diff --git a/setup-checklist.md b/setup-checklist.md index feb6176..7a6402d 100644 --- a/setup-checklist.md +++ b/setup-checklist.md @@ -1,10 +1,11 @@ # OpenWRT & AdGuard Setup - Quick Checklist ## Pre-Setup Information -- [ ] Note current network gateway: **10.0.0.254** (TPLink) +- [ ] Note current network gateway: **10.0.0.246** (TP-Link AP) - [ ] Note current DNS: **10.0.0.55** (HomeAssistant/AdGuard) -- [ ] OpenWRT target IP: **10.0.0.246** +- [ ] OpenWRT target IP: **10.0.0.254** - [ ] New AdGuard IP: **10.0.0.245** +- [ ] New TP-Link AP IP: **10.0.0.246** - [ ] DHCP range: **10.0.0.1 - 10.0.0.200** --- @@ -23,12 +24,12 @@ ### Step 3: Configure LAN Interface - [ ] Network → Interfaces → LAN → Edit -- [ ] IPv4 address: `10.0.0.246` +- [ ] IPv4 address: `10.0.0.254` - [ ] IPv4 netmask: `255.255.255.0` - [ ] IPv4 gateway: `10.0.0.254` - [ ] Use custom DNS: `10.0.0.245` - [ ] Save & Apply -- [ ] Reconnect to http://10.0.0.246 +- [ ] Reconnect to http://10.0.0.254 --- @@ -47,11 +48,19 @@ - [ ] Lease time: `12h` - [ ] Save & Apply -### Step 6: Static Leases +### Step 6: Advanced DHCP Options +- [ ] Network → DHCP and DNS → Advanced +- [ ] Add DHCP Options: + - [ ] Dual DNS: `6,10.0.0.245,10.0.0.254` + - [ ] Domain: `15,home.local` + - [ ] NTP Server: `42,10.0.0.254` +- [ ] Save & Apply + +### Step 7: Static Leases - [ ] Network → DHCP and DNS → Static Leases -- [ ] Add lease: HomeAssistant → MAC: ____________ → IP: 10.0.0.55 -- [ ] Add lease: New AdGuard → MAC: ____________ → IP: 10.0.0.245 -- [ ] Add lease: TPLink Router → MAC: ____________ → IP: 10.0.0.254 +- [ ] Add lease: HomeAssistant → MAC: _______________ → IP: 10.0.0.55 +- [ ] Add lease: New AdGuard → MAC: _______________ → IP: 10.0.0.245 +- [ ] Add lease: TPLink Router → MAC: _______________ → IP: 10.0.0.246 - [ ] Add other critical devices as needed --- @@ -60,9 +69,9 @@ ### Step 7: Install AdGuard Choose your installation method: -- [ ] Option A: Docker installation on ___________ -- [ ] Option B: Native Linux installation on ___________ -- [ ] Option C: Windows installation on ___________ +- [ ] Option A: Docker installation on __________ +- [ ] Option B: Native Linux installation on __________ +- [ ] Option C: Windows installation on __________ ### Step 8: Initial Configuration - [ ] Access: http://10.0.0.245:3000 @@ -92,17 +101,17 @@ Choose your installation method: ### Step 11: Local DNS Entries - [ ] Filters → DNS rewrites -- [ ] Add: `openwrt.local` → `10.0.0.246` +- [ ] Add: `openwrt.local` → `10.0.0.254` - [ ] Add: `adguard.local` → `10.0.0.245` - [ ] Add: `homeassistant.local` → `10.0.0.55` -- [ ] Add: `router.local` → `10.0.0.254` +- [ ] Add: `tplink.local` → `10.0.0.246` --- ## Phase 4: Access Control Setup (15 minutes) ### Step 12: Install Required Packages -SSH to OpenWRT (ssh root@10.0.0.246): +SSH to OpenWRT (ssh root@10.0.0.254): ```bash opkg update opkg install luci-app-firewall iptables-mod-extra @@ -131,8 +140,8 @@ iptables -I FORWARD -m set --match-set blocked_devices src -j REJECT ### Step 15: Test DHCP - [ ] Connect test device to network - [ ] Verify IP received in range 10.0.0.1-200 -- [ ] Verify DNS server shows as 10.0.0.245 -- [ ] Verify gateway is 10.0.0.254 or 10.0.0.246 +- [ ] Verify DNS servers show 10.0.0.245 and 10.0.0.254 +- [ ] Verify gateway is 10.0.0.254 ### Step 16: Test DNS Resolution From test device: @@ -161,19 +170,93 @@ nslookup google.com 10.0.0.245 - [ ] Check each static device is getting correct IP - [ ] HomeAssistant: 10.0.0.55 ✓ - [ ] New AdGuard: 10.0.0.245 ✓ -- [ ] TPLink Router: 