Networking

Unlock your Linksys router's potential with new firmware

While tinkering with his lab setup, Brad Bird discovered he could replace his Linksys router's firmware with an open source version and open up powerful new features.

I have been working now for several weeks on my home virtual lab. One goal that I had was to also monitor my network devices including my Linksys WRT350N router and my Motorola Surfboard SB5101 cable modem.

I deploy most System Center products in my virtual lab at this point. I was looking to monitor my Linksys router using System Center Operations Manager 2007 R2 using the simple network management protocol (SNMP). As a later goal, I will create some cool reports and diagram views using what I discover from SCOM.

As for the modem, I'll figure that out later. For now, I will discuss how I peeled away the challenges to get the Linksys router managed.

In SCOM, in order to monitor a device with SNMP, you must first discover the device. For this to be possible, the device must actually communicate with SNMP (v1 or up to v2c). You must also provide the device's IP address and read-only community string.

After fighting with the Linksys for a couple of days and performing significant online research, I determined that SNMP is not enabled on the router, and there is no actual way to turn it on. Or is there?

After delving through some of the Linksys community forums, I found out that with the factory-shipped Linksys firmware, many features that are possible are turned off and access is locked down because of what is exposed and how you can manage the router using the Linksys firmware.

Now I have needed to update my Linksys firmware in the past because of a buggy feature, so I am familiar with the process. It turns out, that you can actually replace the firmware in your router with firmware from another software manufacturer altogether.

For those unaware of what firmware is, think of when you use your computer. To access any of the features, you use Windows, Internet Explorer, the BIOS, etc. These are all examples of software on your computer which provide functionality that is useful in some way. Firmware is the software on a router or device that does the same thing.

So after digging, I found a company called dd-wrt that produces Linux-based firmware that is compatible with Linksys routers (amongst many others). I did my due diligence and educated myself on this product and asked around in my professional network. I know two or three IT pros who have changed firmware and swear they will never go back. Based on this feedback, I decided to throw the switch and change my router firmware.

A cautionary note here: Because I am installing non-Linksys firmware on a Linksys router, I should never expect to get support on the functioning. This suits me fine since the only support I ever really needed was to locate the hard reset procedures when the router locked up or I had to update firmware for buggy features. So what will this upgrade get me?

Here are a few awesome features which incented me to make the switch:

  • SNMP support
  • SSH support (administer the router using command line)
  • VPN server (I'll talk about this lower)
  • Simultaneous router and gateway functionality
  • VPN client (for tunneling)
  • Spanning tree protocol
  • VLAN support for the switch
  • Actual performance indicators for wireless clients in main interface
  • Many performance metrics which can be managed

Essentially, I am turning my consumer-grade Linksys router into more of a commercial-grade product. ( And let's not forget the cool factor because after all, that is what's really important!)

Okay, for those of you who have read my previous post on my home lab, I was looking at purchasing a separate device such as a Fortigate to provide firewall services and a VPN server. The fact I can use my Linksys router also as a VPN server is really cool. It remains to be seen whether this will actually be sufficient in functionality to replace the need for the Fortigate altogether.

Incidentally, this product has a lot to offer. I only named a few features but so far I am loving it, particularly since the price for the new firmware is...free! Here are a few other things I've found out about it.

Configuration settings

The process to make sure I capture my config settings was a little time consuming, but well worth it.Since I cannot use any previous backups from the Linksys firmware going forward, to capture the settings currently stored in my router, I either have to write them down, or use screen shots. Supposedly there are scripts on the dd-wrt site to do this for you as well, but I haven't tracked them down yet.

Support

You cannot get this project done without doing your homework. This means read. The Web site support offers a Wiki, and there is a lot of information to be found there. There is also a really great user community reachable directly from the site.

Installation for your particular router will be documented (assuming dd-wrt firmware can support it). There are also tables which include information you may never have even known about your router like the CPU speed, or RAM, or amount of flash memory installed in it. The support Wiki also contains information on which builds of the firmware to load. I started with the build that had the words stable build written beside it!

All aspects of the install are considered. They explain that you will be offline during the upgrade and what to prepare beforehand. They also mention MANY times that failure to install precisely according to directions can "brick" or break the router.

