This was tested on Mac OS X 10.10.0 DP5. Open System Preferences and click on Network. Click on the + symbol to add a new interface. Set the 'Interface' to VPN. Set the 'VPN Type' to 'L2TP over IPSec.' Set the 'Service Name' to whatever you would like. Click the Create button. Set the 'Server Address' to your DDNS name. Punch rosemary sprigs through tomatoes, then place in jar. Pour vinegar plus salt water mix over top of tomatoes, then refrigerate. Make sure tomatoes covered – add more water and vinegar in 1:1 ratio if needed to fully cover. Wait at least one week before eating, but can be stored in the fridge for months. Auto Save Document-based apps can implement Auto Save to automatically save versions of documents as the user works on them. When Auto Save is enabled, a version of the document is automatically saved at least once per hour, and each time the document is opened, duplicated, locked, renamed, reverted,.
Tomato's Frequently Asked Questions & TipsThis page requires JavaScript.
Contents
- LinksysWRT54GL v1.x,WRT54G v1-v4,WRT54GS v1-v4,WRTSL54GS (no USB support)
- BuffaloWHR-G54S,WHR-HP-G54,WZR-G54,WBR2-G54,WBR-G54,WZR-HP-G54,WZR-RS-G54,WZR-RS-G54HP,WVR-G54-NF,WHR2-A54-G54,WHR3-AG54
- AsusWL520GU (no USB support),WL500G Premium (no USB support),WL500GE
- Sparklan WX6615GT, Fuji RT390W, Microsoft MN-700
Look at the bottom side of the router to check for the version number, orcompare the first 4 characters of the serial number with the following list:
CDF0/CDF1 = WRT54G v1.0
CDF2/CDF3 = WRT54G v1.1
CDF5 = WRT54G v2.0
CDF7 = WRT54G v2.2
CDF8 = WRT54G v3.0
CDF9 = WRT54G v3.1
CDFA = WRT54G v4.0
CDF2/CDF3 = WRT54G v1.1
CDF5 = WRT54G v2.0
CDF7 = WRT54G v2.2
CDF8 = WRT54G v3.0
CDF9 = WRT54G v3.1
CDFA = WRT54G v4.0
CGN0/CGN1 = WRT54GS v1.0
CGN2 = WRT54GS v1.1
CGN3 = WRT54GS v2.0
CGN4 = WRT54GS v2.1
CGN5 = WRT54GS v3.0
CGN6 = WRT54GS v4.0
CGN2 = WRT54GS v1.1
CGN3 = WRT54GS v2.0
CGN4 = WRT54GS v2.1
CGN5 = WRT54GS v3.0
CGN6 = WRT54GS v4.0
CL7A = WRT54GL v1.0
CL7B = WRT54GL v1.1
CL7C = WRT54GL v1.1
CF7C = WRT54GL v1.1
CL7B = WRT54GL v1.1
CL7C = WRT54GL v1.1
CF7C = WRT54GL v1.1
If it's not listed above, and it's not a WRT54GL, it's not supported.
Please see the included readme for detailed instructions and warnings.
For the WL-520GU, try renaming tomato-ND.trx to WL520gu_2.0.0.9_EN.trx and upgrade as usual.
For the WL-520GU, try renaming tomato-ND.trx to WL520gu_2.0.0.9_EN.trx and upgrade as usual.
Note: If you're using a Motorola router, install the original firmware first.See the included readme for additional information.
Note: If you're using the DD-WRT firmware, please see the information belowabout password incompatibility.
Open the router's GUI in your browser, use the same procedure as upgrading afirmware, pick a Tomato firmware file that is appropriate for your router,and 'upgrade.' If you can't find a file to exact match for your router (andyour router is supported by Tomato -- check!), *choose any* of the file. Youcan also try renaming the .TRX file to .BIN to see if that helps. Don't worry,the header/signatures are different for each file, but the are exactly the samewhen installed.
Please see the included readme also.
Note: If you're using the DD-WRT firmware, please see the information belowabout password incompatibility.
