View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000294 | Networks | Hardware | public | 2019-08-27 01:27 | 2024-09-13 20:04 |
| Reporter | DigitalMy | ||||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Summary | 0000294: Set OpenWrt router as gateway to remote network | ||||
| Description | Connect smartphone (Android) with USB cable to router (OpenWrt). Make alternative internet source with automatic change: 1. Use smartphone as internet souce (not USB, hotspot way) use for period of being nearby have problem with automatic route switch back to default 2. Connect to WiFi hotspot (when available) default way 3. USB modem device, mobile provider used for another location as default | ||||
| Steps To Reproduce | > install like: opkg install nano opkg install mc ~6MB size | ||||
| Tags | No tags attached. | ||||
| related to | 0000302 | progress | DigitalMy | Windows and other desktop OS | Unified settings for OpenVpn clients site-to-site mode |
| related to | 0004364 | assigned | DigitalMy | Networks | Router Netgear WNDR4700 |
| related to | 0000297 | assigned | DigitalMy | Networks | Unlock Huawei E392 USB modem and set IMEI |
| related to | 0004363 | resolved | DigitalMy | Networks | Set OpenWrt dual gateway switch |
| related to | 0005403 | resolved | DigitalMy | Networks | Upgrade OpenWrt router to AC-type standard gateway to remote network with Linksys EA4500 |
|
|
Got Netgear WNDR4700 Centria N900 dual band gigabit wireless router storage Installed OpenWrt 18.06.4 firmware |
|
|
Install usbutils with lsusb tool: opkg update && opkg install usbutils connected FAT32 flash , lsusb -t gives Bus 01.Port 1: Dev 1, Class=root_hub, Driver=dwc2/1p, 480M |__ Port 1: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 480M This kind of driver dwc2 dmesg xhci_hcd 0000:45:00.0: Direct firmware load for K2013080.mem failed with error -2 xhci_hcd 0000:45:00.0: firmware failed to load (-2) found this issue https://forum.openwrt.org/t/wndr4700-support-for-usb3/14809 https://forum.openwrt.org/t/fixed-usb-not-working/2071 need to put the following file: K2013080.mem into /lib/firmware like: wget http://server.tk/pub/firmware/WNDR4700/USB3_FW/K2013080.mem mv K2013080.mem /lib/firmware/K2013080.mem and either reboot router, or just reload xhci-pci module http://www.adapter.co.jp/Adapter/PP2U-jp.html opkg install http://server.tk/pub/firmware/WNDR4700/uPD72020x-firmware_2_powerpc_464fp.ipk issue fixed |
|
|
Now add LTE modem to openwrt opkg install usb-modeswitch opkg install kmod-mii opkg install kmod-usb-net opkg install kmod-usb-wdm opkg install kmod-usb-net-qmi-wwan opkg install uqmi opkg install kmod-usb-net-cdc-ether opkg install kmod-usb-net-rndis not used: kmod-usb-net-asix kmod-usb2 kmod-ath9k kmod-usb-ohci NDIS interface (QMI Mode), enable it on port 7 as follows uqmi -d /dev/cdc-wdm0 --get-data-status -> disconnected uqmi -d /dev/cdc-wdm0 --get-signal-info -> lte uqmi -d /dev/cdc-wdm0 --start-network internet --autoconnect uqmi -d /dev/cdc-wdm0 --get-data-status -> connected add new logic interface in OpenWrt web: dhcp client protocol type for wwan0 interface set firewall "wan" zone for this interface set firewall to allow forwarding from lan to wan nano /etc/config/network or mcedit /etc/config/network config interface 'wwan_lte' option proto 'dhcp' option ifname 'wwan0' |
|
|
Add VPN L2TP client IPsec PSK type (L2TP secret - not used, IPsec identifier - not used, IPSec pre-shared key - used) is server default > install: ipsec-tools xl2tpd > set: nano /etc/xl2tpd/xl2tpd.conf nano /etc/ppp/options.xl2tpd nano /etc/ipsec.secrets for the preshared key nano /etc/ipsec.conf for the configuration of the tunnel > start demon /etc/init.d/xl2tpd > restart /etc/init.d/xl2tpd restart /etc/init.d/ipsec restart daemon.debug xl2tpd[1589]: No such tunnel 'l2tp-vpn' daemon.notice netifd: vpn (1588): xl2tpd-control: Remove l2tp-vpn failed need to configure name "sstp" connection |
