1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

E900 two-access-point WiFi questions.

Discussion in 'Tomato Firmware' started by BikeHelmet, May 25, 2014.

  1. BikeHelmet

    BikeHelmet Networkin' Nut Member

    Hello there,

    First, simple question - can I use the E900-USB firmware on an E900 without a USB port? NOCAT interests me.

    Second, not so simple - I set up two E900's for a family member. He's got one in his house, and one in his shed. (connected via Powerline Ethernet)

    House - DHCP ON, Channel 1
    Shed - DHCP OFF, Channel 4


    Both routers are on the same subnet, one IP apart.
    Guest network is another subnet, and protected using this script:

    iptables -I INPUT -i br1 -m state --state NEW -j DROP
    iptables -I INPUT -i br1 -p udp -m multiport --dports 53,67 -j ACCEPT
    iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
    iptables -I FORWARD -i br0 -o br1 -m state --state NEW -j DROP
    When someone wanders over to the shed while connected to the main network, it seamlessly transitions to the new AP without them losing their IP or connectivity.

    When someone wanders over to the shed while connected to the guest network, they lose internet connectivity as soon as they get close enough.

    The shed router and guest network doesn't seem to have internet access. I tried hard-coding the route under Advanced -> Routing, but whenever I do that it becomes impossible to connect to the router (wired/wireless, both subnets), and I have to reset it and reconfigure.

    It does not fetch the time and is not able to ping websites. (WAN is disabled - should it be set to something else?)

    The shed has nothing configured under dnsmasq, but does have the same iptables script above.

    The main router has this configured for dnsmasq:

    Any thoughts/ideas? The three things that pop into my head as possible culprits are that I might need a dnsmasq option of some sort on the shed router (I haven't the foggiest what), or that DHCP-Authoritative might react in bizarre ways to multi-AP multi-subnet setups, (Once again, I haven't the foggiest) or that the guest network not working and WAN settings are connected in some way. (Although as I said, the main SSID works fine.)

    I'm looking through other posts to try to find an answer, but so far I'm stumped. One of you experts - can you point me in the right direction? I'm tired of constantly resetting this thing.

  2. BikeHelmet

    BikeHelmet Networkin' Nut Member

    Must've been a doozy of a question! No suggestions yet!

  3. dc361

    dc361 LI Guru Member

    1 - You can use the 'usb' build on the e900 but there's no internal hardware to support usb so (of course) the commands don't do anything.

    2) Did you try and check "Use user entered Gateway if wan is disabled" on the ADVANCED->DHCP/DNS page and plug the in-house lan into the lan of the shed router? (Check toastman's post about use tomato as a simple wired access point - http://www.linksysinfo.org/index.php?threads/using-qos-tutorial-and-discussion.28349/#post-138463 )

    Good luck!
  4. BikeHelmet

    BikeHelmet Networkin' Nut Member

    Thanks, dc361. I didn't have that tickbox checked. I'll do so and report back.

    Edit: No such luck. Same behaviour.
    • Change mode to AP only
    • Disable DHCP.
    • Use the same security settings and SSID as the main gateway.
    • Leave the router in "Gateway" mode.
    • Decide what wireless channel to use for the AP - usually a different channel to the gateway.
    • Connect a cable between LAN port on the AP and a LAN port on the gateway router.
    Already had it set that way.
    • Set "gateway" to the IP of the gateway
    • Make a DNS entry for the IP of the gateway
    This doesn't work, because I have two subnets (Main network, guest network) and only one gateway box? Perhaps I can use DNSmasq or something else to do it for br0 and br1?

    Last edited: Jun 2, 2014

Share This Page