Tomato/ddrt flashed routers or flashable routers

[Negita43]

Anybody know where I can buy the former (in Thailand) or has done the latter?

 

Thanks

Edited February 14, 2017 by Negita43
said modem meant router

[Negita43]

Wow did I say modem!!! Of course I meant ROUTERS!

 

Oops

[johng]

I'm using  Linksys WRT54G  its still available in Thailand,   but I'm sure there are more up to date and higher specified routers around.

[maxpower]

Depends on your budget. Cheap options like TP-LINK base models may not provide enough flash space for your needs. Openvpn for example.

Based on your needs, its best to do some research using dd-wrt database + web reviews then check availability.

I use Asus RT-N16 which is available here.

 

No idea if pre-flashed routers are available.

[userabcd]

Tplink wr841N available in most stores selling routers. Dowload the ddwrt firmware and flash it.

[Negita43]

Thanks within reason budget not an issue  but I have read that tomato is better for open vpn and has built in tor -  anyone had experience with tomato?

 

PS Mr Thai Visa why has my email notification stopped working?

[maxpower]

13 minutes ago, userabcd said:

Tplink wr841N available in most stores selling routers. Dowload the ddwrt firmware and flash it.

V6 cannot - got to be careful what you pick up.

[maxpower]

14 minutes ago, Negita43 said:

Thanks within reason budget not an issue  but I have read that tomato is better for open vpn and has built in tor -  anyone had experience with tomato?

 

PS Mr Thai Visa why has my email notification stopped working?

If you want to use openvpn then go for Tomato - just my 10c of advice. 

[Negita43]

V6 cannot - got to be careful what you pick up.

 

That's for sure!!

 

Thanks for the tip but I think the TP link is too low a spec anyway. I'm a great believer in buying the best spec that you can afford.

[Negita43]

I'm not an IT virgin but I am new to the idea of flashing routers. if a router is "flashable" then can it be flashed with wrt or tomato (within the constraints of the firmware memory size)?

 

 

[userabcd]

Sorry, I must admit it was a few years ago that I last flashed ddwrt onto my router. If you go to the tomato websites, you can find many routers they support with their diff firmwares and then take your pick from that. It seems asus, netgear and linksys are the main brands.

[Chicog]

It's not difficult to do, but I would simply look at the list of supported routers for each and see what you can buy locally.

Having said that, most modern routers support OpenVPN, so why tinker if you aren't familiar?

 

 

[thedemon]

29 minutes ago, Negita43 said:

I'm not an IT virgin but I am new to the idea of flashing routers. if a router is "flashable" then can it be flashed with wrt or tomato (within the constraints of the firmware memory size)?

 

 

No, there has to be a build for the specific router you want to install on. As a rule for DD-WRT and Tomato, routers with chipsets other than Broadcom, Atheros or RAlink chipsets are unlikely to be supported.

 

ASUS is a safe choice in Thailand. They are widely available here. Also ASUS routers have a bootloader that will allow you access (via a utility) if something goes wrong with the flashing process so they are more or less unbrickable.

 

Often times the DD-WRT router database is out of date so do some research before you settle on a model and make sure that other users have flashed that model successfully. Just because it is possible to flash a router doesn't necessarily mean that it will be stable or that all options will be available.

 

As others have already mentioned, pay attention to the Hardware Version (V1, V2 etc) as some will/won't be supported.

 

 

 

 

[Crossy]

I have an Asus RT-AC88U flashed with the Merlin build of Asuswrt (a fork of Tomato).

 

Works very nicely, I was going to flash it with DDWRT, but Merlin does 99% of what I need :)

 

This router is also pretty well brick-proof too :)

 

[Chicog]

I've just freed up one of those by switching to the Talon.

What does Merlin give you over and above the stock firmware?

 

 

[Negita43]

Thanks everybody for your advice

 

And hi Crossy,  a pricey but well specd (8 gigabit lan ports and dual band) bit of kit 11590 at Advice. Do you use it with open vpn or l2tp?  

