How to Flash the WRT54GL with DD-WRT Firmware

**DISCLAIMER** The following instructions are provided without warranty of any kind. Flashing firmware does not come without risk. I will not be held responsible for any resulting equipment failure or otherwise undesirable results. Proceed at your own risk.

This tutorial explains how I successfully flashed my Linksys WRT54GL version 1.1 with the open source DD-WRT version 23 SP2 VPN firmware (generic).

Before proceeding, verify your WRT54GL is version 1.1. Per Wikipedia entry and DD-WRT Wiki), you can tell which version you have by checking the serial number. The serial number should be located on a sticker underneath the router. The serial number prefix CL7B corresponds to version 1.1 and CL7A corresponds to version 1.0.

Don’t despair if your router is version 1.0. You can still flash to the DD-WRT firmware. However, the process will be different due to a flash file size limit on the version 1.0 WRT54GL firmware. The main difference is that you will need to flash to a smaller version of the DD-WRT firmware (the mini version) first and then re-flash to the standard, VOIP, or VPN versions.

As a bit of background information, used a fully patched (as of April 6, 2007) Windows XP Pro with Service Pack 2 (SP2) and Internet Explorer 6 during the firmware upgrade process. The OS and web browser shouldn’t matter, but I have heard reports of Firefox causing some problems with the Flash for some people in the past though others have claimed to use Firefox without any problems.

Before you begin, download the package and version of the DD-WRT firmware best suited to your needs. This tutorial walks through flashing to the open source DD-WRT version 23 SP2 VPN firmware. Once you’ve downloaded the file, go ahead an unzip the files. The zip package contains several files, you will only need the “DD-WRT.v23_vpn_generic” file. We’re going to be using the generic file rather than the wrt54g file because we’re going to be using the web GUI to upload the file.

I recommend verifying the MD5SUM hash of the “DD-WRT.v23_vpn_generic” file to ensure the download wasn’t corrupt or hasn’t been comprised. If you don’t already have a tool to calculate MD5SUMs, I currently use HashCalc. I like it because it can calculate many different hash types, not just MD5s. The signature of the file should be baf91850d3204fd64b120467425b4a11. If you plan on flashing a different version, you can find of list of signatures on the DD-WRT hashes page.

Since you will not have Internet access during this process, I recommend copying the information from the following pages into a document:

It is best to turn off your firewall and anti-virus software during this process to ensure that nothing interrupts the firmware flash. An interruption could cause the flash to fail and brick your router. If something does go wrong you may be able to recover from a bad flash.

I almost forgot to mention that you should ONLY perform the flash through an Ethernet cable using standard http (not https). Do not do this wirelessly (for the extremely caution, temporarily disable the wireless adapter on your computer to ensure your connecting through a wired connection). Plug the blue Ethernet (Cat5/RJ45) cable that came with your router into the Network Interface Card (NIC) on the back of your computer and into one of the ports labeled 1, 2, 3, or 4. The “Internet” port on your router should be connected to your broadband source (e.g., cable or DSL modem). Please ignore the extra cable in the picture. It is not needed for the flash to work.

Linksys WRT54GL Cable Connections

The last item that needs to be completed before uploading the new firmware is to reset your Linksys router to the factory defaults. More than one way to do this exists:

  • Selecting reset button within the web interface
  • Holding the reset button on the back of the router for 30 seconds

To reset the router to firmware defaults, go to the internal IP address of your router (most likely 192.168.1.1) and login with the user name and password you setup when you first installed the router (if you don’t remember, use the reset button method). Once logged in, go to “Administration” tab and the “Factory Defaults” sub-tab. Select the “Yes” radio button next to “Restore Factory Defaults” then select “Save Settings”.

Linksys Restore

If the reset was successful, you will see a page that says “Settings are successful. You will be returned to the previous page after several seconds.”

Linksys Reset Confirmation

Now that everything is setup we can begin the process of actually performing the flash. To upload the firmware, navigate to the “Firmware Upgrade” sub-tab under the “Administration” tab. On this page, select “Browse” to go to the place where you saved the “DD-WRT.v23_vpn_generic” file. Once located, select open and then the “Upgrade” button. Please wait patiently for the upload to complete. Whatever you do, DO NOT interrupt it. Walk away for a few minutes if your one of those people who tend to get impatient and cannot resist clicking buttons when things do not seem to be working as quickly as you think they should.

If all goes as well as expected, you will greeted by a screen that says “Upgrade is successful”. Next, click the “continue” button. If not successful, simply re-try the same steps or research the DD-WRT wiki for more info.

Firmware Upload

Next, you should see is a prompt to login to the new DD-WRT interface. The default user name is “root” and the default password is “admin”. Be warned, I wasn’t able to log-in initially even though I got this prompt. I’ll explain how I got resolved this momentarily.

DD-WRT log-in

To confirm that your router is working you should ping it. To ping your router, go to “Start > Run” in windows. Then type in “cmd” and hit “ok”. At the command prompt type in “ping 192.168.1.1″. If the router is online, you will get a ping response that says Packets Sent = 4, Received = 4, Lost = 0 (0% lost).”

