While we're on the topic of feedback, a couple of weeks ago I asked for your thoughts on using alternative firmware on Linksys wireless access points and the overwhelming vote was for the Tomato. I have a nighthawk router/modem (I think its a C7000) and a nighthawk router (R7000, I purchased the router first, got tired of paying to rent a modem and couldn't offload the router) now that I've moved into a new house. I wanted to use the router as an access point. After setting up receptacles an.
IMPORTANT: installing custom firmware always pose risk of bricking your device. Do it at your own risk.
This guide will show you how to use custom firmware Tomato by Shibby on Asus RT-N66U as a wireless access point (WAP) to setup multiple Wi-Fi VLANs.
- This is a Tech Tip in how to make a 5Ghz wireless bridge to 2.4Ghz Access Point with the Shibby Tomato firmware and a Cisco E3000 router. What is South Hawk.
- Locate the access point you want to associate with. In my case, I want my client router to connect to the primary (host) router, which is broadcasting a wireless SSID named ‘Tomato24'. Make a note of the SSID. If you do not have administrative rights to this access point, you'll need to acquire the password.
This is an alternate method of setting up Wi-Fi subnets of a 3 steps guide to protect home network using subnets.
Prerequisite: VLAN infrastructure in place for the wired network described in Part 1 and Part 2 of the 3 steps guide.
This guide will step you through the flash of custom firmware Tomato and setup the 3 wireless VLANs.
- VLAN 40 (SSID: Mobile): Your mobile devices
- VLAN 42 (SSID: IoT): IoT devices
- VLAN 44 (SSID: Guest): Guest devices
How to enable recovery mode for RT-N66U?
Asus router has recovery mode that allows you the flash firmware or reset to default settings (or factory reset for official firmware).
- turn off the router
- press and hold the reset button (do not release)
- turn on the router
- wait for about 8 seconds on official firmware (or 5 seconds on Tomato)
- release the reset button
How to factory reset?
There are several ways of performing factory reset. Each method shall achieve the same results.
Hard Reset
The 30/30/30 reset works on older routers, but not new routers like RT-N66U. So don't use it.
- with the unit turned on, press and hold the reset button
- wait until power led started blinking slowly (about 5 seconds)
- release the reset button
Reset using Recovery mode
- enable recovery mode
- click on Restore default NVRAM values
Reset using web gui
- access web gui of the router
- go to Administration > Restore/Save/Upload Setting
- click Restore and then OK
Bv ramana engineering mathematics. Note: if you are already on Tomato, go to Administration > Configuration > Restore Default Configuration, select Erase all data in NVRAM memory and click OK.
How to flash Tomato?
Note: The Administration > Firmware Upgrade option available in the web gui of the latest official firmware (v3.0.0.4.382_50624) does not allow you to flash custom firmware.
What you need: A stand alone computer you can connect directly to the router
- download Tomato firmware (look for build specific for RT-N66U)
- remove the router from your network
- perform factory reset using Hard reset method (this will reset router's IP address to 192.168.1.1)
- enter recovery mode
- set your computer's IPv4 address to something like 192.168.1.100 and connect to the router
- browse to router's IP at http://192.168.1.1. The recover mode screen should show up
- click Choose File and select the Tomato build file downloaded.
- click Upload
IMPORTANT: Flashing the firmware can take long time (over 10 minutes). Do NOT power off or interrupt the process or you may brick your router.
- wait for the upload is complete
- wait patiently (could be over 10 minutes) while router is flashing the firmware and reboot. You can ping and try browse http://192.168.1.1 to see if the install is finished.
- when web browser responses with following screen, congratulations, you have successfully installed Tomato!
How to revert back to official ASUS firmware?
- repeat steps on How to flash Tomato? using official firmware instead
Configure Tomato to serve as a wireless access point (WAP)
When used as access point, we don't need the WAN port. So we can disable it.
- go to Basic > Network
- select Disabled for WAN Settings > Type
- click on Bridge br0 in LAN section
- uncheck DHCP checkbox
- click OK
- scroll down and click Save
Setup multiple SSIDs with VLANs support
To enable multiple SSIDs with VLANs, we will create separate bridges. One bridge for each VLAN and it's associated wireless interface(s).
RT-N66U has 1 physical 5GHz wireless interface (eth1).
Tomato automatically created a default bridge ‘br0‘ and has wireless interface and default VLAN 1 (for LAN) as it's members.
Create 3 new Bridges
We will create one new Bridge for each VLAN.
- go to Basic > Network
- go to LAN section
- create bridge for VLAN 40
- select 1 for Bridge
- enter 192.168.40.1 for IP Address
- enter 255.255.255.0 for Netmask
- click Add
- create bridge for VLAN 42
- select 2 for Bridge
- enter 192.168.42.1 for IP Address
- enter 255.255.255.0 for Netmask
- click Add
- create bridge for VLAN 44
- select 3 for Bridge
- enter 192.168.44.1 for IP Address
- enter 255.255.255.0 for Netmask
- click Add
- scroll down and click Save
Update Wireless Interface eth1 (VLAN 40)
We will update settings for eth1, assign to br1 and enable security.