[Crossy]

 

@ChicogEverything you need to know is here https://asuswrt.lostrealm.ca/features

 

@Negita43 The 8 gigabit ports was one of the selling points for me, along with the USB print sharing it got rid of several boxes cluttering my desk. 

 

It's currently running with openVPN (to Ivacy) but it ran nicely on L2TP too (to StrongVPN). It also is happily running an OpenVPN server so I can access my home network from the big-bad outside world.

 

I see it supports TOR with individual client control, have to test that out too.

 

All works fine from a TOT fibre router which isn't in bridge-mode, the Asus is in the DMZ of Mr TOT (our TOT tech said he won't support us if we use bridge).

 

 

 

[Negita43]

Thanks Crossy

 

Yes that’s part of my issue I have a TOT fiber modem (no WIFI), an 8 port Tp link switch, (all used, I prefer Lan to wifi) a Zyxel Wifi and I want to simplify the setup. I run Nord VPN (they have tor over vpn) and pure VPN but I have been having problems with Nord on one of my devices.

 

I also have an Asustor NAS box which I remotely access using the proprietary Asus link (which I think is not very secure) and my TOT modem (which is now 3 years old) seems to have intermittent problems with the UpnP . I have also tried to find if there is a firmware upgrade for the modem without success. The Chinese site is unintelligible.

 

Your setup sounds good for what I want so I’ll have to save up the pennies.

 

The only thing that surprises me in what you say is that you can actually speak to a techie (in English?). I live out in the sticks and whilst the telephone support if the system goes down (my cable has been “squirelled” twice) is OK, technical communication with the guys who fix it is impossible.

 

Thanks again Crossy and everybody else who helped.

[Chicog]

4 hours ago, Crossy said:

 

@ChicogEverything you need to know is here https://asuswrt.lostrealm.ca/features

Hmmm nice. Might give that a shot.

Ta.

[muratremix]

Asuswrt - Merlin is great.

I use it on netgear r6300 v2 I bought from Amazon.com, forked by some hong kong folks. They also support other netgear models.

 

it is very very easy to set up openvpn or selective routing in asuswrt-merlin, unlike dd-wrt.

 

I have asus ac56u at home in Thailand, which I also bought from ebay brand new (it did cost me around 115 usd with taxes everything) and it is great too.

[Negita43]

Thanks everybody for your input. For your info this is what I have decided to do.

 

As I already have a gigabit 8 port switch I am going to buy an Asus AC68U for 6500 baht (around 5000 cheaper than the 88) The specs are similar except for the processor (which I am reliably informed is actually not a critical factor) , the number of lans (see above) and a better wireless spec (but still a lot better than my single band Zyzel which performs OK in my setup). I will flash with Merlin

 

I have one more question MY TOT fiber modem has options for Qos, VPN pass through, DMZ etc. Do I switch them all off in the modem and then switch on what I need in the router?

 

Thanks again

 

 

[johng]

44 minutes ago, Negita43 said:

Do I switch them all off in the modem and then switch on what I need in the router?

Best to ask ToT to put into "bridge mode"   (tinglish  "bit mode" ) I read it has to be done by the ISP   user cant do it themselves... but maybe

misinformed.

[Crossy]

51 minutes ago, Negita43 said:

I have one more question MY TOT fiber modem has options for Qos, VPN pass through, DMZ etc. Do I switch them all off in the modem and then switch on what I need in the router?

 

As with all these things there's an easy way and a hard way.

 

Simplistically.

 

The hard (but slightly better performance) is to place the TOT router in bridge mode, all the hard work is then done by the Asus (the TOT router just behaves as a fibre-Ethernet converter), you'll need all the configuration and passwords from TOT in order to set it up. Our TOT man specifically said he could not support us if we had issues when using bridge mode.

 

The easy and safe way is to configure the DMZ on your TOT router and put the Asus WAN port in it, although you have a double NAT everything works as if the TOT was in bridge mode just with slightly reduced performance. This is of course what I've done, if anything goes awry I just unplug my Asus and point the TOT man at his router :)

 

The only Asus feature that I've found doesn't work using the DMZ method is DDNS, which isn't an issue as the TOT router can do it anyway.

