Getting started with OpenWrt

At LearnOpenWrt.com, our mission is to empower you with the knowledge and skills to master OpenWrt, the powerful open-source firmware for routers. Whether you’re a networking novice or a seasoned pro, our step-by-step tutorials are designed to help you harness the full potential of your OpenWrt-enabled device.

We also want to extend our heartfelt thanks to the OpenWrt community, developers, and maintainers who tirelessly contribute to this incredible project. Their dedication and hard work make it possible for us to enjoy a flexible, robust, and powerful firmware for our networking needs.

Explore our tutorials, experiment with your router, and join a community of OpenWrt enthusiasts. Let’s turn your router into a networking powerhouse!

Install OpenWrt (Device Specific)

Welcome to the world of OpenWrt! Follow these easy-peasy steps to get OpenWrt up and running on your supported Router (in my case, I am using the Linksys MX4300 router aka LN1310). Let’s get started!

Note: The installation process for OpenWrt varies by device. You can find device-specific procedures in the OpenWrt wiki, under the Table of Hardware. If your device isn’t listed, the general information in this guide may still be useful.

What You'll Need:

A supported router (I am using a Linksys MX4300)
A computer with internet access
An Ethernet cable (optional but recommended)
The OpenWrt firmware for your specific supported router (Linksys MX4300). Please note that the Linksys MX4300 OpenWrt firmware is still in development mode, hence you can find the latest firmware image by clicking here, and downloading the first PR link the file named openwrt-qualcommax-ipq807x-linksys_mx4300-squashfs-factory.bin.

Step-by-Step Guide (for Linksys MX4300):

Download the Firmware: Head over to the OpenWrt website, find the firmware for your supported router’s squashfs-factory.bin firmware – for the Linksys MX4300, as mentioned earlier, you will find the firmware image by clicking here.
Connect to Your Router: Plug your computer into the router using an Ethernet cable for a stable connection through router ethernet ports 1, 2 or 3.
Access the Router’s Interface: Open your web browser and type in 192.168.1.1. Log in with the default password found on the bottom of the router.
Upload the OpenWrt Firmware: Click on the CA button on the bottom right corner, and navigate to Connectivity to open the firmware upgrade section, choose the openwrt-qualcommax-ipq807x-linksys_mx4300-squashfs-factory.bin file you downloaded, and click on Start to upload it. Confirm the upgrade by clicking Yes on two consecutive popup messages and wait a few minutes for the router to do its magic and reboot.
Wait for the Router to Reboot: Once the firmware is uploaded, the router will reboot. Be patient and give it a few minutes to complete the process.
Install the Web Interface (called Luci): Due to the Linksys MX4300 image being experimental, the Luci Web Interface will need to be manually installed through SSH.
- Windows: Use an SSH client like PuTTY. Connect to 192.168.1.1 and log in with the root username and blank password.
- MacOS/Linux: Open a terminal, and type ssh root@192.168.1.1 and when asked for a password, leave it blank and hit Enter.
- Next, type the following commands and hit Enter after each command:
  - opkg update
  - opkg install luci
Connect to Your New OpenWrt Web Interface: Now you should be ready to connect to the newly installed OpenWrt Web Interface (Luci). The default IP address for OpenWrt is 192.168.1.1. The default login for OpenWrt is no password, so just click Login with the root as the username and leave the password field empty.
Set Up Your New Password: Follow the on-screen prompts to set up your new Password and then click Save.

Congratulations! You’ve successfully installed OpenWrt on your Linksys MX4300. Take some time to explore the new features and settings available to you.

