DD-WRT:Wireless Access Point

If you have a large network, for which DD-WRT is not a suitable core router you will probably want to have wireless clients be a part of the larger network. In this case, clients would get DHCP configuration from some other DHCP server, and could be accessed by other clients on the network.

As an example, some colleges that still allow students to have their own wireless access points (WAPs) require that the WAPs not hand out private IP addresses (as many routers with DHCP/NAT do by default) because it makes it difficult to track down which client is causing problems (eg. virus infections, worms, etc.)

Typically, vendors such as Linksys charge more for devices which work as standalone WAPs because routers are typically used by home users and WAPs are more popular for businesses. With DD-WRT you can buy a device marketed as a router and use it as a WAP.

Installation
Here's how to create a Wireless Access Point using dd-wrt v24. Please pay special attention to the Review section of this article, especially if you are using an older version.


 * 1) Hard reset or 30/30/30 the router to dd-wrt default settings
 * 2) Connect to the router @ http://192.168.1.1
 * 3) * Note: If this router is wired to another router, there may be conflicts (both routers could have the same IP address). For the time being, disconnect this router from the main one or create a static ARP entry.
 * 4) Open the Setup -> Basic Setup tab
 * 5) *WAN Connection Type : Disabled
 * 6) *Local IP Address : 192.168.1.2 (i.e. different from primary router and out of DHCP pool)
 * 7) *Subnet Mask : 255.255.255.0 (i.e. same as primary router)
 * 8) *DHCP Server : Disable (also uncheck DNSmasq options)
 * 9) *(Recommended) Gateway/Local DNS : IP address of primary router (many things will fail without this)
 * 10) *(Optional) Assign WAN Port to Switch : Enable this if you want to use WAN port as a switch port
 * 11) *(Optional) NTP Client : Enable/Disable (if Enabled, specify Gateway/Local DNS above)
 * 12) *Save
 * 13) Open the Setup -> Advanced Routing tab
 * 14) *Change operating mode to : Router
 * 15) *Save
 * 16) Open the Wireless -> Basic Settings tab
 * 17) *Wireless Network Name (SSID) : YourNetworkNameHere
 * 18) *(Optional) Sensitivity Range : The max distance (in meters) to clients x2
 * 19) *Save
 * 20) Open the Wireless -> Wireless Security tab
 * 21) *Note: Security is optional, but recommended! Clients must support whatever mode you select here.
 * 22) *(Recommended) Security Mode : WPA2
 * 23) *(Recommended) WPA Algorithm : AES
 * 24) *(Recommended) WPA Shared Key: >8 characters
 * 25) *Save
 * 26) Open the Services -> Services tab
 * 27) *(Optional) DNSMasq : Disable
 * 28) *(Optional) ttraff Daemon : Disable
 * 29) *Save
 * 30) Open the Security -> Firewall tab
 * 31) *Uncheck all boxes...except Filter Multicast
 * 32) *Save
 * 33) *Disable SPI firewall
 * 34) *Save
 * 35) Open the Administration -> Management tab
 * 36) *(Recommended) Info Site Password Protection : Enable
 * 37) *Under routing select disabled
 * 38) *Apply Settings and connect ethernet cable to main router via LAN-to-LAN uplink*


 * Notes:
 * To connect the WAP to the main router, you can probably use either a patch cable, straight-thru, or a crossover cable. As far as I know, most dd-wrt capable devices can do autosensing (at least mine do) so the cable type doesn't really matter.
 * You can connect the WAP to the main router via LAN-to-WAN so long as you have assigned the WAN port to switch (see step 3). Although some problems have been reported when doing so...maybe not all routers support it? When using this configuration the LAN ports are also available for standard wired connections. Making this a wired and wireless access point.

Review
There were three basic configuration changes you made to set up your router as a wireless access point.

Turn Off DHCP
If you did not turn off DHCP, when you plug your router into the network (after configuration), your WAP may provide IP addresses to clients on the wired network, and this may be inappropriate. Tracking down problems caused by multiple DHCP servers can be time-consuming and difficult.

Because its so important, it is worth repeating: Turn off DHCP before you continue!

Set the IP address of the LAN Interface
Immediately after turning off DHCP, while your PC still has the IP address the WAP gave you, set the LAN interface of the WAP to the IP address you want it to use, eg. if host router is 192.168.1.1, give WAP an IP of 192.168.1.2. Alternatively, you can use the instructions below to set the WAPs IP address via DHCP.

If you cannot connect to the WAP in order to set the LAN interface's IP address, it is probably because your computer no longer has an IP address on the same subnet. To get past this issue, simply set your computer's IP address and subnet to 192.168.1.8 and 255.255.255.0 respectively. (This assumes you are still using the default settings. If not, change the IP address and subnet as appropriate) You should now be able to point your browser at 192.168.1.1 (again assuming default settings).

LAN Uplink
There are two ways to connect your WAP to the LAN. You can either Uplink through one of the router's LAN ports, or use the WAN port that is normally connected to the cable/DSL modem.

LAN Uplink Through LAN Port
To complete the link between the two routers, connect a LAN port on the central router, to a LAN port on Linksys router (to be used as your WAP). You may need a crossover cable to do this, although many modern routers have an automatic polarity sensing. To test this, connect a standard ethernet cable between the two routers. If the LAN light comes on, the router has automatically switched the polarity and a crossover cable is not required.

LAN Uplink Through WAN Port
If you use your DD-WRT router as a WAP only, you may use your DD-WRT router's WAN port to connect it to your existing LAN. To do this, you need to disable the Internet Connection and "Assign WAN Port to Switch".

Normally, the router does Layer 3 IP routing. but by "Assigning WAN Port to Switch," your DD-WRT router will bypass that functionality and just pass on the Layer 2 ethernet packets from your wired network to the wireless network and vice versa.

Alternatively, if you have a router that supports assigning the WAN port to the switch: Setup -> Basic Setup -> Internet Connection Type -> Connection Type = Disabled Setup -> Basic Setup -> Network Setup -> WAN Port -> Assign WAN Port to Switch you can connect the WAN port as your uplink to your main router. All this really buys you is an extra port (4 available instead of 3), but why not?

Tested/Proven routers that support this method (there may be more not listed yet):

Linksys: WRT54GL WRT150N WRT300N WRT610NV1

Buffalo: WHR-G54S WHR-HP-G54

Siemens: SE505 (only 10Mbps)

Roaming access
If you are installing additional Access Points to cover a broader area with Wi-Fi access, it is possible to allow clients to roam freely between them. The common method is to use the same SSID and Security settings on each access point.

Use a different channel on each AP. e.g. if you are in the US and installed two access points, use channels #1 and #11. Or if three access points, then use channels #1, #6, and #11 (setting the channels at least 5 apart should help keep interference between APs to a minimum). If you have a residential gateway with wireless turned on, and just one AP, then the same applies: each gets a different channel.

When using multiple Access Points, each one should be connected by LAN to LAN uplink as described above. They can even be attached to different switches within the same organization.

How To Use DHCP to Set the WAP's IP Address
''Note: This step is optional. It is not required to set the WAP's IP address via DHCP. It can be made static, as shown above.''

It is not possible to set the LAN interface to get its IP address via DHCP using the web configuration interface. You can, however, set your startup script to obtain an IP address.

Simply set your IP address to: Only the first line is required if you don't want your WAP to set its name based on the IP address it gets. However, if you want to save a configuration file which will apply to several WAPs, that can be a handy feature.

It seems that in some cases, the /tmp/udhcpc link doesn't exist. in that case, prepend: to your startup script.