Configuring a Linksys WRT54G Router for IPIP Tunneling Into FSG Using DD-WRT Firmware
The following is info on DD-WRT from their Wiki at http://www.dd-wrt.com
The firmware is maintained by BrainSlayer(mailto:) and is hosted at dd-wrt.com(http://www.dd-wrt.com/). The first versions of DD-WRT were based on the Alchemy Firmware(http://www.wrt54g.com/) from Sveasoft Inc(http://www.sveasoft.com/), which is in turn based on the original GPL'd Linksys Firmware and a number of other open source projects. DD-WRT exists as a direct result of Sveasoft's demand for $20 in order to be able to download their firmware.
History:
(Short version) I previously have used two different Sveasoft firmwares that have caused continous problems with Wireless connections to the router and lock ups. The DD-WRT firmware seems to fix these problems and I highly recommend it after several weeks of testing.
(Long version)
I originally used the Sveasoft firmware that supported IPIP tunneling for my home network. IPIP tunneling is not compiled by default in the normal Sveasoft firmware so I originally used a beta Alchemy firmware know as Lonewolf LW031 that happened to have IPIP installed. This firmware turned out to cause lock ups of my router – particularly at high wireless loads. Sveasoft released the final Alchemy software (version 1.0) and I decided to try recompiling it with IPIP tunneling installed to see if the lock-ups were fixed. Initially, I had good results but I still experience lock ups once a month or so. I also had occasional difficulties with obtaining cable modem IP addresses from Charter’s DHCP server. Sveasoft released a new version of the firmware named Talisman and I hoped that this might fix my problems. Unfortunately, the source has never been released in compilable form to enable IPIP tunneling. Gene Stone suggested I look at OPEN-WRT (Linux firmware with installable packages) and I also heard some good things about a firmware based on OPEN-WRT called DD-WRT.
OPEN-WRT is a pure Linux command line environment with installable packages that allows IPIP tunneling to be installed without a total firmware recompile. DD-WRT adds a web based user interface to OPEN-WRT. After one false start, I’ve found a combination of firmware version and installation procedure that has fixed all my problems with the Sveasoft software and doesn’t require a recompilation. I’m also getting much better wireless performance leading me to believe that there are issues with Sveasoft’s wireless code.
Your WRT54G router must be one of the following versions (you can find your version number on the sticker on the bottom of the router labeled as WRT54G vx.x):
WRT54G 1.0/1.1
WRT54G 2.0
WRT54G 2.2
WRT54G 3.0
WRT54G 3.1
WRT54G 4.0
WRT54GL 1.0
WRT54GS 1.0
WRT54GS 1.1
WRT54GS 2.0
WRT54GS 2.1
WRT54GS 3.0
WRT54GS 4.0
NOTE – If you purchase a WRT54G from most stores, you’ll get the 5.0 version which uses a different processor and cannot load this firmware. Linksys decided to change processors in the WRT54G v5.0, but still sells a Linux compatible version known as the WRT54GL v1.0. I believe it only is sold online such as from Amazon.com.
http://www.amazon.com/gp/product/B000BTL0OA/sr=8-1/qid=1143256888/ref=pd_bbs_1/103-8633293-4788602?%5Fencoding=UTF8
Warning: if the following procedure is not carefully followed, your router may be disabled with a faulty firmware load (bricking) which may or may not be recoverable.
The following is the procedure I used to replace the Sveasoft firmware with DD-WRT. Make sure you disconnect the cable to your DSL or cable modem. The only connection should be from your Windows computer that will perform the firmware upgrade to your router.
1. Download the “mini generic version” of DD-WRT using the following link:
http://www.heino.com/dd-wrtv23beta.bin
This is the 2/24/06 beta version that fixes wireless disconnect issues when using the wireless features of the WRT54G. This version is small enough that it can be loaded using the Web based firmware load features of both the stock Linksys firmware or Sveasoft firmware. The DD-WRT firmware comes in 3 other versions – standard, voip, and vpn. These versions are larger requiring a firmware load from either DD-WRT mini or one of the Sveasoft firmwares. Do not try to load the larger DD-WRT firmwares from the stock Linksys firmware without first loading the mini-generic version first.