How to Enable Wi-Fi on OpenWrt (Linksys MX4300) for the First Time

Let’s get your Wi-Fi up and running on OpenWrt with the SSID LearnOpenWrt.com. Fore reference, you can also use the official OpenWrt instructions. Let’s begin by following these simple steps:

Connect to Your Router: Plug your computer into the router using an Ethernet cable through router ethernet ports 1, 2 or 3.
Log In to OpenWrt: Open your web browser and type (again) 192.168.1.1. Log in with your recently updated credentials (remember: default username: root, no password if it’s your first time logging in).
Access the Network Configuration: Once logged in, navigate to the Network tab and click on Wireless.
Select the Wireless Radio: You will see your wireless radios listed (e.g., Generic 802.11bgn, Generic 802.11ac). The Linksys MX4300‘s 3 radios are:
- radio0 – Qualcomm Atheros IPQ8074 802.11ac/ax/n – this is your first 5GHz radio used for lower channels (lower frequency).
- radio1 – Qualcomm Atheros IPQ8074 802.11ax/b/g/n – this is your only 2.4GHz radio used for older devices (this the slowest radio).
- radio2 – Qualcomm Atheros IPQ8074 802.11ac/ax/n – this is your second 5GHz radio used for higher channels (higher frequency).
Edit the Wi-Fi Configuration: Each radio already has one wireless network associated with it (shown under it). By default, all of these radios are disabled, when you install a new image of OpenWrt. Click the Edit button next to the first wireless network under radio0.
Set Up the Wi-Fi Network:
- Under the Device Configuration section, click on the Advanced Settings tab. Select your country under Country Code.
- Under the Interface Configuration section, find the General Setup tab. In the ESSID field, type LearnOpenWrt.com (or whatever SSID you would like to use).
- Configure Wireless Security: Click on the Wireless Security tab. Set the Encryption to at least WPA2-PSK (use any of the strong encryptions for added security). In the Key field, enter a strong password for your Wi-Fi network. Then, click on Save at the bottom right.
Save and Apply: Click the Save & Apply button to save your settings.
Enable the Wireless Radio: Click the Enable button next to the radio you want to activate. Let’s start with the first radio that we just setup (radio0).
Final Steps: Wait for the changes to take effect. This might take a minute. Once the settings are applied, your new Wi-Fi network LearnOpenWrt.com should be active and broadcasting.
Connect to Your New Wi-Fi Network: On your computer or mobile device, search for available Wi-Fi networks. Connect to LearnOpenWrt.com using the password you set.

You can repeat steps 5 through 9 for the other two radios. Enjoy your new Wi-Fi network with OpenWrt!

Please note that the maximum frequency that you should select for the MX4300 5GHz radios is 80MHz (although the 160MHz option is available to select).

How to Create a Secured Guest Network on OpenWrt

Let’s set up a secured guest network on your OpenWrt router.

How to Create a Firewall Zone and Rules on OpenWrt

To safely separate the Guest Network from our lan (which is our default network), we will need to create a specific Firewall Zone for our guests, and then use that zone to configure our Guest Wi-Fi.

Let’s follow these simple steps:

Log In to OpenWrt: Open your web browser, type in 192.168.1.1, and log in with your OpenWrt credentials.
Configure the Firewall for Guest
- Go to Network > Firewall.
- In the General Settings tab, click Add under Zones.
- Name the new zone GuestZone. This zone will be isolated from our default lan zone.
- Set
  - Input to reject – This controls the traffic coming into the router from the current zone. We will block/reject this traffic although it’s essential for services that need to communicate with the router itself, such as:
    - DNS (Domain Name System) and DHCP (Dynamic Host Configuration Protocol)
    - OpenWrt Web Interface (LuCI)
    - SSH (Secure Shell) access
    - Note: Our guests do not need to communicate with our router, however we will need to allow them to receive an IP address and access DNS to be able to browse the internet. We will achieve this in the next few steps.
  - Output to accept – This controls the traffic going out from the router to the current zone. It’s how the router sends data to devices within the same zone such as IP addresses, DHCP leases, resolving hostnames with DNS, synchronizing time with NTP, and much more. We will set this accept to allow for this essential traffic from the router to the guest.
  - Forward to reject – This controls the traffic moving between different networks within the same zone. It’s only relevant if you have multiple networks configured within a single zone. In most basic setups, you won’t need to worry about this.
- Select wan under Allow forward to destination zones (same as Zone => Forwardings). This setting controls traffic forwarding between different zones. For example, if you want traffic to move from your GuestZone zone to your wan (the internet aka outside world) zone, you’ll set up a forwarding rule from GuestZone to wan.
- Click Save.
- Click Save & Apply.
- Allow DHCP and DNS for GuestZone – Remember that we set Input to reject, which stopped any communication to the router, including DHCP and DNS. Well, guess what; these services are needed to browse the internet. Let’s enable them.
  - While still at Network > Firewall, go to the Traffic Rules tab (Don’t be overwhelmed by the default rules).
  - Scroll all the way down and click Add to add a new rule.
  - Name the new rule Guest DHCP and DNS.
  - Set the Source zone to GuestZone – that is the zone we need to create that rule for).
  - Set the Destination zone to Device (input) – the intended destination of this traffic is the router itself which will provide the DHCP and DNS service when requested by the GuestZone.
  - Set the Destination ports to 53 67 68 (these are the ports used by the DNS and DHCP servers).
  - Click Save.
  - Click Save & Apply.

