DD-WRT and the WRT54G-TM
So I do a lot of DD-WRT how-to's. I don't know why, I guess it's just that I seem to put DD-WRT on a bunch of different routers and decide that I'm going to document what I've done. Today's how-to is for the WRT54G-TM. Let me give you a little info on the WRT54G-TM.
The WRT54G-TM (TM stands for T-Mobile) is also called the T-Mobile "Hotspot@Home" service. It allows calls to be made via T-Mobile's GSM network or via WiFi Unlicensed Mobile Access (UMA), using the same telephone and phone number (a special dual-mode phone designed for the service is required e.g. Blackberry Pearl 8120). Additionally, once a call is in progress, one may transition from WiFi to GSM (and vice versa) seamlessly, as WiFi signal comes and goes, such as when entering or exiting a home or business. A special router is not needed to use the service, but the T-Mobile branded routers are supposed to enhance the telephone's battery life. This is the only known tweak to the TM version of the firmware. Obviously, none of this will be worth anything seeing as you're about to flash it with DD-WRT.
The hardware appears to be like WRT54GL however has 32MB ram and 8MB flash. Yeah, this thing is a monster. Until not that long ago the only way to upgrade this router was through a JTAG cable and header, but luckily we don't have to worry about that anymore. Let's get to it.
First off, download the software you're going to need. Here's a rar file with everything you're going to need. In the archive are 3 files:
CFE_Updater-WRT54G-TM.bin
dd-wrt.v24-13064_mega_generic.bin
tftp2.exe
The upgrade is pretty straight forward, but it has a little twist. The default LAN IP Address of the Linksys WRT54G-TM is 192.168.0.1. The default IP for everything else is going to be 192.168.1.1. A way around this is to simply setup 2 static IP addresses on your computer. I setup 192.168.1.9 and 192.168.0.9, but you can put whatever you want as long as they fall within the /24 subnet of 192.168.1.0 and 192.168.0.0.
1.) As always DO A HARD RESET BEFORE YOU FLASH FIRMWARE. This does not mean hitting the reset button and saying you are done. This means doing the 30-30-30 reset. To do a 30-30-30 reset you must push the reset button with your router powered on. Hold it for 30 seconds with the router powered on. STILL holding it, pull the power cord for 30 seconds. Still holding it, plug the router back in and continue to hold the reset button for 30 more seconds. You will have held the button for a full 90 seconds without releasing it. You will not get a password renewal page as you have stock Linksys firmware on the router still.
2.) Open a command prompt window and type ping -t 192.168.1.1 and hit enter. Leave this window open. We're going to come back to this later, but you need to keep this open.
3.) Log into the WRT54G-TM's web interface @ http://192.168.0.1 and go to the Administration Tab - Firmware Upgrade. Upload the CFE_Updater-WRT54G-TM.bin to the router.
!!!ATTENTION!!! You MUST wait at least 5 minutes after clicking the Upgrade button to allow the CFE_Updater to replace the stock CFE on the router and for it to erase the rest of the flash, otherwise you will brick your router.
A few seconds after clicking the Upgrade button the Linksys web interface will report that the upload has been successful and the power light will begin flashing on the router. Do NOT assume that the CFE replacement/flash erasing/reboot process has finished as the power light will continue to flash after it has rebooted. So there is no way to tell when it is ready for you to TFTP the DD-WRT firmware to it except when you begin to see the ping respond.
So once it is finished replacing the stock CFE and erasing the rest of the flash, the router will reboot. When the router is ready for the TFTP upload of the DD-WRT firmware, you will see the ping -t 192.168.1.1 begin to respond in the command prompt window that you opened before.
4.) Open up the TFTP utility and set it up like this:
The file there is the path to the dd-wrt.v24-13064_mega_generic.bin in the archive
Now click the Upgrade button. Once the firmware is sent to the router, it will reboot. The power light will change from flashing to solid when it is ready to be configured. The default IP will be 192.168.1.1.
If you do not see a progress bar as the tftp utility transmits the file, you may need to power cycle your router. Wait until the tftp utility has finished its attempts, then power cycle (possibly waiting a few seconds) and wait until you can ping 192.168.1.1 before clicking Upgrade again.
