OpnSense w/ Merlin

[thg0432]

Just a general question. I'm running OpnSense as my main router with Merlin on my ac5300 running just for wireless as an AP. Issue I have is when you run in AP mode, you lose features only available in router mode. Can anyone tell me if I can just run wireless router mode and turn off DHCP, and point to my main router will it cause issues as compared to running in AP mode?

 

[Kewjoe]

This is something I'm looking at doing down the road. Interested in the replies as well.

 

[ColinTaylor]

Issue I have is when you run in AP mode, you lose features only available in router mode. Can anyone tell me if I can just run wireless router mode and turn off DHCP, and point to my main router will it cause issues as compared to running in AP mode?

It probably depends on what router features you want to use. You could put it in router mode, turn off DHCP and connect it to your main router LAN to LAN. But that still wouldn't make something like Download Master work because it's expecting internet traffic to be coming in through the WAN port (which is disconnected).

Alternatively you could just put it in standard router mode and connect it to your main router WAN to LAN. The Asus would then have it's own separate subnet. Everything would probably work even though you have a double NAT situation.

 

[thg0432]

If I connect to the WAN and turn on DHCP forwarder wouldn't that still work?

 

[ColinTaylor]

If I connect to the WAN and turn on DHCP forwarder wouldn't that still work?

Maybe, I don't know. You haven't said what it is specifically you're trying to achieve and why you don't want to use DHCP on the Asus.

 

[thg0432]

A little backstory...I re-purposed an old buffalo ac1750 with LEDE firmware playing around with it. I really like their QOS solution using cake and fq_codel, which isn't available on AsusWRT due to the use of an older linux kernel. Problem with it was it was a dual core at 800 Mhz and using QOS with it completely makes out your CPU. LEDE isn't easily installed on x64 hardware (atleast there's not a lot of documentation for it...tried the 2 usb method, long story short, it's more of a pain to install than it should be)

So, I re-purposed an older pc with opnsense as my primary router. Small project at first, but very robust feature set and has become a nice little project (setting up IDS/IPS, traffic shaping using fq_codel, openvpn was much easier to setup, etc.). One of the things I miss is the ease of dynamic dns with asus vs using opendns, but mainly, if the features are available, i'd rather have them and not use them then not have them show up at all.

 

[ColinTaylor]

I guess it would work. Although I don't see any option in my firmware called "DHCP forwarder", but I'm not using Merlin's firmware. I'd assume you could use the --dhcp-relay option in dnsmasq.