Ping

Since the DD-WRT web interface didn’t come up right after the flash, I reset the new DD-WRT firmware back to firmware defaults. To do this you need to hold the reset button on the back of the router while unplugging the router. Continue to hold the reset button as you re-plug in the router. Once the router is plugged in you should continue holding the reset button for 30 seconds to complete the hard reset. This procedure is tricky so you may have to try a couple of times to get it exactly right (I did).

Once reset, go back to Internet Explorer (or your preferred browser) and navigate to 192.168.1.1. At the prompt enter in “root” for the user name and “admin” as the password. The DD-WRT web interface should come up this time.

DD-WRT Interface

Congratulations, you’ve successfully flashed your router! Since you’ve successfully flashed your WRT54G, you may be interested in Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network.

Now that your running DD-WRT firmware, make sure to make use of all the available security features. See my post on Securing Your Wireless Connection and other post in the DD-WRT category.

If you liked this post, consider subscribing to my feed and/or sending me something from my wish list.

199 Responses to “How to Flash the WRT54GL with DD-WRT Firmware”

  1. Mark says:

    I read the mryiad pages on the dd-wrt wiki and felt overwhelmed by it all. That is, until I read your page!
    From removing the shrink wrap on my new Router to a completed installation took just ten mins.
    Thank you!

  2. Matt says:

    Mark, I’m glad my tutorial could help. I tried my best to explain the whole process of installing the dd-wrt firmware from start to finish.

    The dd-wrt wiki has all the information needed to successfully install the firmware, but it is spread out over several pages because it tries to provide instructions for several different router types, etc. I wanted to consolidate all of the information onto a single page with plenty of screen shots and lots of background information so that someone with a similar computer setup as myself could easily install this great firmware.

    I have an college degree in Information Systems and must admit that I had to read through the wiki several times to get a firm grasp on everything I needed to do because I was afraid of bricking my brand new router. I knew when I started the installation that I wanted to share what I learned with others so I made sure to take lots of print screens.

    Thanks for letting me know that my instructions helped you. Its good to know that I was able to do something for someone else. I use a ton of open source software but am not a programmer so I do what I can to give back to the community.

    Enjoy your new router and keep an eye out for some more great tutorials to come from my site.

  3. Jerome says:

    Thanks alot for this. I was quite stuck and worried that I might’ve bricked my player somehow. Your guide is perfect.

  4. Matt says:

    Jerome, your quite welcome. I’m glad my post could be of some help. Thanks for letting me know it helped you out.

  5. Moha says:

    Thank you. I used it for DD-WRT stnadard. The method is same. I takes really for 10 minutes.

  6. Matt says:

    Thanks for letting me know my tutorial also works for the standard version of DD-WRT. I thought it would since the VPN version is the largest and most complex. Glad I could be of help.

  7. [...] be useful to most of my blog readers. Plus, this is a natural progression from my recent post about How to Flash the WRT54GL with DD-WRT Firmware. This post will not cover the intricate details of the hows and whys of wireless security nor will [...]

  8. Jean-François says:

    Thank you so much!

    I was in a state of shock when I wasn’t able to log in right after I’ve upgraded the firmware but thanks to your easy solution everything is fine right now!

    (State of shock because I bricked my WRT54G the day before =/)

  9. Matt says:

    Jean-Francois,

    No problem…I too freaked out for a second when I couldn’t immediately log in after the upgrade, but tried the suggestion of unplugging while resetting (originally noted on the DD-WRT wiki) and got it to work. Thus, I was sure to include it in my instructions.

    Thanks for letting me know you found these instructions helpful!
    Now that you’ve got your router running, I suggest reading my follow-up post on Securing Your Wireless Network

  10. Erik Frankenfeld says:

    Great guide!
    I received my brand new WRT54GL with serial CL7B… yesterday. Today Saturday after 30 minutes work I’m running DD-WRT v23 SP2 on it. I found all information in your guide to be correct.

  11. Matt says:

    Thanks Erik. Enjoy your new Firmware!!!

  12. Adam says:

    Awesome article! I finally got my router running DD-WRT!

    -A

  13. Matt says:

    I appreciate the complement Adam. I did my best to provide a full explanation of every step required to successfully flash the router in a single post.

    –Matt

  14. [...] Edit: I forgot to mention that I used this tutorial. [...]

  15. Adam says:

    “I did my best to provide a full explanation of every step required to successfully flash the router in a single post.”

    And it worked the first try. Better than the wiki entries on the DD-WRT site. Btw.. I corrected my post on my blog where I mentioned DD-WRT because I realized I forgot to link to your article! D’Oh!

    -A

  16. Matt says:

    Making this work on the first try was my goal. The DD-WRT wiki has lots of great information, but you must dig around to find it. Plus, there is so much info that isn’t relevant to the average user’s setup. That’s why I wanted to put all of this stuff on a single page.

    BTW, thanks for the link back!!!

  17. kohan69 says:

    Great guide, but 2 things:

    My hash was different.
    You should specify that after doing FACTORY RESET the password/login is admin/admin

    I knew that, some people might not

    -kohan69

  18. Matt says:

    Thanks kohan69,

    I appreciate your tips, but I did specify the password/login after doing the factory reset as stated in the following sentence: “The next thing you should see is a prompt to login to the new dd-wrt interface. The default user name is “root” and the default password is “admin”.”