2. The following are the precautions from the DD-WRT WIKI http://www.dd-wrt.com/dd-wrtv2/index.php?link=downloads
Warning! Incorrect flashing procedure can brick your router!
*** HTTPS: YOU CANNOT FLASH/BACKUP your firmware over a "https" connection ***
- PLEASE follow ALL directions. You WILL have problems if you don't. They are here for a REASON. I cannot stress this point enough.
- Flashing the Firmware should be done with a stable, wired connection.
- Flashing via wireless is inherently unstable and can result in a bricked router.
- Disable your anti-virus-software, as a false-positive virus detection could interrupt the upload.
- Disable any wireless adapters on your system to ensure that the upload goes through the wired connection!
- You will not have/need internet access from steps 2 through 5
- We recommend you save this webpage and the webpages on how to Recover from a Bad Flash to your hard drive (File - Save Page As {*NOT* a bookmark}). This will allow you to review the information in the event something goes wrong.
3. Flash the firware into the router. The instructions recommend an exact procedure as speficied below. I initially did a short cut not believing the requirements to wait 5 minutes and such and had wireless connection issues afterwards. I repeated the following to the letter and my problems went away so I recommend following the instructions exactly. The flash instructions from the Wiki:
Steps to flash through Web Interface
Note for users not using the original linksys firmware: you cannot use tftp! Change your firmware to the official linksys firmware, and then continue below.1) Download firmware
· Read the information about the
· Download the latest release or pre-release version HERE(http://dd-wrt.gruftie.com/dd-wrtv2/index.php?link=downloads) or go to the DD-WRT homepage at http://www.dd-wrt.com/
Note: use the mini version when upgrading from original linksys firmware!
· Extract the archive.
2a) Reset through the Web Interface
if you forgot the password or IP of your router, proceed to step 2b.
· From a PC connected to one of the 4 LAN ports on the router open a web browser and go to the IP of the router (default IP is 192.168.1.1).
· You will be prompted for username and password. Username is not required (for versions as of 31.02.06 the username is root). Enter password (default password is admin) and you should be at the Web Interface of your WRT54G/GL/GS
· Click the "Administration" tab.
· Click the "Factory Defaults" sub-tab.
· Select "Yes".
· Click the "Save Settings" button.
· A new page will open, click "continue".
2b) Reset to factory defaults
· Press and hold the reset button on the back of the router for 30 seconds. This will clear your NVRAM, the configuration and reset the password to admin.
3) Upgrade Firmware
Do not turn off the computer, close the web browser, or turn off the router during this process!!!!!
· From a PC connected to one of the 4 LAN ports on the router open a web browser and go to the IP 192.168.1.1.
· You will be prompted for username and password. Leave username blank, enter password admin. Now you should be at the Web Interface of your WRT54G/GL/GS.
· Click the "Administration" tab
· Click the "Firmware Upgrade" sub-tab.
· Click the "No reset" radio button (works for me, but please double check if "Firmware Defaults" would be better!).
· Click the "Browse" button and select the DD-WRT .bin file you extracted in step 1.
· Click the "Upgrade" button.
· The router will take a few minutes to upload the file, flash the firmware, and then reset.
· A new page will open, wait about 5 minutes before clicking "Continue".
· If flashed successfully you will now be at the DD-WRT web interface and the Router Name will be DD-WRT.
4) Reset to factory defaults AGAIN
· Repeat step 2 above. Note: step 2b (the manual way of clearing the NVRAM) is recommended to make sure the radio gets the correct parameters.
5) Enjoy
· It is strongly advised that you enable the "Boot Wait" option under the "Administration" tab. This will help you recover in the future should you flash your router improperly. If you use v23 or higher the "Boot Wait" option is enabled by default.
6)?? Uh-oh??
· If your router fails to reboot (power light doesn't stop flashing, no web interface, etc) you will need to Recover from a Bad Flash.