Lastly, I conducted the upgrade myself. Actual time to perform the upgrade and reconfigure the router took about one hour as I needed to learn the new interface. The time taken does not include all my research and reading, but the time investment is well worth it!

Has anyone out there installed the dd-wrt firmware on their router? Share your experiences.

About

Brad Bird is a lead technical consultant and MCT certified trainer based in Ottawa, ON. He works with large organizations, helping them architect, implement, configure, and customize System Center technologies, integrating them into their business pr...

81 comments
rehmankhan
rehmankhan

hello all we are running voip traffic on vpn we are using vpn service for landing calls from our usa server ( Voipswitch ) to local our local gateway(in Pakistan) so all i want to enable my linksys router to conntect with vpn server and after connecting vpn my router will be connected with my usa server so my router will get usa ip. now wat i want is when any request or traffic came on this ip should forward to my voip gateway which would be connected on LAN on router Can any boudy help me in this regards I can pay if any1 provide me this solution Waiting Rehman khan rehman.phattan@hotmail.com

Calcom Tech
Calcom Tech

The firmware seems like it adds a lot of new features but, does it correct some of the issues that Linksys firmware did not?

oscrene.g
oscrene.g

I upgraded to dd-wrt because i wanted to create an access point with my linksys router. dd-wrt has the option to setup the router as a wireless client, bridge, repeater, etc. I user dd-wrt to recieve wireless from my neibours. It works perfect.

chris
chris

I just moved into a new home and I'm not about to run Cat5 again, but I need wired switch ports at my desk and in my entertainment center. Solution? I installed a new Wireless N router, switched my linksys WRT54G to wireless bridge mode, bought another WRT54G and did the same with it, and put one in my entertainment center and the other at my desk. Now I have switch ports in both places. At my desk I uplink to a Gigabit switch and still have my high speed internet and high speed LAN.

jmbrasfield
jmbrasfield

As a personal preference, I upgraded my Linksys with the OpenWRT firmware and love the fact that now my home router has many features of a commercial grade router for use at home. I have heard of the DDWRT upgrade, but have not tried it. Any upgrade over the standard firmware is a plus. Do your homework first!

rkn101
rkn101

I am totally interested in this. I have a WRGT610N and I want to get the full potential of this router, but have limited experience. Where can get information on doing this?

robert
robert

Hi, I run the dd-wrt firmware on my own Linksys WRT54GL since nearly two years with out any problems. At work - the first thing we do with the WRTs for our field service guys is to flash the dd-wrt :-) One thing we noticed was: at rare circumstances (high voltage peaks) some devices did a factory reset and lost their configuration (did happen two or three times ...)

LuxNews
LuxNews

DD-WRT is not the only one even if one of the most famous. In Europe there is a very valid product called FritzBox! that includes european adsl/isdn adaptor to VoIP to WiFi to USB 1 (or 2 depending on the HW-version). It can be modded with Freetz (linux 2.6) using a fully scripted and automated with really everything. The only limit is your hw-resources (flash and ram size). As far as I understood it's something more than DD-WRT as the FritzBox has aboard much more interfaces than only 4 Lan ports and WiFi. At the moment my FritzBox 7140 has been modded in a way that is execptionally stable, can receive fax and voice via the VoIP channel and automatically convert to pdf(fax) or wav(voice secretary) and send to an email address. More it supports SSH and telnet access, automated response to special tel-numbers, etc..)! The price in Europe was quite comparable to the same/less function of Cisco's product w/o VoIP. Have fun! L.R.

squirrelpie0
squirrelpie0

Been using DD-WRT for a couple of years on older Linksys 54 G routers, Lots of tools and applications to increase power & set up as repeaters and access points. Stable, interesting challenges, great forums. Managed to eventually 'fry' a 54G, but not a big investment.

pgit
pgit

I find the documentation to be average and support way below average. The developers are kind enough to confirm you are correct after you've finally figured something out yourself. It's also ground zero for getting yelled at to "RTFM!" despite having done so to no avail. There is also massive confusion as to what version is most current and where to find it. I have yet to be able to discern exactly how one goes about getting the most current of releases for a particular router. I have also bricked about a half dozen brand new routers using dd wrt. I much prefer smoothwall on an old computer, but a lot of folks won't entertain that for various reasons. dd wrt, once installed, configured and thanked profusely, is a good alternative to having a bulky P-II laying around telling script kiddies to take a hike...