10.0.0.254 ✓ +- [ ] TPLink Router: 10.0.0.246 ✓ --- -## Phase 6: Backup & Documentation (10 minutes) +## Phase 6: TP-Link AX72 Pro Configuration (AP Mode) -### Step 20: Create Backups +### Step 20: Connect to TP-Link +- [ ] Connect computer directly to TP-Link LAN port +- [ ] Access: `http://192.168.0.1` or `http://tplinwifi.net` +- [ ] Login: `admin/admin` (or on sticker) + +### Step 21: Change Operation Mode +- [ ] Advanced → System Tools → Operation Mode +- [ ] Select: "Access Point Mode" +- [ ] Click "Save" + +### Step 22: Set Static IP +``` +Advanced → Network → LAN +IP address: 10.0.0.246 +Subnet Mask: 255.255.255.0 +Gateway: 10.0.0.254 +Primary DNS: 10.0.0.245 +Secondary DNS: 10.0.0.254 +Save +``` +- [ ] Configuration saved +- [ ] Device will reboot + +### Step 23: Reconnect After Reboot +- [ ] New address: `http://10.0.0.246` +- [ ] Login with same credentials + +### Step 24: Configure WiFi 6 (2.4GHz) +``` +Wireless → Wireless Settings (2.4GHz) +SSID: YourNetworkName +Channel: 1, 6, or 11 +Channel Width: 20MHz or 40MHz (20MHz recommended) +Mode: 802.11ax (WiFi 6) +Max Tx Rate: 574 Mbps +Enable Wireless: ✓ +Enable SSID Broadcast: ✓ +Enable OFDMA: ✓ +Enable MU-MIMO: ✓ +Enable BSS Coloring: ✓ +Enable Target Wake Time: ✓ +Enable Beamforming: ✓ +``` + +### Step 25: Configure WiFi 6 (5GHz) +``` +Wireless → Wireless Settings (5GHz) +SSID: YourNetworkName-5G +Channel: 36, 40, 44, 48, 149, 153, 157, 161 +Channel Width: 80MHz (or 160MHz if supported) +Mode: 802.11ax (WiFi 6) +Max Tx Rate: 2402 Mbps (80MHz) or 4804 Mbps (160MHz) +Enable Wireless: ✓ +Enable SSID Broadcast: ✓ +Enable OFDMA: ✓ +Enable MU-MIMO: ✓ +Enable BSS Coloring: ✓ +Enable Target Wake Time: ✓ +Enable Smart Connect: ✗ (disable unless needed) +``` + +### Step 26: WiFi Security (both bands) +``` +Wireless → Wireless Security +Version: WPA3-Personal or WPA2/WPA3-Mixed +Encryption: AES +Wireless Password: [Strong password 12+ characters] +Group Key Update Period: 3600 seconds +``` + +--- + +## Phase 7: Backup & Documentation (10 minutes) + +### Step 27: Create Backups - [ ] OpenWRT: System → Backup/Flash → Generate Archive - [ ] Save backup file: openwrt-backup-[DATE].tar.gz - [ ] AdGuard: Settings → General → Export Settings - [ ] Save backup file: adguard-backup-[DATE].yaml -### Step 21: Document Your Setup +### Step 28: Document Your Setup Create a file with: - [ ] OpenWRT admin password - [ ] AdGuard admin credentials @@ -195,6 +278,7 @@ Create a file with: - [ ] Device blocking working correctly - [ ] Static leases all functioning - [ ] Local DNS names resolving (openwrt.local, etc.) +- [ ] Dual DNS configuration working (both 10.0.0.245 and 10.0.0.254) ### Performance Checks - [ ] Run speed test from multiple devices @@ -304,7 +388,7 @@ iptables -L FORWARD -v -n ### Support Resources - OpenWRT Forum: https://forum.openwrt.org/ - AdGuard Forum: https://forum.adguard.com/ -- This documentation folder: ________________ +- This documentation folder: _________________ --- @@ -312,13 +396,13 @@ iptables -L FORWARD -v -n Setup completed by: _________________ Date: _________________ -Time taken: _______ minutes +Time taken: ________ minutes All phases completed successfully: ☐ YES ☐ NO Notes/Issues encountered: -_________________________________________________ -_________________________________________________ -_________________________________________________ +_____________________________________________ +_____________________________________________ +_____________________________________________ Next review date: _________________