DD-WRT, Tomato by Shibby or Tomato by Toastman Firmware for Asus RT-N12 Wireless N Router?

First of all, I want to make sure that the reader knows that all the content here is from my own experience. Please try it yourself if you want to really know about it.

I remember that I used DD-WRT since it's first release to work for Linksys WRT54G.  As a long time user for DD-WRT, last week, I spent the entire night to setup both Asus RT-N12 B1 and C1 model using DD-WRT firmware. I expected it to be fast and easy.  My goal is to have 3 networks both wired and wireless on the same router separated by VLANBridge is used to join the Wired and Wireless. All of them will have different IP address group. DD-WRT should be so easy to do it since I'm currently using similar configuration on Linksys WRT54G V3 with DD-WRT build 15230M and it all works fine since the last couple years until now.

I tried both Asus RT-N12 B1 and C1 (From what I know, both models are the same except the external appearance.), I followed the same configuration shows here -> http://www.dd-wrt.com/wiki/index.php/Multiple_WLANs  with many DD-WRT firmwares build between 18946 - 20119.  (One reason is that C1 model required build 18702 or above.)  I couldn't make it works at all. I tried both wired and wireless and what I usually got is the same IP address group from the main router setup.  Sometime, I could get different IP address from another group but it was so random. Most of the time, the IP I got will be from the main router setup. That means I couldn't separate it into different network with VLAN at all. It was unreliable.  I even compared to the working WRT54G router. Tried to do exactly the same but it doesn't work as I expected. It could be because it's not Linksys WRT54G? or the newer firmware doesn't work correctly with Wireless N router? I'm not sure. That day, I gave up after spending like 6 - 7 hours.

Yesterday, I decided to try it again with Asus RT-N12 C1 and DD-WRT build 20119. Took me about 2 hours for nothing. The result was exactly the same as last week. At that time, I was pretty sure that it was not my setup. It could be the problem with firmware.  So, I started to look for an alternative and Tomato firmware was what I got. I used to overlook Tomato long time ago because there was no support for Virtual Wireless Interface at that time, but with today build, the feature is now available.

I started with Tomato by Shibby build name tomato-K26-1.28.RT-N5x-MIPSR2-104-Max.trx   I know, file size is around 6MB and some said the router has only 4MB. Trust me, it works on this Asus RT-N12 C1 router.  When set up, everything seems to work great except VLAN for local port. When enter the Tomato setup screen, what I saw was a bit strange. Port 4 on screen is default to VLAN1 which is WAN port in Bridge column. While the WAN Port is default to VLAN0 which is LAN (br0) in Bridge column.

When I made any change on this screen, it required to reboot, then, the VLAN0 will always went back to default. I couldn't make it work this way. So, I decided to switch to Tomato by Toastman firmware build name tomato-K26-1.28.0500.5MIPSR2Toastman-RT-N-VLAN-Std.trx  (Note : Toastman build is hosted on 4shared and it is required to have an account with 4shared to download it.)  My first time with Toastman build didn't leave me any impression to continue. The firmware didn't assign any IP address to the client device automatically with default factory setting. (Oh, I always did 30/30/30 reset. without it, many strange problems usually appear.)  I had to manually change my IP address to 192.168.1.2 to access the router at 192.168.1.1. I, then, went into VLAN interface to check it and it looks exactly the same as Shibby build.  With that, I decided to go back to Shibby build to work more on it. But this time, I tried to created VLAN2 and VLAN3, move everything in VLAN0 to them. Also moved LAN (br0) to VLAN2. Saved and reboot, once reboot, here is what I got :

You will see Port 1, 2, 3, WAN Port and also default have duplicate entries in there. All of them were reset to the default except Bridge column. Anyway, it seems to work now.  Port 4 in Shibby screen is actually the physical WAN port. The WAN port in Shibby screen is the physical Port 4. Since I want to separate physical port 4 to another VLAN, I set the WAN port in the screen to VLAN3.  That was it. Now it worked as I expected. Moreover, I'm not sure if I understand correctly or not. It seems like VLAN in Tomato by Shibby firmware is already protect other VLAN to access it. I do not need to use Firewall rules to block anything here. Each VLAN can't access other VLAN by default which is great.