A few notes:
- Tornado has made it so that the router will retain it's MAC Address that is on the label on the bottom of the router with the new CFE replacement.
- Tornado is in the process of making a revert bin for those who may choose to revert back to the stock Linksys firmware (god only know why)
Many thanks goes out to Tornado, Eko, and Brainslayer for their work on this! Also, thanks to Luniz2k1 that wrote the original how-to that my lazy ass ripped off to make this one.
Open call for Palm Pre beta testers!
I just got done porting the PayPal Fee Calculator to the Palm Pre and now I need some beta testers. You can download the app here. Please leave a comment below with your feelings on the program itself and how it works for you. Any bugs or anything else should be posted below. Of course, you get the app free!
If you don't know how to install homebrew apps on your phone, see this link for more info.
Some of you may be a little leery about installing something like this. If you want to view the source code before you install it, just ask. It's just HTML with some java thrown in. The mobile web version can be found here. Plus, Apple didn't have any problems!
-Greg
Gregory Ledet Designs makes it to the main stage
Apple Inc. (AAPL) today accepted the first iPhone web application created by Gregory Ledet Designs. The application, PayPal Fee Calculator, is a simple calculator program that will calculate fees charged by PayPal.com and includes options for 18 different countries. When asked about how he felt about being accepted by Apple to be in their webapp store, company founder Gregory Ledet stated “This is a great honor and achievement. Apple doesn’t accept just any apps.” This is the first app created by Gregory Ledet Designs and the company is currently working to port the application to a standalone app for the iPhone and iPod Touch.
While accepted by Apple for use on their iPhone and iPod Touch, the PayPal Fee Calculator was written to work on any mobile device. The company has stated that they are currently working on other applications, but would not give any details about what they are working on. “There’s a couple of things that are in the pipeline. I didn’t want to get started on anything else until I saw what the reception to this first app was going to be” said Mr. Ledet. “It didn’t take long to put this one together, so the next app should be coming out soon”.
The PayPal Fee Calculator can be found today on the front page of Apple’s webapp store at www.apple.com/webapps.
PayPal Fee Calculator on Apple.com: http://www.apple.com/webapps/calculate/paypalfeecalculator.html
Direct link to PayPal Fee Calculator: www.gregledet.net/ppfcm.html
Apple Inc.: www.apple.com
Gregory Ledet Designs: www.gregledet.net
Le’ Day Consulting: www.ledayconsulting.com
Non-mobile version of the app: http://www.gregledet.net/?page_id=385
Turning my “iPod Touch” back into an iPhone
Short version: Vonage Mobile + iPhone = WIN!
Tolstoy version:
A few weeks back I received an iPhone 2G as a gift. My wife and I had originally bought it for my father-in-law when the iPhone first came out. He lives in Toronto and had the phone jailbroken so he could use it on Rogers' cell network up in Canada. Somehow or another the phone's firmware got updated which killed the jailbreak on the phone and he could no longer use it on the Rogers network. Well, not being a very technical guy, he thought he broke the phone. He went out and got himself a brand new iPhone 3G S and gave the 2G to me.
He knew that I would figure out a way to get it working again and he was right. After I figured out what happened to the phone to begin with, I simply upgraded to the 3.0 firmware and jailbroke the phone. Well, I don't have AT&T. In fact, I'm a Sprint customer, so I can't use it as my cell phone. Once I hacktivated the phone, I went ahead and started using it as another iPod Touch. My 2nd Gen iPod Touch is only 8GB and this one is 16, so I loaded it up with music and put it in the car (my car's radio has an iPod cable). Well, I really like the iPhone and was trying to figure out a way that I can use this thing to make calls. There's tons of VoIP apps out there, but none of them gave me the clarity I was looking for. I even tried using the Skype app and while I sounded great to the person I was calling, they sounded like crap to me. Enter Vonage Mobile.
I've been seeing commercials for Vonage Mobile for a few weeks now. It talks about how low it's international rates are and I got to wondering how it would work for domestic calls. The info in the app store said nothing of domestic calls, so I downloaded it anyway to give it a shot.
