This document describes how to create an Access Point (AP) only. This AP allows users to connect over wireless or ethernet to the AP and an existing network. This means the AP is not routing, it provides no DHCP, and no other functions. This setup is needed when your network already has a router, access control and dhcp in place, and you'd like to use it.
From a user's point of view, it works like this:
'Static DHCP' is not covered here, all we do is creating an AP that provides WPA2 encrypted wireless access and doesn't interfere.
Of course you can achieve this with using the web interface:
Once you have configured your wireless network with LUCI you can start configuring your dumb AP.
The changes below assume an OpenWrt default configuration, the relevant files are:
/etc/config/network and change the
On switchless devices, simply bridge all ethernet interfaces together, remove the existing WAN interface - if any.
On devices with a separate WAN interface, bridge the LAN VLAN together with the WAN interface, remove the existing WAN interface - if any.
Switch configuration on WR1043ND (barrier breaker):
On devices where WAN and LAN are separated by switch config, reconfigure the LAN VLAN to cover all ports, remove the existing WAN interface and its related VLAN - if any.
/etc/config/wireless, and don't worry about most of it, things that might need changes are commented.
If you still need dnsmasq running for something else (e.g. TFTP server) you can do:
uci set dhcp.lan.ignore=1 uci commit dhcp /etc/init.d/dnsmasq restart
/etc/init.d/firewall disable /etc/init.d/firewall stop
Reloading the network config should be enough, it should automatically restart if necessary.
If you would like your AP to receive IPv6 as a host only and not for routing you have to tell dhcp6c not to request prefix deligation. If you do not do this the AP will reject basic IPv6 addresses. If you want to still be able to use ipv6 on the Router itself change the wan6 to lan6 and @wan to @lan
config interface 'lan6' option proto 'dhcpv6' option ifname '@lan' option reqprefix no
Multicast forwarding is necessary for DLNA and UPnP clients to work properly. For example PS3, xbox, TVs and stereos use DLNA to detect, communicate with and stream audio/video over the network. Since multicasting is turned off (multicast snooping is turned on) by default in newer OpenWrt releases, it must be activated. This would forward any multicast packets to all ports allowing your TV to find your DLNA capable NAS with movies. In large networks, this could cause some overhead which may not be desirable.
Add this into /etc/rc.local
echo "0" > /sys/devices/virtual/net/br-lan/bridge/multicast_snoopingReplace br-lan with your actual bridge interface, sometimes also called br0.
This will forward all multicast packets to all ports on your bridge, making igmpproxy or udpxy proxies unnecessary.