Open the router's GUI in your browser, use the same procedure as upgrading afirmware, pick a Tomato firmware file that is appropriate for your router,and 'upgrade.' If you can't find a file to exact match for your router (andyour router is supported by Tomato -- check!), *choose any* of the file. Youcan also try renaming the .TRX file to .BIN to see if that helps. Don't worry,the header/signatures are different for each file, but the are exactly the samewhen installed.
Please see the included readme also.
Important: Make sure the firmware you are going to use is the correct type foryour router. Tomato will accept WRT54G/GL, WRT54GS, WRT54GSv4, WRTSL54GS, WR850Gand TRX types of files, but it cannot check if the firmware actually supportsyour router.
Open Tomato's GUI in your browser, go to Administration/Upgrade, select the fileand click the Upgrade button.
Open Tomato's GUI in your browser, go to Administration/Upgrade, select the fileand click the Upgrade button.
Yes. It uses the Linux kernel and most of the utilities provided in Linksys'WRT54GL source code as a starting point. Besides the visible GUI change, a lotof the code inside has also undergone extensive changes to add new features, fixproblems, optimize and reduce the size.
Make sure you're entering the username 'admin' or 'root'. Unlike the Linksysfirmware, they are required in Tomato.
If you're upgrading from the DD-WRT firmware, telnet into the router *before*upgrading and type 'nvram get http_passwd'. The result will be your password inTomato. This is necessary because of a change in DD-WRT's way of using thestandard http_passwd variable.
If you have a Buffalo router or a Linksys with a pushable Cisco logo, push theAOSS/Cisco button for at least 20 seconds, then telnet into the router onport 233. Type 'nvram get http_passwd' to retrieve the password or 'nvram sethttp_passwd='your_new_password' followed by 'nvram commit' to set it manually.Reboot the router using the command 'reboot' after using this method.
If nothing else works, push the reset button for a few seconds to reset all ofthe settings. The default password after resetting is 'admin'.
If you're upgrading from the DD-WRT firmware, telnet into the router *before*upgrading and type 'nvram get http_passwd'. The result will be your password inTomato. This is necessary because of a change in DD-WRT's way of using thestandard http_passwd variable.
If you have a Buffalo router or a Linksys with a pushable Cisco logo, push theAOSS/Cisco button for at least 20 seconds, then telnet into the router onport 233. Type 'nvram get http_passwd' to retrieve the password or 'nvram sethttp_passwd='your_new_password' followed by 'nvram commit' to set it manually.Reboot the router using the command 'reboot' after using this method.
If nothing else works, push the reset button for a few seconds to reset all ofthe settings. The default password after resetting is 'admin'.
If you're upgrading from an older version of Tomato, you don't need to performa reset. Unless indicated in the release notes, Tomato will automaticallyupgrade older configurations if necessary.
If you upgraded from another firmware, a complete reset is recommended. Go toAdministration/Configuration and select 'Erase all NVRAM...' after installingTomato.
If you upgraded from another firmware, a complete reset is recommended. Go toAdministration/Configuration and select 'Erase all NVRAM...' after installingTomato.
Unless it's specifically for Tomato, probably not. The popular onefloating around with several 'echo xxx > xxx' lines is for an older versionof HyperWRT and not necessary in Tomato.
The default maximum connections in Tomato is 4096. The default establishedtimeout value (the infamous '5 day' value) is 4 hours. You can change thesevalues in Advanced/Conntrack if you like.
The default maximum connections in Tomato is 4096. The default establishedtimeout value (the infamous '5 day' value) is 4 hours. You can change thesevalues in Advanced/Conntrack if you like.
- Verify that hostname is valid (Basic/Identification).
- Go to Advanced/DHCP and try enabling 'Reduce Packet Size'.
- If you disabled NAT Loopback in Advanced/Firewall, try enabling it.
- Try releasing -then- renewing the lease from your computer. In Windows, you can type 'ipconfig /release' followed by 'ipconfig /renew' from the command line.