Setup was simple. When asked for my iPhone's phone number, I entered my Google Voice number. It called that number to verify and it simply went to my Treo Pro. Once everything was up and running, I made some test calls to my wife and best friend. The sound quality was amazing on both ends and best of all, domestic calls are FREE! Granted, I can't use this thing as a "real" cell phone because Vonage only works over WiFi, but when I want to call someone that I don't want to have my cell number I can use the iPhone so they get my Google Voice number. It'll also come in handy when I'm charging my Treo Pro or something. I'll figure out a way to use it pretty often.
One thing that is cool about this is if you have the cheapest plan that AT&T offers for your iPhone, you can use Vonage to make your phone calls while you're at home or around a hotspot and NOT eat up your minutes! I don't think that Vonage is advertising that you can make free domestic calls from their app, so I just thought I'd pass the info along!
Also, if setting up QoS after you do this, the ports are 5060-5062.
Western Digital MyBook World Edition Hacks
I know that I've been moving further and further away from the main purpose of this blog, and that's Cisco networking and security. I'm putting this here so I can remember how to do this stuff later and have a place to look! The MyBook World Edition is a great device that you can do tons of stuff with. It runs Linux, so just about anything you can do with Linux, you can do with this device.
First off, you need to enable SSH on your NAS. There's a few different ways of doing it. Martin Hinner was the original hack. I've used this method before and it works just fine. There's also a slightly cleaner way of doing it found here. I have both scripts on my server should something happen to either one of those.
Martin Hinner Original Hack
http://
/auth/firmware_upgrade.pl?fwserver=gregledet.net/mybook/firmware.php Slightly Cleaner Hack from Mybook-Linux
http://
/auth/firmware_upgrade.pl?fwserver=gregledet.net/mybook/enablessh.php
For both of those, simply plug the link into your browser, add the IP of your MyBook, and it will tell you that there's new firmware available. Click the button that tells you Download and Install. It's not going to take the 30 minutes that it'll say on your screen, it should take around 5 or 10. With the Hinner hack, you may get an error message saying that the firmware update failed. This happens with firmware 2.00.15 and higher. Don't fret, the script did run. You'll be fine. Continue on with the instructions.
- *NOTE* If you have an SSH client, great. If now, download PuTTY. I use it and it works perfectly fine. Login with the username "root" and the password "root".
- *NOTE* If you don't know how to use vi, or if you are uncomfortable using it, you can get a program like WinSCP that will allow you to secure FTP into the device. Then you can download the files to your computer and use the editor of your choice to edit the file (notepad works fine) and upload the new file back to the device.
If you use the Martin Hinner hack, after you install the "firmware", you need to make SSH permanent by editing the /etc/inittab and adding the following under the "# Startup the system" part of the file.
::sysinit:/usr/sbin/sshd
The other way should turn it on permanently by itself. After you add that line for the Hinner hack, or once the "firmware" is installed and you can SSH into the device, you need to reboot.
[root@MyBookWorld ~]# reboot
Now you have SSH permanently installed on your MyBook World Edition!
One error that I ran into was not being able to get mplayer CE to connect via samba to the network share on the MyBook. To fix this I had to enable Microsoft Directory Service on the device. First, you need to add the following lines to the /etc/services file.
microsoft-ds 445/tcp #Microsoft Directory Service microsoft-ds 445/udp
Add this after "snpp 444/udp # Simple Network Paging Protocol" and before "saft 487/tcp # Simple Asynchronous File Transfer". Do your best to make it fit in the file. By that, I mean use the tab key.
After this, you need to edit the /etc/inet.d file and add:
microsoft-ds stream tcp nowait root /usr/local/samba/sbin/smbd smbd -s/etc/smb.conf -l/var/log -d0
I would just add it on the second line or at the bottom. I don't think it matters.
One more file to edit. This time you need to add the following to the /etc/smb.conf file under "[global]" after "max log size = 1"
smb ports = 445
A quick reboot and you're done! This will have you connected to your Wii to stream movies with no problem.
There are tons of sites out there that have great information on hacking your MyBook World Edition. With the following 2 sites, you should be able to do whatever you want with it.
Martin Hinner's site on Hacking the MyBook World Edition
MyBook World Hacking at wikidot.com
Those sites should answer any questions you have about anything having to do with Hacking the MyBook World Edition!