- go to Advanced > Virtual Wireless
- click on eth1 interface
- enter ‘Mobile‘ for SSID
- select br1 for Bridge
- click OK
- click on eth1 (wl0) tab
- select WPA2 Personal for Security
- enter a good key phrase for Shared Key
- scroll down and click Overview
- click Save
Create Virtual Wireless Interface for VLAN 42
To enable multiple SSIDs, we need to create virtual wireless interface.
- continue at Advanced > Virtual Wireless
- select wl0.1
- enter ‘IoT‘ for SSID
- select br2 for Bridge
- click Add
- select WPA2 Personal for Security
- enter a good key phrase for Shared Key
- scroll down and click Overview
- click Save
Create Virtual Wireless Interface for VLAN 44
Tomato Access Point Firmware
- select wl0.2
- enter ‘GuesT‘ for SSID
- select br3 for Bridge
- click Add
- select WPA2 Personal for Security
- enter a good key phrase for Shared Key
- scroll down and click Overview
- click Save
Configure VLAN settings
We will configure and use port 4 as trunk port (to connect to the Netgear VLAN switch).
- setup the VLAN settings according to the screen below
- scroll down and click Save and then OK to confirm
- the router will now reboot
Assign static IP to Router
The configuration to the router is done. Now we need to assign an IP address to the router so that it's ready to join your home network. The IP address should have the same net mask as the management VLAN 192.168.99.x.
- go to Basic > Network
- click on Bridge br0
- enter 192.168.99.66 as IP Address
- uncheck DHCP checkbox
- click OK
- scroll down and click Save
You can disconnect your computer from the router and can now set its IPv4 address back to Obtain an IP address automatically.
Note: your computer won't be able to connect to the router until the router joined your home network to receive an IP address from the DHCP server.
Configure pfSense and Netgear VLAN switch
Now let's prepare pfSense and the Netgear VLAN switch with the additional VLANs before RT-N66U joins the home network.
Add VLAN interfaces and rules at pfSense
Follow Step 1 through 4 of Setup VLAN interfaces at pfSense firewall to add VLAN 42 and VLAN 44 to the pfSense fireware.
Add VLAN 42 and 44 to Netgear GS108Ev3 switch
- login to the switch (would be http://192.168.99.108 if you followed the guide in Part 2)
- go to VLAN > 802.1Q > Advanced > VLAN Configuration
- enter 42 at VLAN ID field and click Add
- enter 44 at VLAN ID field and click Add
Configure port 6 as a trunk port
IMPORTANT: changing port 6 to trunk port will temporarily disable the sub-network VLAN 40.
Port 6 was originally setup as VLAN 40 for use of an access point to connect all mobile devices. If you have an access point connected to port 6 for wireless connections, it's time to unplug the access point from port 6.
Add VLAN 99 to port 6
Tomato Access Point + Wds
For VLAN 99, port 6, 7 & 8 should all be untagged (show ‘U‘).
- go to VLAN Membership
- select VLAN ID ‘99‘
- click on port 6 to show ‘U‘ (untagged)
- click Apply
Set port 6 PVID to management VLAN 99
- go to Port PVID
- enable port 6‘s checkbox
- enter 99 to PVID text box
- click Apply
Convert port 6 to trunk port
- go to VLAN Membership
- select VLAN ID '40'
- click on port 6 & port 8 until both show ‘T‘ (tagged)
- click Apply
Repeat for VLAN 42 and VLAN 44.
Hook up to the home network
Connect RT-N66U port 4 to port 6 of the Netgear VLAN switch and the wireless networks should be ready to use.
Configure your mobile devices to use their new SSIDs accordingly.
All set. Your home network is now properly segmented with multiple sub-networks for better protection!
I need a second wireless access point in my house, to deal with crappy wifi signal strength through lathe-and-plaster walls. I'm using an ASUS-RT16N running Tomato/Shibby to do this.
There's a bunch of ways to string together wireless networks. Teamviewer descargar para windows. There's wifi repeaters (no wires), ethernet bridges, WDS, blah blah. This system is acting as a wireless access point; its whole job is to accept traffic on a wifi network and then share it to a wired ethernet.
In a nutshell, the configuration is to plug the house ethernet into one of the LAN ports on the router (not the WAN!). Then disable the WAN interface entirely in Tomato, and statically configure the router to a specific IP address on your wired network. Then set up the WAN as you'd want.
Here's some details from Toastman. It looks a little different with the Shibby build, the LAN configuration is now hidden in this complicated bridge thing. But the idea is the same. One hint I picked up from elsewhere is to also go into the Administration thing and change the skin / color of the UI, just so you don't get it confused with your main router.