|
|
Add video camera USB + 1.8TB 2.5 HDD storage for video surveillance gdisk -> make partition sdb1 mkdir -p /tmp/introot mkdir -p /tmp/extroot mount --bind / /tmp/introot mount /dev/sdb1 /tmp/extroot tar -C /tmp/introot -cvf - . | tar -C /tmp/extroot -xf - umount /tmp/introot umount /tmp/extroot install video camera: opkg install kmod-video-core kmod-video-uvc test (mjpg-streamer): opkg install mjpg-streamer connect device to USB port: uvcvideo: Found UVC 1.00 device VF0520 Live! Cam Sync ls /dev/v* /dev/video0 Run: mjpg_streamer -i "input_uvc.so -d /dev/video0 -y" -o "output_http.so" And connect to web: http://10.2.1.1:8080/?action=stream and http://10.2.1.1:8080/?action=snapshot tested fine, but found it useless opkg remove mjpg-streamer |
|
|
Add SMB share: opkg install luci-app-samba or better use directly samba software: opkg install samba36-server 2024: opkg install samba4-server Add user for share and share SMB: nano /etc/passwd testuser:x:501:501:testuser:/home/user:/bin/ash passwd testuser Use web interface and add share mkdir /home/testuser chown testuser /home/testuser chmod -R 777 /share /etc/init.d/samba enable /etc/init.d/samba start /etc/init.d/samba restart will run SMB server as /usr/sbin/smbd /etc/samba/smb.conf could be created from to the uci configuration file and /etc/samba/smb.conf.template will be overwritten with /etc/config/samba on restart in case removal this luci-app-samba got error Failed to execute cbi dispatcher target for entry '/admin/services/samba'. /usr/lib/lua/luci/cbi.lua:53: Model 'samba' not found! do rm /tmp/luci-indexcache 2024 update: static settings are designed to be in file /etc/samba/smb.conf.template , which is copied to /var/etc/smb.conf on restart and settings file /etc/samba/smb.conf transformed into just link for /var/etc/smb.conf |
|
|
SSTP protocol (single TCP port) try VPN: > add missing proto from github: wget http://server.tk/pub/firmware/WNDR4700/sstp/sstp.sh mv sstp.sh /lib/netifd/proto/sstp.sh > it seems that plugin was installed to wrong folder.... fix: cp /usr/lib/sstp-pppd-plugin.so /usr/lib/pppd/2.4.7/sstp-pppd-plugin.so > set up simple SSTP client: nano "/etc/ppp/chap-secrets" > add or edit line with password (user password here, this is not PSK) on third position and * on fourth position > set nano /etc/ppp/peers/sstp > use in command line: --cert-warn --save-server-route (send all traffic to tunnel) --ipparam sstp --nolaunchpppd > and params: name vpn (server username, same as in chap-secrets) |
|
|
try OpenVPN > installed and tested Windows server (tun) side > installed OpenWrt Luci plugin to remote router: opkg install luci-app-openvpn > set "OpenVPN" plugin as client, tun, upload certificates nano /etc/config/openvpn disable "comp-lzo" on server side > from web interface button, it will run as : /usr/sbin/openvpn --syslog openvpn(ovpn) --status /var/run/openvpn.ovpn.status --cd /var/etc --config openvpn-ovpn.conf This will set local hosts in remote network to route all traffic using VPN, not WAN: > on router device add routing table as new line "10 vpn" to: nano /etc/iproute2/rt_tables > add hosts which need routing to VPN : ip rule add from 10.2.1.10 table vpn >check ip rule list > specify (enable) "vpn" table for "tun0" interface: ip route add default dev tun0 table vpn >copy certificates from server (3 files as set in .conf) like: wget -P /etc/openvpn/ http://server/exchange/client.key key must have no challenge pasword