JeffWainright
JeffWainright

I have a Linksys WRT540GL that I have been running Tomato on pretty much since I got it - Tomato offers a lot more in terms of bandwidth monitoring than Linksys's native firmware. I had to go back to the native firmware when troubleshooting a problem with my ISP, but as soon as the problem was resolved, I went back to Tomato.

mark
mark

We have been using DD-WRT for years. I installed 10 of these for one of my clients because we could not get a network cable to all the locations. We used the WDS feature to turn them into repeaters: http://www.dd-wrt.com/wiki/index.php/WDS Once they are configured for WDS all you need is a power source and they will hop from one to another. Keep in mind, you sacrifice half of the bandwidth for each hop. Whenever my signal got weak I would put another router there and boost the signal. We have the users configured for folder redirection and roaming profiles as well as printing to a network printer and we don't have any problems. We purchased our routers from Newegg.com: http://www.newegg.com/Product/Product.aspx?Item=N82E16833124190

nchetoora
nchetoora

I have been using dd-wrt for quite a while now, prior to that i've used tomato firmware which is great. The vpn function on dd-wrt works really well i've now manage to connect 5 locations using vpn pptp. Ddns and dns works really well. Try opendns for a free dns provider and dnsexit i use for my domain name. There are different versions and i am using the vpn version on my wrt320n

tjacob
tjacob

I've been upgrading Linksys routers with DD-WRT for a couple of years. The driving force for me was that I needed a client router that would receive it's signal from another access point. Out of the box, the Linksys routers I used would not do that. Change firmware, and Bingo. DD-WRT is excellent.

derek
derek

What also may need to be communicated that it also render's router useless on a failed firmware upgrade... welcome to open source...

mccluremd
mccluremd

You have just scratched the surface regarding the capabilities of DD-WRT or Tomato firmware. Flash a Buffalo Router such as (Buffalo Technology WHR-HP-G54)if you need to increase range and reliability over the Linksys. Been playing with routers and third party firmware for about 11 years now, like computers the learning curve never ends. Great article, have fun with your new toy and home lab.

rstefchev
rstefchev

some things are not 100% as stated in the management page, but it has many many options - it will gave you total control of your device.

pat
pat

I've been using DD-WRT for several years. It works great! The only problem I have not been able to overcome is that I have not found a way to reinstall the Linksys software on the box if I have a hardware failure and need to send it back for warranty repair. Also, while DD-WRT is not lying to you, there is one setting that can be misunderstood, the radio power setting. The WRT has a radio that is capable of putting out around 65 db, but the setting for power allows the setting to go up to a higher setting, either 100 or 128, I think. The radio can only put out the factory amount, no software will be able to add power to the output. This software runs on more than Linksys boxes, I have it running on several Buffalo boxes as well. No software problems with any of them. Peace, Pat

jnenadal
jnenadal

Uh.. I hope this isn't new to you. As an IT god, I have been using DD-WRT for years. I don't even use factory-installed software anymore because I almost always have issues. Plus, DD-WRT has a ridiculous feature set to it. As far as hardware goes, I recommend the ASUS RT-N16 for DD-WRT. You get the most CPU and RAM for your money, and if you are good, the thing will run snort too!!! Also, firefox has management plugins that work with DD-WRT. Also, I could add about a thousand more alsos to this. Go check it out and buy that asus router for your hardware... well worth your time and way more robust than your linksux router.

Scott.Geiger
Scott.Geiger

I just installed DD-WRT on my linksys WRT54GL and it is GREAT!. I set it up with DDNS so I can access it via 'name' anywhere and I use it to tunnel various applications over ssh. As proof of concept I proxied my web browser through the tunnel and indeed got the IP address of my router and not the system I was running on. As was stated - READ!!! the firmware upgrade is not that complicated, but if you go too fast or try to cut corners you could very well brick your router

jrevier
jrevier

just wondering of the dd-wrt FW also supports IPv6. the "l" version of the linksys router does right out of the box but after you install the latest update from Linksys that goes away. any idea?