Check your if your wireless card has an updated driver available. Some notebook manufacturers customize the drivers, so check their site first.
If you have an HP + Intel 2200BG, the following reportedly fixes a disconnect problem:hp.com
If you have an HP + Intel 2200BG, the following reportedly fixes a disconnect problem:hp.com
Free memory is often used temporarily for cache and is automatically freed whenneeded. If you want the free memory display to count the cache size as free memory,go to Administration/Debugging. But unless you're getting error messages aboutnot having enough memory, don't worry about it.
This is probably more commonly known to some as Samba or Windows Shared Foldersor the 'machineshare' thing. It's used to make a drive from a computer ordevice accessible from within the router.
- Use an IP address. ex: 192.168.1.5share
- Use a regular account that requires username/password instead of a guest account.
- Make sure the account has read/write permission.
- Make sure NAT Loopback is enabled in Advanced/Firewall.
It's a filesystem that is used to turn an unused portion of the router's NVRAMinto a writable space.
Note: The CFE and config areas are constant in size, but the firmware size may changewhen you upgrade. Because of this, the unused portion used by JFFS2 may alsoshrink or expand, erasing the data in the JFFS2. Always backup your data beforeupgrading.
Note: The CFE and config areas are constant in size, but the firmware size may changewhen you upgrade. Because of this, the unused portion used by JFFS2 may alsoshrink or expand, erasing the data in the JFFS2. Always backup your data beforeupgrading.
It's a directory that is accessible/writable from within the router. Examples:'/tmp/', '/cifs1/mystuff/' (if you mounted a drive). Windows 'C:directory' should not be used. If you want to save the data to your computer's hard drive,use CIFS.
Some settings are saved in the browser as cookies, so make sure your browser isnot set to erase these cookies.
Opera users should try using the router's hostname (http://hostname/) whenaccessing the router's GUI since Opera doesn't seem to save cookies when usingan IP address.
Opera users should try using the router's hostname (http://hostname/) whenaccessing the router's GUI since Opera doesn't seem to save cookies when usingan IP address.
If you're using Firefox or Opera, upgrade to the latest version. If you're usingInternet Explorer, you need to install theAdobe SVG Viewer.If you're using Safari, install the latest Safari 3.
Note: Having a browser that has SVG support doesn't necessarily mean you will be able to view the graphs. Some implementations may be good for displaying simple static SVG, but may not support all features needed by Tomato.
Note: Having a browser that has SVG support doesn't necessarily mean you will be able to view the graphs. Some implementations may be good for displaying simple static SVG, but may not support all features needed by Tomato.
Inside or outside of the DHCP range will work, but it's probably better to usean address outside of the range so it doesn't get in the way.
Use static DHCP in Basic/Static DHCP. If you don't want to use static DHCP,you can still use the page by entering 00:00:00:00:00:00 as the MAC address.
Names that have a dot, like 'foo.lan', are treated as regular domain names.Undotted names like 'foo' use the router's domain name. Multiple names may be entered by separating them with spaces (foo1 foo2).
The hostnames should work on all computers connected to the LAN as long as therouter's DNS forwarder is used (the default setting). They will not work fromthe Internet side.
The most common setup is to simply use a straight port forwarding like thefollowing examples:Names that have a dot, like 'foo.lan', are treated as regular domain names.Undotted names like 'foo' use the router's domain name. Multiple names may be entered by separating them with spaces (foo1 foo2).
The hostnames should work on all computers connected to the LAN as long as therouter's DNS forwarder is used (the default setting). They will not work fromthe Internet side.