this works fine, except site-to-site access to "client" network... > Official manual https://openvpn.net/vpn-server-resources/site-to-site-routing-explained-in-detail/ offered enable IP forwarding: nano /etc/sysctl.conf net.ipv4.ip_forward=1 use tcpdump -eni any icmp for ping monitoring run this on remote client network host, send ping to this client network host from server network host , ICMP packet arrived, but no reply generated by this host... it was lunux one. Tested windows host on the same network - it is "routable". OpenVpn finally works as expected. chmod 777 /etc/luci-uploads optional step |
|
|
> Remove test and faulty apps: opkg remove luci-app-ocserv opkg remove ocserv opkg remove openconnect opkg remove strongswan > Reboot router for web site reload (delete menu from LuCi) |
|
|
> in system log of OpenWrt LuCi : dmesg : kern.warn kernel: xhci_hcd 0000:45:00.0: WARN Successful completion on short TX for slot 1 ep 2: needs XHCI_TRUST_TX_LENGTH quirk? uname -mrs Linux 4.14.131 ppc cat /proc/version Linux version 4.14.131 (buildbot@2ccc8102e0c3) (gcc version 7.3.0 (OpenWrt GCC 7.3.0 r7808-ef686b7292)) >possible insttall kmod-usb-dwc3 (now kmod-usb-dwc2) opkg install usbutils lsusb -v | grep -E '\<(Bus|iProduct|bDeviceClass|bDeviceProtocol)' 2>/dev/null opkg install pciutils lspci -nn 45:00.0 USB controller [0c03]: Renesas Technology Corp. uPD720202 USB 3.0 Host Controller [1912:0015] (rev 02) Decided not to connect this USB-camera to router... |
|
|
opkg install ipset /etc/init.d/firewall restart Warning: Section @zone[1] (wan) cannot resolve device of network 'wwan_h' nano /etc/config/firewall >removed from "config zone" this device Warning: Section @rule[10] (RDP3389) does not specify a protocol, assuming TCP+UDP > specified TCP protocol in /cgi-bin/luci/admin/network/firewall/rules |
|
|
Set same OpenVPN configuration for logs and status file, applied on each OpenWrt host. /tmp/log/ folder used to save logs: status /tmp/log/openvpn-status.log 60 log /tmp/log/openvpn-log.log |
|
|
Record video from USB camera /dev/video0 And connect to web: get video: http://10.2.1.1:8082 settings: http://10.2.1.1:8083 install motion > opkg install motion edit settings: /etc/motion.conf > mkdir /etc/motion > mv /etc/motion.conf /etc/motion/motion.conf prepare free space: > mv /root/*.jpg /share/motion/ > rm /share/motion/*.jpg checck log file > touch /share/motion/motion.log > nano /etc/default/motion check running process > ps | grep motion > ps axu | grep -i motion | grep -v grep |
|
|
SFTP-server will be installed to OpenWrt, after SSH enabled > opkg update opkg install openssh-sftp-server |
|
|
Add SD card support: opkg install kmod-mmc opkg install kmod-mmc-over-gpio opkg install kmod-sdhci connect SD card (insert) and check: fdisk -l mkdir -p /mnt/sda1 mount -t vfat /dev/sda1 /mnt/sda1 |
|
|
USB storage support: check: opkg list-installed | grep usb install: opkg update opkg install kmod-usb-net-rndis but it stopped USB storage detection after that... kmod-usb-core -> preinstalled kmod-usb-ohci -> done kmod-usb-storage -> preinstalled kmod-usb2 -> no need, because we had kmod-usb3 kmod-fs-ext4 -> preinstalled kmod-fs-vfat -> preinstalled block-mount -> preinstalled opkg install kmod-usb-storage-uas |
|
|
Get HDD state opkg install smartmontools smartctl -a /dev/sda Format SATA HDD opkg install kmod-scsi-core opkg install e2fsprogs mkfs.ext4 /dev/sda1 mount -t ext4 /dev/sda1 /share |
|
|
Add NTP server opkg update opkg install ntpd /etc/init.d/sysntpd disable /etc/init.d/ntpd enable /etc/init.d/ntpd start netstat -l | grep ntp |
|
|
Set web interface ports in: /etc/config/uhttpd Apply, restart uhttpd service: /etc/init.d/uhttpd restart |