Custom dnsmasq breaks guest network

[justinvoelker]

I am trying to move from Tomato to Asuswrt-Merlin but am encountering an issue implementing custom dnsmasq. While configuring the fresh install of of Merlin, I configured a guest network that I was able to successfully connect to from my laptop. However, upon adding a dnsmasq.conf.add file, the guest network stopped working. It is still being broadcast but when I try to connect to it from my laptop, I simply get a "can't connect to this network" message. At this point, there seems to be nothing I can do to regain the ability to connect to the guest network--not removing the dnsmasq.conf.add file or even clearing JFFS. Factory resetting is the only way I can regain a working guest network.

I'm running 386.3_2 on an RT-AC68U. Any idea what could be break my guest Wi-Fi when I try adding a custom dnsmasq.conf.add file?

 

[SomeWhereOverTheRainBow]

I am trying to move from Tomato to Asuswrt-Merlin but am encountering an issue implementing custom dnsmasq. While configuring the fresh install of of Merlin, I configured a guest network that I was able to successfully connect to from my laptop. However, upon adding a dnsmasq.conf.add file, the guest network stopped working. It is still being broadcast but when I try to connect to it from my laptop, I simply get a "can't connect to this network" message. At this point, there seems to be nothing I can do to regain the ability to connect to the guest network--not removing the dnsmasq.conf.add file or even clearing JFFS. Factory resetting is the only way I can regain a working guest network.

I'm running 386.3_2 on an RT-AC68U. Any idea what could be break my guest Wi-Fi when I try adding a custom dnsmasq.conf.add file?

What happens when you try to connect to regular wifi with the dnsmasq.conf.add present in /jffs/configs? It sounds like you have added an option that is breaking dns resolution to clients within your .add

 

[justinvoelker]

The regular Wi-Fi network works fine. I have half a dozen wireless clients and a dozen wired clients all working as expected (even reading from the custom dnsmasq.conf.add as necessary).

For reference, my custom config is just a few items as follow, but with a lot more dhcp-host entries.

address=/.somehost.local.mydomain.com/192.168.180.15
server=/_acme-challenge.somehost.local.mydomain.com/#
dhcp-host=00:00:00:00:00:01,another-host

The strangest part is that even once I remove the dnsmasq.conf.add and even clear JFFS, the problem persists. It seems like adding it triggered a change somewhere that I can't undo without a factory reset.

 

[SomeWhereOverTheRainBow]

The regular Wi-Fi network works fine. I have half a dozen wireless clients and a dozen wired clients all working as expected (even reading from the custom dnsmasq.conf.add as necessary).

For reference, my custom config is just a few items as follow, but with a lot more dhcp-host entries.

address=/.somehost.local.mydomain.com/192.168.180.15
server=/_acme-challenge.somehost.local.mydomain.com/#
dhcp-host=00:00:00:00:00:01,another-host

The strangest part is that even once I remove the dnsmasq.conf.add and even clear JFFS, the problem persists. It seems like adding it triggered a change somewhere that I can't undo without a factory reset.

which guest network are you using? and what do your settings in the gui look like? (please redact any network names or passwords.)

For example

are you using any guest network scripts such as Yaz-Fi?

 

[justinvoelker]

Just using the first available 2.4Ghz guest network. No guest network scripts.

 

[SomeWhereOverTheRainBow]

Just using the first available 2.4Ghz guest network. No guest network scripts.

View attachment 36137

Try using guestnetwork 2 instead of 1. People have been reporting issues with guestnetwork 1 due to the aimesh changes brought out by RC2 firmware. Let us know if the issues still happen because it may be something else.

 

[justinvoelker]

Bingo! That appears to have done it. The "Sync to AiMesh Node" option is no longer available (as one would expect based on your comment).

It looks like devices on that guest network are being assigned IPs within the range of my main network (and can access devices on my main network despite "access intranet" being disabled) but that's a problem I can try to address tomorrow.

Thanks for the troubleshooting!

 

[SomeWhereOverTheRainBow]

Bingo! That appears to have done it. The "Sync to AiMesh Node" option is no longer available (as one would expect based on your comment).

It looks like devices on that guest network are being assigned IPs within the range of my main network (and can access devices on my main network despite "access intranet" being disabled) but that's a problem I can try to address tomorrow.

Thanks for the troubleshooting!

If you want to fix the issue you can try YazFi addon through AMTM. It is maintained by one of the best script Devs @Jack Yaz . Though his script cannot utilize the Aimesh node function, it does allow you to properly use Guestnetwork 1 because it sets up the proper configuration and removes the access intranet issue if the user desires.

you can customize guestnetworks straight from the GUI. assigning your own private network addresses and DNS servers.

Here is a good place to start if you want to read more about it. - https://www.snbforums.com/threads/yazfi-v4-x.70308/

Otherwise, I am glad you figured out a solution.

 

[justinvoelker]

Thanks for the YazFi tip. Just got that up and running and now my networks are properly separated and only allow one-way communication. Awesome!