Forward a single port:
External Ports: 5050
Internal Ports: (blank)
Internal Address: 192.168.1.5 (your computer's IP address)
Forward a range of ports:Internal Ports: (blank)
Internal Address: 192.168.1.5 (your computer's IP address)
External Ports: 330-340
Internal Ports: (blank)
Internal Address: 192.168.1.5 (your computer's IP address)
Forward multiple ports:Internal Ports: (blank)
Internal Address: 192.168.1.5 (your computer's IP address)
External Ports: 600,700,800-899
Internal Ports: (blank)
Internal Address: 192.168.1.5 (your computer's IP address)
Internal Ports: (blank)
Internal Address: 192.168.1.5 (your computer's IP address)
You can also forward a port to a different internal port:
External Ports: 888 (as seen from the Internet)
Internal Ports: 999 (as seen inside your LAN)
Internal Address: 192.168.1.5 (your computer's IP address)
Entering ranges or multiple ports are not supported if forwarding to a differentinternal port.Internal Ports: 999 (as seen inside your LAN)
Internal Address: 192.168.1.5 (your computer's IP address)
Save Tomato Mac Os Download
Tip: Make sure the address always matches your computer's IP address by usingStatic DHCP.This is a type of port forwarding where external ports are only opened if datais sent to a trigger port from your computer. Example:
If my computer sends data to ports in the 1001 to 1005 range, ports 2000 to2005 are opened and forwarded to my computer.When my computer stops using all of the ports, the forwarding automaticallystops after a few minutes.
If my computer sends data to ports in the 1001 to 1005 range, ports 2000 to2005 are opened and forwarded to my computer.When my computer stops using all of the ports, the forwarding automaticallystops after a few minutes.
- Firewall Protection -- Firewall is always enabled in Tomato.
- Block Anonymous Internet Requests, Filter Multicast, Filter InternetNAT Redirection -- Reversed and renamed to 'Respond to Inbound Ping','Allow Multicast' and 'NAT Loopback' since these are closer to what they actually do.
- Filter IDENT -- Not supported, but you can use Access Restriction to blockdestination port 113.
- Block Active X, Java, P2P -- Use Access Restriction.
- Block Cookies, Port Scan -- Not supported.
These options are not supported in Tomato. They are actually labeled a littlebit incorrectly in Linksys' firmware: When disabled, ports are blocked. Whenenabled, they did nothing.
If it worked before with the Linksys firmware when the 'passthrough' was enabled,they should work fine under Tomato without any additional settings.
If it worked before with the Linksys firmware when the 'passthrough' was enabled,they should work fine under Tomato without any additional settings.
No. In Tomato, these buttons are assigned to be wireless on/off switches bydefault. They can also be configured to do other tasks like running a customscript.
Reports indicate yes on both platforms. AOSS-based setup is not supported.
Check with your DDNS provider's help pages for the exact format. It's thesame type of URL that you can enter in your regular web browser.Notes:
- The keyword @IP can be used if you need to insert the current WAN IP address.
- Basic authentication can be entered using the 'http://username:password@domain/' notation.
- POST requests are not supported.
You can use 'standard Linux commands.' Google to find a list of the most commonones. But keep in mind that only a few are included and most are simplifiedBusybox versions.
Some interesting utilities to play with: wl, nvram, ttcp, iptables, top
Some interesting utilities to play with: wl, nvram, ttcp, iptables, top
- The startup script runs at startup or when the router is soft-restarted.
- The shutdown script runs when the router is shutdown, rebooted, orsoft-restarted.
- The firewall script runs after setting up the firewall/iptables rules whichmeans it will run after the WAN is connected and whenever there are changes tothe configuration that affect the firewall.
- The WAN UP script runs when the WAN is connected.
- The SES/AOSS scripts run when the SES or AOSS buttons are pushed.The first argument passed to this script is the number of seconds the button washeld.
- The Auto/Bridge script, which is only in Buffalo routers, runs whenever achange in the auto/bridge switch at the bottom of the router is detected. Itwill also run at startup so the initial position can be read (see example onhow to avoid running at startup). The first argument passed to this script arethe words 'auto' or 'bridge'.
The startup script actually runs ahead of some services. Things that involvenetworking, for example, are not going to be up yet when the startup scriptbegins. To work around this, use 'sleep 5' or a similar command to wait untilwhat you need is up and running. Better yet, consider putting the script inother areas like the firewall script where you're assured that the network isready.