4. After flashing the firmware, you should log onto the web interface of the router at http://192.168.1.1
You should see a DD-WRT screen that looks like follows:
5. Press the “Administration” tab and a dialogue box should be displayed for logging into the admin pages. Leave the username blank and enter “admin” for the password. The “Router Management” page should be displayed.
6. Enter a new password into “Router Password” and enter the same into the “Re-enter to confirm” text boxes. Press the “Save Settings” at the bottom of the page to change the router password to something other than “admin”. Refresh the page and the router should required you to enter the new password. The same page should then be displayed.
7. To enable IPIP tunneling, it will be necessary to install an external package. This requires the JFFS2 file system to be enabled to store the package. Press the “enable” button under “JFFS2 enabled” in the center of the screen. Press “Save Settings” at the bottom of the screen. The same page should be displayed.
8. Initialize the JFFS2 file system by pressing “enable” for “Clean JFFS2”. Press “Save Settings”. The same screen should be displayed.
9. Under “IP Filter Settings”, enter “4096” for the “Maximum Ports” text box. Enter “360” for “TCP Timeout(s) and “360” for “UDP Timeout(s)”. Press “Save Settings”.
10. Press the “Setup” tab at the top of the screen. Under “Network Setup” change the “Local IP Address” to your FSG subnet number. You can also pick any address from 1 to 254 for your router. I picked 254 for my router address and my FSG subnet number is 18. Therefore, my setting is “192.168.18.254”. Press “Save Settings” at the bottom. At this point you’ll have to open a DOS window to release and renew your ip address. In the DOS window, enter “ipconfig /release” and then “ipconfig /renew”. Your local computer should be assigned an ip address of 192.168.xxx.100 where xxx is your FSG subnet number.
11. On your browser, enter “192.168.xxx.yyy” where xxx.yyy is set to the ip address you assigned above to your router. The DD-WRT control panel should be displayed.
12. You can now connect your DSL or cable modem to the WAN port of the router. The rest of the installation can be done either over the router’s wired ports or through a wireless connection. There is no more danger of bricking the router. You should make sure that the power was off on your modem for a couple of minutes to make sure that your ISP will assign a proper IP address. This is more of an issue if you’re swapping routers or buying a new one. The cable modem/DSL head end wants to see a disconnect for a duration before assigning an IP to a different router/DSL modem mac address. If you’re using the same router with different firmware, you can probably avoid the power reset on the modem although the DHCP client in DD-WRT may be slightly different from other firmware.
13. Once the cable modem/DSL modem has been powered up and is active, go to the “Status” tab and press the “DHCP Release” and then “DHCP Renew” and make sure that a proper ip address is assigned (not 192.168.x.x, 169.x.x.x, or 10.x.x.x). You can refresh the page to see if the ip address is correctly assigned. On Charter Pipeline, I have to wait up to 5 minutes until my assigned address changes from 192.168.100.1 to a legitimate Internet ip.
14. Once an IP has been assigned, the router can access the Internet and the IPIP package can now be installed. Open a DOS window, and telnet into the router using the username “root” and the password assigned above in step 6 above.
15. Update the available packages for installation by typing “ipkg update”. Once this is finished, you view the available packages to install by typing “ipkg list”. Unfortunately, the ipip module is not made available by default and I’ve placed a proper version of it on my web site.
16. Install the IPIP package from my web site by typing “ipkg –d root install http://www.heino.com/ipip-module_20040509-04_mipsel.ipk”. This permantly installs the module in the flash filesytem area of the router.
17. Install the firewall configuration script. First, set default directory to the tmp area: “cd /tmp”.
18. Download the sample script from my web site: “wget http://www.heino.com/tunnel.txt”. A file will be created in the /tmp area called tunnel.txt.
19. To change my subnet to your subnet, type the following (using vi):
vi tunnel.txt
:1,20s/18/xx/g
:wq
Replace the xx above with your subnet, for example subnet 32 would be :1,20s/18/32/g