Accessing an accesspoint in client-mode "before" NAT/WAN Port

Hello, we do Live-Video, Audio and Stuff. I personaly done midlevel Computer-Stuff for years. I’am German so sorry for sometimes bad language. :smiley: For our “take away network-flight-case” i need a way to connect to the Webinterface of the Accesspoint (in Client mode) for configuration. Often we only can get Access to WIFi… i have a “kind of solution” with an accesspoint of TP link as Wifi Client. But -as it should be - the local IP of the accesspoint isnt accessable through the WAN port. if i do a dirty workarround with two switches (or i could use a secont port of the edgerouter x as LAN) it works… i think i have to build something like a static route to/at the wan port… but also may have to put some rules into the firewall… can somebody point me into the right direction? i’m also open for constructive alternativ solutions… ! if this isn’t possible i will have to replug the accesspoint from WAN to LAN (and back) for Configuration…

the drawing is a little bit conplicated… sorry for that…

Hello. You could use a WiFi repeater from TP-Link, instead of an access point. Disable the WiFi retransmitting (use antennas only to receive the signal) and use the built-in ethernet port to setup the device and get internet access.

The only thing you gotta keep in mind: you’ll have to reset the device at every new location, but thankfully the installation wizard is very straight forward and quick.

Hope this helps.

hi, thank you for your help! but this is what i do. if its a AP or a Repeater (i think) doesnt matter. this accesspoint is in CLIENT mode… so it gets the WIFI and makes it available over “lan” so i can inject it to the WAN port of my edgerouter X.
the problem would be the same on a repeater, i want to configure a device via iths local IP through a WAN Port on a Edgerouter. i definitly want a separate network! so if the public wifi isnt secure nobody can easily come into my network. but i dont want to replug devices for config…cause the devices are often not in the place where we are sitting…

i nly want to povide detailed Info so that maybe a solution comes up that i have not thought about. but the main Problem is configuring an edgerouter in that way, that it routes traffic TO local ip of my “accesspoint” AND uses the WAN port to provide internet from the “public” wifi…

kind regards

Ahh, I get it now, thank you for the detailed explanation. As far as I can see on your diagram, you’ve got the same subnet on the access point and the edge router, I’d suggest you change that and try to play with static routes.

That way your devices are not confused where to look for the AP.

if we get back to the repeater vs access point question for a sec: repeater doesn’t have a WAN port, it will connect you straight to its internal network.

I’ve never used them, but has some interesting devices.

They were recommended as a way to use a Wyze CAM as a hotel room monitor so the Wyze can continue to work with its fixed expected SSID/passphrase. I think it also allowed getting past a captive portal/landing page, although that needed a connection with a laptop.

They also support openvpn.

But it should work with the erx in switch mode or just a dumb switch if you wanted wired connections behind another layer of nat.

google gl inet

hi, i see ive drawn the line to the powerport of the AP… i ment the RJ45… i dont know the Repeatr, but both devices only havbe one LAN port… and this more of a “1port switch on a bridge”… with wan port i only reffer to the WAN port on the Edgerouter! i have a fritz repeater… that works exactly the same as this accesspoint in client mode… no NAT etc… every device connected onto the LAN-Port on the AP/Repeater is connectet directly to the lan… may be i dont get something… but i think for me its the same … of course i may be want an other device anyway cause the TPLink is only 100Mbit… the fritz.repeater is a bit faster but has no antennas and no poe… but i will try your idea with a seperate network for the AP… because the “problem” will be the same on most devices i could use… may be if i found a VLAN capable device… so i can use 1VLAN for “public wifi network” and then a management vlan through trunk port… but… for now… i would be happy if i get this static rout to work… but i think there is a problem with NAT… this static rout has to “bypass” the nat someway…