Use a utility called 'cru'. Examples:If you'd rather do this manually: Tomato uses Busybox's crond implementationwhich doesn't use the same files as the ones found in DD-WRT or HyperWRT (Vixie).The cron file is in /var/spool/cron/crontabs/root.
Save Tomato Mac Os 11
It's a text from the URL. More specifically, from the hostname, path and queryparts of a URL:Multiple words can be entered by using spaces or new lines:word1 word2
word3
These are treated as an 'OR' expression: 'If word1 OR word2 OR word3 matches, block.'word3
You can use some special characters to specify how to match:
pumpkin.com$ (ends with pumpkin.com)
^pies (begins with pies)
^pies.pumpkin.com$ (pies.pumpkin.com exactly)
Some limitations: Hostname is a separate string from path?query (path and queryare considered as one string), so you can't use 'domain.com/path'. Others, likethe POST data, or the content of the requested pages are not checked. Escapedcharacters are not decoded.^pies (begins with pies)
^pies.pumpkin.com$ (pies.pumpkin.com exactly)
See also: http://www.polarcloud.com/v/screst.htm
Go to the Access Restriction page, and add a new rule with 'Type' set to'Disable Wireless Radio'.
If your router has an AOSS or SES (Cisco logo) button, you can also disable wirelesstemporarily by pushing the button for 2 seconds.
Here's an example basic 2-router setup as configured in the Basic/Network page:If your router has an AOSS or SES (Cisco logo) button, you can also disable wirelesstemporarily by pushing the button for 2 seconds.
#1 - 00:11:11:11:11:11
The WAN port of this router is connected to the Internet.
WAN
(configure normally)
LAN
IP Address = 192.168.1.1
DHCP Server = enabled
Wireless
Wireless Mode = Access Point + WDS
SSID = samessid
Channel = 3
Security = WPA Personal
Encryption = AES
Shared Key = samesharedkey
WDS = Link With
MAC Address = 00:22:22:22:22:22 (the *wireless* MAC of the 2nd router)
(configure normally)
LAN
IP Address = 192.168.1.1
DHCP Server = enabled
Wireless
Wireless Mode = Access Point + WDS
SSID = samessid
Channel = 3
Security = WPA Personal
Encryption = AES
Shared Key = samesharedkey
WDS = Link With
MAC Address = 00:22:22:22:22:22 (the *wireless* MAC of the 2nd router)
#2 - 00:22:22:22:22:22
The WAN port of this router is not used.
WAN
Type = Disabled
LAN
IP Address = 192.168.1.2
Default Gateway = 192.168.1.1 (the 1st router's IP address)
Static DNS = 192.168.1.1 (the 1st router's IP address or any DNS server)
DHCP Server = Disabled (the 1st router handles it)
Wireless
Wireless Mode = Access Point + WDS
SSID = samessid
Channel = 3
Security = WPA Personal
Encryption = AES
Shared Key = samesharedkey
WDS = Link With
MAC Address = 00:11:11:11:11:11 (the *wireless* MAC of the 1st router)
Once you configure #2, you can hook up wired computers on it or use it as asecond AP to extend your LAN's wireless range. As long as you configure yournotebook not to stick to a single MAC address, it should switch automaticallyto the strongest signal as you move around.Type = Disabled
LAN
IP Address = 192.168.1.2
Default Gateway = 192.168.1.1 (the 1st router's IP address)
Static DNS = 192.168.1.1 (the 1st router's IP address or any DNS server)
DHCP Server = Disabled (the 1st router handles it)
Wireless
Wireless Mode = Access Point + WDS
SSID = samessid
Channel = 3
Security = WPA Personal
Encryption = AES
Shared Key = samesharedkey
WDS = Link With
MAC Address = 00:11:11:11:11:11 (the *wireless* MAC of the 1st router)
You can chain several more routers this way by changing the WDS' MAC address field.But avoid creating loop or a situation where there are multiple paths.If you have to do this for link redundancy, try enabling STP in Advanced/Routingto avoid problems.