DD-WRT and the WRT310N: A how-to
A few months back I was playing around with my WRT54G2 and ended up bricking it. Don't worry, if you follow the instructions in my post on upgrading the WRT54G2 to DD-WRT, you'll be fine. I was trying to put firmware on there that didn't fit and I screwed up. Well, after I bricked it, I decided to pick up a WRT310N from Best Buy. I think I paid around $100 for the router, and after bricking the last one, I decided to not upgrade it to DD-WRT. Well, that lasted until about an hour ago.
I missed the fun stuff that DD-WRT gives me. After doing some research on putting DD-WRT on the WRT310N, I decided that it wasn't very likely that I would brick the thing, so I got to work on it. First thing you are going to need is the firmware files. You can download everything you need here. In that zip file you're going to find multiple version of the firmware. I'll get to those in a second. Now, let's do this step by step.
1.) DO A HARD RESET BEFORE YOU FLASH FIRMWARE. This does not mean hitting the reset button and saying you are done. This means doing the 30-30-30 reset. To do a 30-30-30 reset you must push the reset button with your router powered on. Hold it for 30 seconds with the router powered on. STILL holding it, pull the power cord for 30 seconds. Still holding it, plug the router back in and continue to hold the reset button for 30 more seconds. You will have held the button for a full 90 seconds without releasing it. You will not get a password renewal page as you have stock Linksys firmware on the router still.
2.) Plug a cable into the lan port of the router and your computer, and disable any wireless to the computer. You may have to set a static IP on your computer (I did). Set the IP on your computer to 192.168.1.2, subnet of 255.255.255.0, and the default gateway of 192.168.1.1.
3.) Go to 192.168.1.1 in your web browser. The stock Linksys username is "admin" and the stock password is "admin".
4.) Go to the "Administration" tab and click on "Firmware Upgrade".
5.) Browse to the dd-wrt.v24_mini_wrt310n.bin file that is part of the .zip file I linked to at the top of this post. YOU NEED TO INSTALL THE MINI FIRST! You CANNOT install the standard yet.
6.) Click on the upgrade button and WAIT for the upgrade successful message. Give it some time and don't be so impatient. I have received too many emails and comments from people that get impatient and start messing with stuff before the flash is complete.
7.) Power cycle your router. (very important) WAIT until you can relogin at 192.168.1.1. This should take around 20 seconds. If it takes longer, it takes longer. Once again, don't get impatient.
8.) Once the Web GUI for DD-WRT comes up, you will be asked to change your username and password. Do this immediately.
You can now upgrade to any generic dd-wrt build except Mega and Micro, or you can just leave the mini on there. The Wiki says that you need to do a hard reset before and after flashing to new firmware, but I didn't have any problems without doing a hard reset between the mini and the standard. NEVER re-use a configuration file from a previous build or another router. Reconfigure from scratch.
Now, about the files in the .zip file. I have included a multitude of firmware packages that will run on this router. I have the standard, usb, VoIP, and VPN. All of these have different functions. I originally put the standard version on and ran into some issues because the Port Forwarding has a bug in it. You can't add ports to forward! Once I put the VPN version on, it solved the Port Forwarding issue. So, if you have to do a lot of Port Forwarding on your router, I suggest using the VPN version that is included in that .zip file.
I hope this guide helps you out. I haven't had any problems with it yet, and if I do run into issues, I'll be sure to post them here. Let me know how your upgrade went in the comments below!
-Greg
***EDIT***
I have run into 1 issue so far. I started messing around with the router trying to set up different things on it. When I really started banging on it and resetting it, I was having trouble getting an IP address over the WAN link. Granted, all this took was rebooting the router and the cable modem, but I felt like I should let you guys know.
