then the whole building is cut off! I tried to access the modem interface, but doing so redirects me to an admin login screen some kind of network access management software they are using in the building, rather than the modem itself.

Anyway, yep the plan is to get tomato and openvpn on the router, so I can access my new supercool QNAP NAS box from wherever. What's the best version for doing that?

Posted

start here for the firmware image http://www.linksysinfo.org/forums/showthread.php?t=59416

you are going to have a problem running the 54GL as a openVPN server as you don't have a internet resolvable address to use - it can be gotten around by running another 54GL as server somewhere you do have outside control and access and then your home unit would run as a client and you would set client to client access. - the server 54GL could sit behind anything also , just forward port 1194 to the 54GL WAN - understandinng that anything connected to the wifi or LAN would have access to your VPN and if you connected in from the outside world you would have the latency ( and maybe bandwidth ) from the redirection.

I thought your http://www.universalnetwork.com.au/su400.htm was a modem - does it connect via RJ45 or RJ11 . setting your WAN port on the 54GL to static might cause you problems if the DHCP server is run at their proxy - how was your PC getting an address when you direct connected ?

Posted

Thanks I installed the firmware no problem, very painless. I'm moving to a new apartment with (hopefully) a normal ADSL service next month, so hopefully that will sort out the IP issue. Just had a look at the OpenVPN bit of the interface - is there a way to add AES or Twofish as cipher options?

It is a modem, it connect to the building's system via the phone jack, then a regular ethernet into the router or PC. But I'm pretty sure our building doesn't get ADSL, I remember them saying they had a lease line or cable or something like that.

Posted (edited)

Edit: Can't seem to get the VPN servers started - says 'server is not running or status cannot be read', and the key boxes are all empty - the firmware page says they are generated automatically on startup, but the etc/openvpn directory is empty. How'd you get yours going?

Think my non-routable IP may have screwed up the VPN set up? Guess I'll have to wait till I move to play with it! Tomato is working well otherwise.

Edited by Crushdepth
Posted (edited)

ok - grab yourself a copy of openvpn client from openvpn.org

you will need it on your laptop anyway - but with it will be a copy of easyrsa - you will use it to generate keys and certs and the dh params

the readme in the easyrsa folder should have a step by step guide

as this is your first go at generating all the bits just follow the generic - you can get more creative as you get the hang of it all

I just had a quick look at the readme and it is pretty straight forward - just follow it using the command line to execute commands

when you edit your vars.bat you can change the set dir name if you intend to do several servers - you don't want them all in one dir called keys

1024 bit keys is good enough for a beginner :o - thwart the NSA later

all the stuff in the set country , city , org and email can be filled out with humor

when you build-key server <machine name> what you use for <machine name> cannot be what you use when you build-key <machine name>

eg. I would do something like build-key-server hello_server and build-key hello_client1 etc

I will continue with the rambling as I think of stuff later :D - but definately have a read of that linksysinfo thread , some VPN gurus there :D

Edited by stumonster
Posted

Let's have a look at that proposed setup:

10.x.x/24 on the LAN

192.168.1/24 on WiFi

If you have a host on the LAN that wants to connect to a host on the WiFi network, it will send it's data to the default gateway - quite logical since it's not located on it's own subnet.

The default gateway needs to have a routing entry that says send all traffic destined for 192.168.1/24 to 10.x.x.n, with n being the address of the Linksys on the WAN port.

Of course, NAT has been turned off on the Linksys. First of all there is no need for NAT and second it's not necessary to to double NAT translations for sessions going from the WiFi network to the internet.

The router used in this case is not a router but a bridge - it bridges traffic between ethernet and phoneline (similar to vdsl) so the default gateway is a router located behind the dslam (which also only bridges).

All taken together: using the Linksys as a bridge in this situation makes much more sense.

In order to use a VPN setup, one has to be able to make a connection from the internet to a public (which means routable) IP address. Not the case here, so it won't work.

  • 2 weeks later...
Posted (edited)

Ok. Basically switching my LAN to the 10.x.x.x range seems to have solved all my problems. Everything is working great. I just bought an apartment so I won't mess with the OpenVPN until I move in later this month (I will also be getting my hands on a Samsung series 7 TV which has a LAN port in the back, and trying to stream media to it from my NAS box!).

Just a comment on the Linksys WRT54GL router: I put tomato firmware on this, and it is rock solid. It is the only consumer router I've ever had that worked perfectly. For 2,000 baht its a bargain.

Edited by Crushdepth
Posted (edited)

Once you get comfortable with tomato, you could do what I did which is run the DSL router in bridge mode - at that point it becomes a dumb box - and the WRT54GL+tomato as PPPoE device and NAT. It's a bit more complicated to set up, but you can then use the tomato NAT which is better than most commercial routers you could get.

The advantage is that tomato can handle any kind of traffic you throw at it. Normal routers tend to crash or get really slow if there are too many connections, as you get with bittorrent traffic. My old Zyxel would just freeze if there were more than 200 simultaneous connections. The WRT54GL + tomato can do thousands without breaking a sweat.

Steps:

1- Put the DSL modem in "bridge" mode, give it a new IP address outside the range you use, I used 192.168.25.1, my normal DHCP network scheme is 192.168.23.x

2 - Enable PPPoE on tomato, enter your username.password (should be in the DSL router)

3 - Put the following script on the tomato firewall (Administration->Scripts->Firewall)

iptables -I POSTROUTING -t nat -o vlan1 -d 192.168.25.0/30 -j MASQUERADE
ip addr add 192.168.25.2/30 dev vlan1 brd +

Now all your network devices will be on the normal DHCP scheme, and the ADSL router will be on 192.168.25.1. And you are using tomato to do everything.

PS: Yes this router is an absolute steal considering that tomato is far and away the best router software you can get. I have two WRT54GLs running a wireless bridge (WDS mode), and compared to DLink with the native DLink software it's just so much better. It doesn't compare. Dlinks take hours to configure even if you know what you are doing, and it's a very error prone process. in tomato it's minutes.

Edited by nikster

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...