Neon Samurai
Neon Samurai

In the case of DD-WRT, your using a seporate firmware from a seporate vendor. Maybe if both used the same version of a common component like the kernel then the flaw may not be addressed by either. On the other hand, nothing is stoping one development group from patching and recompiling that common component or using a different version. DD-WRT seems to have kept up though the time span between the last firmware update and the previous was pretty long. I think the best guess would be based on which delivers updates more often. Once Linksys stops supporting your hardware model/version, it's down to what alternative firmware under ongoing development that will run on the device.

Neon Samurai
Neon Samurai

If your neibours haven't given permission to share there wireless, you might want to ask or reconsider what your doing. Technically it's a legal issue. But yeah, ddWRT is the best balanced firmware I've found for routers; do nearly anything and most of it with an easy GUI interface.

brad
brad

Chris, I would love to see a Visio of this setup.

brad
brad

Luxnews, this is great. I'll have a look at the info on their firmware. Are there advantages that you could see for the WRT350N?

Neon Samurai
Neon Samurai

I've been trying to create a vpn bridge between two dd-wrt routers. The wiki has a bit of a complicated example with two remote routers connecting into one central host router. Is this the setup you used or is there a cleaner way to do it like simply filling in the relevant certificate fields in the config?

brad
brad

Hi mccluremd, My lab is in the basement and I have a couple of PCs on the second story of my house. I have read that you can use the Linksys range extender even though my router is a wireless N. I saw it on the user forums. Any experiences to share here?

Neon Samurai
Neon Samurai

Your router may have a tftp firmware installation method. If you can't simply upload the firmware through the dd-wrt "upgrade" page, you may be able to tftp the firmware.

kurekd
kurekd

Increasing the power output will increase the radio chip temperature which can cause router instability (shutdowns, reboots, etc) or -- worst case -- router hardware failure. This can be easily prevented by either installing a heat sink on the radio chip, installing a cooling fan, or both. There are several hardware hack how-to pages. I've modified two Linksys WRT54GLs.

kws68
kws68

I upgrade the firmware of linksys routers with dd-wrt whenever possible. The available configuration options are great but most often I'm after the boost in transceiver power. A slight boost in power often eliminates dead spots and eliminates the need for extenders.

brad
brad

Hi Pat, Great comments!

brad
brad

Hi jnenadal, Admitedly, I am late to this party... :( I have been putting up with the standard features for years... I did know that you could load a Linksys firmware on the WRT54G a few years back but my model was not in the supported H/W versions list. Also, when a power failure fried my router I was too busy jumping for joy to buy an N-based router and had not looked back at the issue. I am curious about SNORT though, you could post some stuff here or e-mail me at: brad@bradbird.ca.

Neon Samurai
Neon Samurai

I bricked a wrt54gs when I was going through firmware options. I was able to load a clean firmware image through the tFTP method. When the router initially boots, it takes a default IP and pauses for tftp connections. On a second machine, you ping that default IP until you see the router appear then push the firmware into it through your preferred tftp client. I haven't yet bricked a router beyond being able to fix it this way (I'll keep trying though ;) ).

Neon Samurai
Neon Samurai

When I checked last, they had a bug in the IPv6 support code though. I don't know if/when that is due to be fixed. At the time, it was a convenient bug since I wanted a complete IPv6 block at my WAN uplink.

brad
brad

Hi jrevier, IPv6 is supported on the standard build that I loaded. Great question!

oscrene.g
oscrene.g

Actually i'm getting picking up wireless from my University. I live like one bock away and a regular computer wireless doesn't receives it. And some neighbors that also attend school also pick up my signal since i am repeating it.

LuxNews
LuxNews

As far as I know the WRT350N hw is quite different from FritzBox's as WRT350N has no USB nor RJ11 ports and VoIP capabilities. I don't know hw differences between the two machines, but Fritz's firmware hardly can be installed on WRT350N. Greetings. L.R.