Similarly, the IoT Zone can be created. Now that we are done with setting up our Firewall, we can move to creating our Guest Interface (aka Network).

How to Create an Interface (Network) on OpenWrt

An Interface in OpenWrt is a virtual or physical network connection point that defines how different network devices and zones communicate with each other. It manages the IP settings, DHCP configurations, and routes for the network.

By configuring interfaces, you can create isolated or interconnected network segments to suit your specific networking needs.

Let’s follow these simple steps to create the guest Interface:

Log In to OpenWrt: Open your web browser, type in 192.168.1.1, and log in with your OpenWrt credentials.
Configure the Guest Network Interface:
- Go to Network > Interfaces.
- Click Add new interface. Name it guest.
- Set Protocol to Static address.
- For now, let’s leave the Interface as unspecified for now. This will be automagically set later.
- Click Create Interface.
- Set IP Address for Guest Network:
  - In the General Settings tab, set the IPv4 address to 192.168.10.1 (you can use any ip address in the RFC1918 address space).
  - Set IPv4 netmask to 255.255.255.0.
- Configure Firewall Settings for Guest Network:
  - Set Create/Assign firewall-zone to GuestZone to apply the Firewall settings to the guest interface/network.
- Configure DHCP for Guest Network:
  - Go to the DHCP Server tab.
  - Click the Setup DHCP Server button, and keep the defaults.
  - Click Save.
  - Click Save & Apply.
Now , let’s add the Guest Wi-Fi network. Access the Wireless Settings: Go to the Network tab and click on Wireless.
Add a New Wi-Fi Interface: Click the Add button next to the wireless radio you want to use (e.g. radio1 Qualcomm Atheros IPQ8074 802.11ax/b/g/n 2.4GHz).
- Under the Device Configuration section, click on the Advanced Settings tab. Select your country under Country Code.
- Under the Interface Configuration section, find the General Setup tab. In the ESSID field, type LearnOpenWrt.com-Guest (or whatever SSID you would like to use).
- For the Network under General Setup tab, select the guest interface.
- Configure Wireless Security: Click on the Wireless Security tab. Set the Encryption to at least WPA2-PSK (use any of the strong encryptions for added security). In the Key field, enter a strong password for your Wi-Fi network. Then, click on Save at the bottom right.
Save and Apply: Click Save & Apply. Wait for the settings to be applied.
Final Steps: Wait for the changes to take effect. This might take a minute. Once the settings are applied, your new Wi-Fi network LearnOpenWrt.com-Guest should be active and broadcasting.
Connect to Your New Wi-Fi Network: On your computer or mobile device, search for available Wi-Fi networks. Connect to LearnOpenWrt.com-Guest using the password you set.

Congratulations! You’ve successfully setup your Guest Wi-Fi on OpenWrt.