ASA WebVPN Base Config
I have to do this pretty regularly, so I thought I'd share it here with you guys. It's pretty straight forward for you CLI junkies. Now, this is just a BASE config, so don't think this is the end-all, be-all of WebVPN configs. Of course, change the VPNPool to your own subnet.
ip local pool WebVPNPool 10.10.7.100-10.10.7.200 mask 255.255.255.0
webvpn
enable outside
svc image disk0:/anyconnect-win-2.3.0254-k9.pkg 1
svc image disk0:/anyconnect-macosx-i386-2.3.0254-k9.pkg 2
svc enable
tunnel-group-list enablegroup-policy WebVPNPolicy internal
group-policy WebVPNPolicy attributes
dns-server value YOUR.DNS.IP.HERE
vpn-tunnel-protocol svc
group-lock value WebVPNAccessProfile
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Split_Tunnel_List
default-domain value yourdomain.local
address-pools value WebVPNPool
webvpn
svc ask none default svc
hidden-shares none
file-entry disable
file-browsing disable
url-entry disabletunnel-group WebVPNAccessProfile type remote-access
tunnel-group WebVPNAccessProfile general-attributes
default-group-policy WebVPNPolicy
tunnel-group WebVPNAccessProfile webvpn-attributes
group-alias WebVPN enable
Pretty simple, huh. Have fun with it!
-Greg
Ubuntu + Netgear WGPS606 = Wireless printing!
Today I decided to upgrade my Ubuntu installation to 64bit. I've been running the 32bit version because there was no solid version of flash for the 64bit. Well, after a little research, I found Adobe's alpha version of flash for 64bit Linux.
I didn't have a printer setup in my last installation because I didn't use Linux for any kind of printing. I want to get into using Linux for more and more things, so I figured it was about time to setup my printer. I have an HP PSC 1510 All-In-One that is upstairs in my office and it's plugged into a Netgear WGPS606 Wireless print server. I have no cables running into the office (stupid apartment!), so everything up there is coming off this print server/wireless bridge. A little bit if digging and I finally figured out how to setup this print server in Ubuntu. Follow the directions below and it works like a charm. I know this had nothing to do with Cisco networking, but neither did my article on Creating a transparent signature stamp in Adobe Acrobat.
Before you get started, make sure you have the latest firmware on your print server. You can find it here. The latest firmware is 1025 as of today.
- Go to http://localhost:631
- Click "Administration" in the header.
- Authenticate with user: root, password: root's password if you are asked to.
- Click "Add Printer" in the Printers section.
- Fill in at least "Name" and click "Continue"
- In the Device Dropdown box, select "LPD/LPR Host or Printer" and click "Continue"
- In the Device URI box put "lpd://<your_wgps606_ip>/L1" or "lpd://<your_wgps606_ip>/L2". L1 is for the first printer, L2 is for the second. In my case the full URI is
lpd://192.168.1.5/L1. - Select your printer's make and click "Continue"
- Select your printer's model and click "Continue"
That's all it takes! Shoot a test page to the printer to make sure that everything is working and you should be done! If you have more than one printer plugged into the print server, simply run through the process again and put the other port number in the URI box in #7.
-Greg
Wow… I bombed that interview!
Friday I had an interview with a large insurance company in Columbus. Actually, I had 2. I went there to interview for a firewall job and once I was done with that the recruiter pulled me into another interview for a route/switch job. In the first interview, there were 5 guys in there. 4 of them actually spoke to me and 1 just sat in a corner typing away on his laptop. I don't know why, but that made me really nervous. Now, I NEVER get nervous around people, it's just not in me to do so, but this time I got real shaken up. And it hurt me in the next interview.
I was completely honest with the people in the first interview. If I didn't know a question, I told them I didn't know the answer and how I would find the answer. In the second interview though, I drew a complete blank mind. I didn't remember simple trunking protocols, something that I should remember from my CCNA. I stumbled over many questions that they asked and most of the stuff was simple things that any CCNA should know, but my mind was clouded. I choked up, I got even more nervous, and I found out this morning that they passed on me. I was told that I wasn't strong enough to work there.
I haven't heard back from the firewall job yet and I'm hoping that something comes of it. I have been in Ohio for a year and 3 days now and I have worked for a total of 3 weeks. I guess I'm really going to have to hit the books hard and get some of this basic knowledge back to the front of my mind!
The Unspoken Truth About Managing Geeks
Every once in a while, I come across an article that sticks out in my mind. This is one of those articles: The unspoken truth about managing geeks. I have never read an article that is so dead-on accurate when it comes to the intricacies of dealing with IT personnel. I highly suggest that everyone read it, even though it's a tad long at 5 pages. Also, some of the comments on Fark.com about this article pick up where the author left off.
Check it out. I promise, you won't be disappointed.