 

There are quite a few board members running routers of all shapes and sizes in bridge mode, but I'm a chicken.

[Negita43]

The easy and safe way is to configure the DMZ on your TOT router and put the Asus WAN port in it,

5 minutes ago, Crossy said:

 

As with all these things there's an easy way and a hard way.

 

The easy and safe way is to configure the DMZ on your TOT router and put the Asus WAN port in it,

 

 

Your a chicken and I'm a noob - can you explain what you mean by "put the asus wan port in it". do you mean the ip address of the router and would I use something like angry ip to get that?

[Crossy]

OK Step by step (from my head so I may have forgotten something).

1. Let TOT get the connection working and set up the wireless on the TOT router.
2. Log on to the TOT router using WiFi or LAN port and the creds you asked the man for (likely 192.168.1.254 user - telecomadmin password - admintelecom)
3. Set the TOT DMZ to 192.168.10.1
4. Change the TOT LAN IP to 192.168.10.254
5. Change anything else you see with 192.168.1.xxx to 192.168.10.xxx just to be sure.
6. Save the configuration
7. Reboot the TOT router
8. Check you can still connect to the TOT wireless and the internet.

At the Asus.

1. Connect the Asus WAN port to one of the LAN ports on the TOT with a short network cable.
2. Log on to the Asus (probably 192.168.1.254 check the manual for default user and password) via WiFi or LAN port
3. Set the Asus WAN port to fixed IP and 192.168.10.1 subnet 255.255.255.0 gateway 192.168.10.254
4. Connect to the Asus and see if you can get to the internet.
5. Configure the Asus as you wish :)

 

 

 

 

[Negita43]

Thank you very much

 

You are a gem

 

Not relevant I know but my TOT modem has no wifi just lan ports

[maxpower]

You are paying 6500 Baht for superior hardware. Bridge the ISP hardware and don't worry about them not supporting you. A beer or a few Baht fixes anything here.

Making major config changes over WiFi is a no no. Setup up each device individually via a LAN cable then bring them together.

Always have a fall back plan. Yours would be having the ability to get TOTS hardware back to normal should you make a mistake.

[Crossy]

Whilst I agree in principle maxpower, not mucking with the TOT config other than the LAN IP is safe for the amateur and you can always go back with a simple change. You can even still talk to the TOT router on its LAN IP address.

 

The performance hit for most domestic applications, whilst definitely there, is negligible, it's only NATing to one LAN IP (the WAN port of the Asus).

 

 

 

[maxpower]

1 minute ago, Crossy said:

Whilst I agree in principle maxpower, not mucking with the TOT config other than the LAN IP is safe for the amateur and you can always go back with a simple change. You can even still talk to the TOT router on its LAN IP address.

 

The performance hit for most domestic applications, whilst definitely there, is negligible, it's only NATing to one LAN IP (the WAN port of the Asus).

 

 

 

I totally agree with what you are saying. Just giving the guy a steeper learning curve with a plan if he screws up. If he was about to purchase a piece of junk I probably would not have made the suggestion.

[Negita43]

Hi thanks both of you.

 

1. I have virtually no contact with TOT tech and when I do they cannot even speak a little English so for me dealing with them is very difficult. I remember (before I had the fiber) showing them a traceroute output that clearly showed their international gateway was slowing everything down. They could not understand it or they weren't interested.

 

I don't live in Bangkok I live in Korat and I suspect things might be different (better) in Bangkok

 

2. The other thing is that I have read up on DMZ and that appears to open up my private network (192.168.X.X) to intrusion so I presume I would have to set up some security on the router.

I have ordered the Asus router and when it gets here I will play around a little and see what happens.

 

Another possibility is to also replace the fiber modem with something that has a manual and is supported by English speakers but I'm not sure how practical that is. As I said before I have been to the fiberhome website but I can't find anything useful - FYI here's a picture of my modem

 

Thanks again both of you