Try setting the security setting to WPA Personal on both ends.
This is a tough one to answer since it depends on what you need. But in mostcases, simply entering 90% of your maximum upload speed in QOS/Basic, puttingyour VOIP device's (if you use one) MAC address on 'Highest' and on the top ofthe classification list, and leaving everything else as-is will get you up andrunning quickly. If you need a more complex setup, check one of the Linksysforums for more examples or additional help.
Whenever your computer opens a connection to the Internet, the router will tryto determine what 'class' it should be in by following the 'rules' in theQOS/Classification page. A 'class' is basically a group rate and speed limitas set in QOS/Basic Settings.
Here's a detailed explanation of the default rules in QOS/Classification:Connections that have a destination port of 80 or 443 (outbound; 80 is thestandard HTTP/WWW port, 443 is the standard HTTPS port), and have transferredLESS than 512 KB of data (outbound / upload) are put in the 'High' class.This makes web browsing a priority, as long as we're not uploading a big file.Connections that have a destination port of 80 or 443 (same as rule #1), andhave transferred MORE than 512 KB of data (outbound) are put in the 'Low' class.
This makes sure long browser uploads do not monopolize the bandwidth. Italso makes sure other applications that may use the same ports, like P2P, donot hog the bandwidth.Connections that have a destination port of 53 (outbound), and have transferredless than 2 KB of data (outbound / upload) are put in the 'Highest' class.
This makes DNS lookup a priority.Connections that have a destination port of 53 (same as rule #3), andhave transferred more than 2 KB of data (outbound) are put in the 'Lowest'class.
This makes sure other applications that may use the same ports, like P2P, donot hog the bandwidth.Connections that have a destination port of 1024 to 65535 are put in the 'Lowest' class.
High port numbers are often used for non-essential services like P2P, so thisputs them in the 'Lowest' class.
And finally... Ports 1 to 1023, which doesn't match any of the rules above, areset to the default (see QOS/Basic Settings) 'Low' class.
Additional notes:
- The rules are evaluated top to bottom, as shown in the GUI. The *first* one thatmatches sets the class.
- #2, #4, #5 set the class permanently since once they match, there's nopossible change left to expect. #1 and #3 set the class temporarily sincechanges to bytes transferred may go beyond the specified limit.
Connections that travel from your computer directly to the router (the endpointis the router) are never classified. Connections that travel from the Internetto your computer or router, but not the other way around are also not classified.
Try searching for Robson's WRT54 Script Generator.
Go to Administration/Debugging and enable 'Avoid commiting to NVRAM'. Tomake the router stay in this mode even after a reboot, click 'NVRAM Commit'after clicking 'Save.'
When you're done, you can undo changes by rebooting or commit the changes byclicking on the 'NVRAM Commit' button.
When you're done, you can undo changes by rebooting or commit the changes byclicking on the 'NVRAM Commit' button.
Yes. The new DST is supported in the US/Canadian timezones: Alaska, Pacific,Mountain, Central, Eastern, Atlantic, Newfoundland. If I missed something else,let me know (see bottom of FAQ).
In Administration/Access, select 'Custom' as the color scheme and create a CSSfile in /var/wwwext/custom.css (/www/ext/custom.css).One way to create this file is to use startup script similar to the following:You can use http://192.168.1.1/blue.css as a template orhttp://192.168.1.1/tomato.css if you want the long version.
Here are a few examples sent in by users:
- Green On Black[pic](Travis W.)
- Red On Black[pic](Travis W.)
- Green Tomato[pic](Andy C.)
- BlueGreen2[pic](Scott D.)
See the firmware page: http://www.polarcloud.com/firmware/
See the README included with the firmware for additional information.For other questions/problems, try the following:
- Wikibook (en)
- Wikibook (de)
- Broadband/DSL Reports Forums
- LinksysInfo Forums
- OpenLinksys Forums (pl)
Send as much information as you can, including steps on how to reproducethe problem, 'nvram show', logs, caps or other files (see Administration/Debugging)if you think it would help. You can send it to.
