This is a very quick tutorial on how I setup my TP Link Archer C7 v2
using OpenWRT.
The document is mostly for myself to remember how to do it, but feel free to add your comments and improvements 😃
See Also: For installation/upgrade instructions see this
- I don't want my private devices to be in the
same network
as my internet router - WiFi should support
5GHz
to improve the network speed then using my NAS over WiFi - I want
SSH access
to my router and log in using an SSH key - It should have a custom
hostname
set - Use latest WiFi Encryption
I do have two network zones at home.
Network zone 1 is the network provided by the main internet router. This one provides access to the internet and is not used otherwise.
name: internet router
OpenWRT zone name: wan
IPv4 range: 192.168.2.0/24
Network zone 2 is my private LAN/WiFi there all devices are living in.
name: private LAN
OpenWRT zone name: lan
IPv4 range: 192.168.1.0/24
The following section describes how I configure my OpenWRT router (the one for network zone 2
).
Visit the web UI using the following URL: https://192.168.1.1
- change router password in
System->Administration
- change hostname in
System->System
(my hostname is corvus)
- Connect cable from
main internet router
touplink port
- By using the
uplink
port namedWAN
inside OpenWRT, the two networks (lan
andwan
) will be separated automatically.- Under
Network->Firewall
you will see that zonelan
is able to talk towan
(required for internet) but not vice versa
- Under
- Go to
Network->Wireless
and edit bothSSID: OpenWrt | Mode: Master
entries (one is 2,4 GHz and the other is 5 GHz)- Go to
Genereal Setup
tab- Set
ESSID
- Set
- Go to
Wireless Security
tab- Set Encryption to
WPA3-SAE
(strong security) - Set WiFi
Key
- Enable
802.11r
Fast Transition and set Mobility Domain to 0001
- Set Encryption to
- Go to
- Enable both devices
- Press
Save & Apply
WiFi should work now.
-
Go to
System->Administration
-
Go to tab
SSH Keys
-
Create an SSH Key (e.g. using
ssh-keygen -f key
) -
Paste content of
key.pub
-
Configure your SSH config in
~/.ssh/config
Host corvus
Hostname corvus
IdentityFile <path to key file>
IdentitiesOnly yes
User root
- Test ssh access with
ssh corvus
- OpenWRT Quick Start Guide: https://openwrt.org/docs/guide-quick-start/start