Tomato by Shibby firmware set up is quite different to DD-WRT but it is not difficult. In fact, it's pretty easy since the features from Shibby is less than DD-WRT. Thanks to Shibby to release a great alternative firmware to DD-WRT that I can work on :)

Note about problem with Tomato by Shibby Firmware :

1. VLAN Layout on the web interface is different to the Physical port.
2. Virtual Wireless Interface doesn't work as expected. I can randomly connect to only one single network at a time until reboot. Then, I decided to set default MAC address instead of Random one. (Advanced -> MAC Address) The problem goes away.
3. Update (2012.02.24) : VLAN setup seems to be strange. I tried it again yesterday with different set up. Now, I want to use port 1-2 on VLAN2 and port 3-4 on VLAN3. For some reason, I endup with Port 1 - 3 on one VLAN while port 4 + WAN port on another VLAN. The real physical port I got is quite different to GUI setup as image below : (I also deleted VLAN0 so that the setup won't reset back to default once restart the router.)

Strange VLAN setup
 

 

Source :
- Tomato by Shibby - http://tomato.groov.pl/
- Tomato by Toastman - http://www.4shared.com/dir/v1BuINP3/Toastman_Builds.html#dir=419837610
- DD-WRT - http://www.dd-wrt.com
- DD-WRT - Multiple WLANS - http://www.dd-wrt.com/wiki/index.php/Multiple_WLANs

Update (2012.12.24) : Tomato by Toastman can also be downloaded through Mediafire here -> http://www.mediafire.com/?88t1vzzcgrphx

 

Virtual Wireless Bridge Setup

LAN

 

Wireless Interfaces details

Comments

Which tomato firmware you've tested that worked with WRT54Gv3? I have one of this router, but there are too many posters out there experiencing problems with different WRT54G, but none says much of v3, and not sure if you have done anything with it. It would be nice to know if you do. I'm looking more into the VPN feature.

Sorry, I didn't test any TomatoUSB firmware with Linksys WRT54G. I only tested it on Asus RT-N12 router. Since it works great in Asus, it should work fine in WRT54G though.

I made my CW-5358U VLAN work by following what you did. BTW, I am using Shibby 108.

When you say "My first time with Toastman build didn't leave me any impression to continue. The firmware didn't assign any IP address to the client device automatically with default factory setting."

It's normal. The DHCP is disable by default on toastman build. (See this thread : http://linksysinfo.org/index.php?threads/toastman-releases.36106/ )

Thanks for letting me know. Actually, I already knew that. Still, I'm quite used to the way the router assigns IP automatically after reset. So, I still do not like the way Toastman decided to do that.

In enterprise setups we would never consider using DHCP to assign IP's to clients. We would have no idea when something goes wrong, what client is responsible. Toastman explains clearly the reasons why he did it, when routers fail and reboot they will begin to issue the wrong IP's, DNS, etc. to existing clients, creating an unnecessary mess. For the same reason he explains that he never uses 192.168.1.1 for router addresses, any router that loses it's NVRAM setting will pop up using 192.168.1.1 with DHCP switched off (by default) and thus cannot harm anything, but is easily found for repairs.

You may not like it, but it is perfectly normal and logical thing to do. In fact, I applaud the decision to do it, it shows deep understanding of the real issues faced by us in the real world.

I never thought about Toastman's decision until one of my access points failed last week and came up on 192.168.1.1 and began issuing wrong IP's to everyone. It also meant that there were now 2 units bearing the same IP claiming to be the gateway to the internet. Depending which one answered clients would get no access. It took 2 days afterwards for the mess to sort itself out.

Toastman, you once again prove that you think outside the box to avoid problems. Sorry I doubted you!

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.