You can send it to the same email address above. But please understand that I cannotimplement all suggestions that I receive. And please keep the suggestions withinTomato's 'small and simple' theme. :)
If you’re like most right-thinking people, you probably use your wireless router the way that nature intended—to broadcast wireless signals to clients. But, if you’ve flashed your router with an alternative firmware, such as the increasingly popular Tomato, you can actually run your router in reverse. In other words, you can use your wireless router to pick up the wireless signal from another source, routing it to devices connected by Ethernet.
Why?
One reason to use your Tomato-enabled wireless router as a client is to bring wireless access to a wired peripheral. For example, suppose you have a gaming console, such as an Xbox or a networked printer, which only have a wired Ethernet connection. Using a wireless router in reverse (“client mode”), you can connect to the Xbox and/or printer, and have the freedom to place them anywhere you want (well, anywhere the router can pick up the source signal, of course).
Another way to use a router in client mode is to extend a wireless network. For example, suppose your primary wireless router is on an upstairs floor, but your laptop can’t pick up the signal when downstairs. Connecting your downstairs PC to a router in client mode may let you pull in that distant signal, especially if you outfit the router with more a powerful antenna.
Technically, when in client mode, your router can only pass the incoming wireless signal to clients connected to one of the router’s LAN ports. To re-broadcast the signal wirelessly, the router would need to be configured as a repeater—unfortunately, Tomato does not yet support repeater mode. One option is to switch to DD-WRT V24, which does support repeater mode, although it is in general not as user-friendly as Tomato. Another option is to use two wireless routers—one configured in Tomato client mode, connected by Ethernet to the second router, configured as an AP (access point). [For more on DD-WRT, read “Wi-Fi Planet’s Greatest Hits: DD-WRT.”]
Keep in mind that you only need to run Tomato on the client router—the primary router can be anything. In fact, it doesn’t even need to be a router that you have administrative access to. (Did I say that out loud?)
Client mode, two ways
In fact, Tomato supports two types of client modes: wireless client mode and wireless Ethernet bridge mode. In bridge mode, the wired clients share the same subnet with the primary or “host” router. DHCP is assigned by the primary router and simply passed through by the client router.
In wireless client mode, clients make up a separate subnet from the host router. The DHCP pool is assigned by the client router. This mode is the easier of the two to setup, so we’ll start here.
Wireless client mode
Step 1—Find the network name and parameters of your primary router
When we configure Tomato in client mode, it needs to know information about the wireless network we are connecting to. Specifically, we’ll need to know the SSID of the network, its broadcast channel, and what type of security (if any) is in place. Of course, if there is security in place, you’ll need to know the password!
You may already know all this information, but if necessary you can find it all using Tomato. Log into the Tomato interface and click to Tools/Wireless Survey. On this page click the “Refresh” button and Tomato will display a summary of available wireless networks.
In this example we see a network whose SSID is hostnetwork, broadcasting on channel (Ch) 6. There is no security enabled. In contrast, you can see that the network actionteceval has WEP security enabled, as listed in the “Capabilities” column.
Step 2—Find the IP of your primary router
You’ll need to know the subnet that is assigned to your primary router. For example, many routers ship with a LAN address of 192.168.1.1. (Other common IP’s are 192.168.10.1 and 192.168.0.1).
If you have administrative access to your primary router you can log in and view its LAN address (ignore its WAN address).
Alternatively, you can associate with the router from your PC and then examine your PC’s IP configuration. You want to find the IP address of the “gateway” which will be the primary router.
There are several ways to find the IP of your gateway (primary router), but one method that works on Windows XP/Vista and Mac OS X is to open a command terminal and type:
netstat –rn
You’ll need to know the subnet of your primary router so that you can configure the IP of your client router for a different subnet.
Step 3—Configure wireless client mode settings in Tomato
Information in hand, you can log in to your Tomato router and click to Basic/Network.
If your settings page looks different than above, keep in mind that you still only need to configure the items marked here with an arrow.