BrianW619
BrianW619

I loved the Linksys range extender and without it I probably would have had below par throughput considering the weird network situation of a place I used to live in. It's been several years since I've needed to use it..but I still have it - just in case.

brad
brad

Hi kurekd, I am a tinkerer so you have my curiosity here... Can you make the mods within the existing router case and have it fit back?

brad
brad

Keith, that's awesome! Let's hope I dicover the same... :)

jdavis
jdavis

I believe DD-WRT runs on the Broadcom chipset that was used by the original Linksys WRT54xx models. There are a lot of consumer grade routers that use this. I had a non-Broadcom WRT54GC that I think I payed around $100 for and dumped it for a Buffalo router (forget the model) that I bought for $30, because the Buffalo had the Broadcom hardware and more memory than the latest WRT54xx models. One of the DD-WRT features I like is the OpenSSH server. This allows me to connect to my devices at home from anywhere (work mostly).

powellc
powellc

Yeah, the dd-wrt team has been providing enthusiasts with better tools for some time now. And although it runs on a wide variety of hardware, my personal favorite is still Asus, powerful and virtually unbrickable!

brian
brian

Handy BASH script for catching that "magic window" of time: { while ! ping -c 1 -w 1 the.router.default.ip; do echo not yet; done; echo Found it; # TFT command here }

Neon Samurai
Neon Samurai

Having your school network reach your home beyond school property limits is a very nice benefit.

kurekd
kurekd

SHORT ANSWER: Yes, with the right components and planning. Allow for future mods you might want to make. LONGER ANSWER: Glad to hear you're "a tinkerer." Otherwise, such hardware hacks could be frustrating, not worth the time, or disastrous. I did my practice and planning using a dead BEFW11S4 router -- case dimensions and clearances are identical to my WRT54GL routers. (Circuit board layouts are quite different but still helpful to practice on.) Clearances within the WRT54Gx routers and similar Linksys devices are small: about 15mm (9/16") vertically, and roughly 80mm (3") horizontally. So, the challenge is finding short or thin components and placing them just right so they won't interfere with one another. COOLING FANS. I scrounged a 10mm thick cooling fan from an old PC power supply. Fans from hard drive coolers would also work nicely. For example, the Evercool HD-F117 (http://www.newegg.com/Product/Product.aspx?Item=N82E16835119063) has two perfectly sized fans, each 60x60x10 MM. Make a cutout and install a fan grill. Other hardware hackers have used small fans scrounged from older CPU and RAM coolers. HEAT SINKS Any short heat sink should work as long as it doesn't interfere with the fan (or other mods). Scrounge from an old northbridge, use after-market RAM heatsinks, etc. Here are pics of heatsink work by others: Before: http://img262.imageshack.us/i/router1uk3.jpg/ After: http://img296.imageshack.us/i/router2yv6.jpg/ A scavanged northbridge heatsink: http://i3.photobucket.com/albums/y58/ODMonday/IMAGE_00090.jpg OTHER WRT54GL HARDWARE HACKS: The WRT54GL routers are great for modding. Here are two: Add a serial port to access the router via the command line. Several kits and schematics on the internet. Just one example (buy a kit or presoldered version) I am not affiliated with these guys but I've successfully used their kit: http://curiousinventor.com/kits/spk_wrt_instructions Add an SD card to add GIGABYTES of storage. One way of doing it: http://www.dd-wrt.com/wiki/index.php/Linksys_WRT54G-TM_SD/MMC_mod

Neon Samurai
Neon Samurai

I usually forward port 22 to my box inside the network. I only need to worry about it's related security and if I do a proxy forward, I can hit my router from the inside providing browser admin access without "Administrate from WAN" being enabled.

Scott.Geiger
Scott.Geiger

Nice script brian, I'll have to keep this one handy... somehow I have a feeling it'll come in handy one day.

Neon Samurai
Neon Samurai

I was more manual about it at the time: 1. open terminal 1 with ping router.default.ip 2. open terminal 2 with tftp command 3. hit enter in terminal 2 when terminal one shows ping response

Editor's Picks