Set a LAN IP address that is not on the same subnet as your primary (host) router (see step 2 above). For example, if your host router’s IP address is 192.168.1.1, then you might assign the client router 192.168.0.1 or 10.0.0.1.
Be sure that “DHCP Server” is enabled, but you can leave the other DHCP parameters “as is” unless you have a need to change them.
Save Tomato Mac Os X
In the “Wireless” section, set “Wireless Mode” to “Wireless Client.” Type the SSID of your host network into “SSID” and be sure to choose the correct channel (see step 1 above).
If your host network uses security, you’ll need to replicate those parameters here. If you have control of the primary router, it might be helpful to temporarily disable security until you verify that client mode works as expected. Then, re-enable security on the primary router and match that configuration here.
Now click “Save” at the bottom of the page. Tomato will reset the router. Keep in mind that your PC needs to be connected by Ethernet to one of the client router’s LAN ports. When Tomato resets, you may need to renew your IP address—you can do this by disabling your Ethernet adapter and then re-enabling it (or see alternative methods for Windows or Mac).
Assuming that your Tomato client router receives the wireless signal, you should be able to browse the Internet from the wired PC. Despite claims to the contrary on some Web sites, you can connect more than one device to your client router.
Note: Although your wired clients are on a separate subnet from the primary (host) router, Tomato is smart enough to properly route requests to hosts on the primary router. In other words, suppose the host router is at 192.168.1.1 and your client router is at 192.168.0.1. A client at 192.168.0.100 can access a client at 192.168.1.100 (say, to share files), assuming no other blocks are in place on the network (such as firewall settings on the primary router).
Wireless Ethernet bridge mode
At the risk of sounding redundant, wireless Ethernet bridge mode is just like wireless client mode, except that the client is bridged to the host. In bridged mode, your clients think they are connected directly to the host router. They receive their IP addresses from the host router. The client router is a transparent intermediary.
Setting up bridge mode is very similar to wireless client mode. In fact, you’ll first want to collect the same information from steps 1 and 2 above. Then log into the Tomato interface and click to Network/Basic.
In bridge mode, the LAN IP address of your client router is actually irrelevant. You could set it to 0.0.0.0 and the bridge will work. However, if you do this—or set it to an IP outside the primary router’s subnet—you will lose access to the client router’s administration interface.
For this reason, I prefer to assign the client router a LAN IP address that is available on the primary router’s subnet. If you control the primary router, you should know which IP addresses are inside the DHCP pool, and choose one outside that pool. In the above example, the host router is at 192.168.1.1 and therefore the client router has been assigned `192.168.1.2.
In the “Wireless” section, set “Wireless Mode” to “Wireless Ethernet Bridge.” Notice that some sections of the configuration page disappear, including DHCP server settings. As with setting up wireless client mode, you next configure SSID, Channel, and Security to match the primary router (see wireless client mode section above for more detail). If using security, Tomato does not support WEP in bridge mode, so you must use WPA on both host and client routers.
Click “Save” at the bottom of the page to trigger the new settings. Tomato will restart. You’ll need to renew the IP address on your client PC (see details in wireless client mode section above). If a standard renewal does not work, you may need to disable and re-enable your Ethernet adapter (I had to do this in XP). Ultimately, your client PC should receive an IP address from the DHCP server on the host router.
Remember that in bridge mode, the client router is “transparent,” so any firewall or other network functions will be left up to the host router.
Router in reverse
Running your router as a client is one of the neater things you can do with alternative firmware, such as Tomato, and is rarely if ever supported in official stock firmware.
With Tomato-compatible wireless routers available at sites, such as eBay, for chump change, wireless client mode can actually be cheaper than buying a “branded” wireless adapter for your Xbox or other wireless-challenged devices, and offer far more functionality to boot.
- Using RADIUS For WLAN Authentication - June 24, 2020
- Philly Reveals Wireless Plan - June 24, 2020
- Assigning 802.11b Access Point Channels - June 24, 2020