    If your hash is different, you either had a corrupt file or more than likely installed a different version of the DD-WRT firmware. I provided the hash for the “dd-wrt.v23_vpn_generic” file and provided a link to the hash page for people installing different versions. Installing a different version would explain why your default password/login is admin/admin and not root/admin.

    Thanks again and enjoy your new firmware!

  19. Adam says:

    If I remember correctly from reading through the wiki, old versions have the default as “admin/admin”

    -A

  20. Matt says:

    I think you’re are correct Adam. I’m pretty certain the old versions had a default password of admin. I think you could get away with leaving the username blank though. Just going by the Wiki….never used the older firmware.

  21. kohan69 says:

    Sorry, my mistake. I downloaded dd-wrt.v23 the non-SP2 version, that’s why my hash was different.

    But you misunderstood me about the password. I was referring to the login of linksys default firmware.

    In your steps the user:
    1. Using the default linksys firmware, resets the settings to factory defaults.
    2. The user proceeds to upgrade firmware.

    Well, after resetting to factory defaults, the user is prompted to login to the default firmware. And the user/password for factory defaults of linksys’ forimware is admin/admin

  22. Matt says:

    Thanks kohan69 for clarifying. I did mis-understand you…I didn’t mention the default user/password for the Linksys firmware because I assumed most of the readers of this tutorial had changed the user name and password when they first set-up their Linksys. I suppose it’s worth mentioning the default user name and password is admin/admin for the users who haven’t changed that information.

    I highly, highly recommend that people change the default log-in and passwords for all routers and any other software they own. It is particular dangerous to have a default router user name and password combination because of a potential hack. See Symantec’s article on “Drive-By Pharming: How Clicking on a Link Can Cost You Dearly.”

  23. Zap! says:

    I had problems with Httpd restarting after the flash… your 30 second reset instructions got it going.. Thanks your ROCK DUDE!

  24. Matt says:

    Thanks Zap! The 30 second reset thing is very strange, but it definetly works…can’t explain why. I can’t take credit for the idea, I first noticed it installation wiki.

    Just about everyting included on my instructions is contained on the DD-WRT wiki; I just consolodated and expanded on all the things relevent to the Linksys WRT54GL version 1.1 with the open source dd-wrt version 23 SP2 VPN firmware (generic).

  25. elints says:

    I read your instructions and those on the wiki. Then I ordered the DD-WRT54 v1.1 gl from Newegg.This was going to be a replacement for my old Linksys NR041. I did not want to install a wireless router until I felt I had some security that isn’t available with the manufacturer’s provided software.

    I unplugged the from the hub and plugged it into the gl, logged in and flashed the dd-wrt.v23 generic. Everything went as described except I had openSuSe running and used Firefox. It was quick and clean. After I removed the old NR and placed the dd-wrt in service, all it took was a 30 second power off of the modem and router and I was back online. I plugged in a Linksys USB wireless stick and it work without a hitch.

    Thanks for the tutorial.

  26. Matt says:

    elints, your more than welcome. Its good to know the tutorial works the same in openSuSe.

  27. [...] How to Flash the WRT54GL with DD-WRT Firmware – a detailed tutorial explaining how to flash a Linksys WRT54GL with the popular and powerful DD-WRT firmware. [...]

  28. Ran Sagy says:

    Nice article, Matt. Can you comment on the performance of the router when heavy traffic is running? (P2P, BT for example)

    My GL1.1 is running the Linksys firmware now, But i’m worried if i’ll be able to get online (L2TP connection) and run everything stable.

  29. Lee says:

    I’m just getting into this and will be attempting an “upgrade” of a WRT54G Ver 4 next week. I’ve yet to come across a description of the features offered by each of the firmware loads, VPN, VoIP, generic, etc. I want to use the router primarily as a PPTP server, do all the loads support that feature or do I have to go with the specific VPN load? If i do am I missing out on other features? What does the VoIP load give you that the others don’t? Thanks

  30. Matt says:

    @Ran Sagy: I’m not much of a P2P user. I might use BitTorrent (BT) to download a Linux distro to help some open source projects save some of their bandwidth when I download large files, but that is about it. I haven’t done that with dd-wrt installed so I can’t really comment on how it performs.

    With that being said, I believe the dd-wrt would work as good, if not better, as any other Linksys routers under heavy loads. I think your Internet connection speed would slow you down before the router does. One thing you need to be aware of is to set the max number of connections to the router to a large number (around 100) so lots of BT users can connect to your router. I recommend checking out the Router Slowdown page on the dd-wrt wiki.

    One feature you may find useful on the dd-wrt is Quality of Service (QOS). QOS allows you to prioritize traffic by protocol. Basically, you can some applications to have priority over others. I would set everything as more important than BT so my web surfing or whatever wouldn’t slow down because of BT hogging all the bandwidth. The neat thing about QOS is that BT would only be restricted when other protocol traffic is present. Thus, when you’re away from your computer, BT could run at full speed.

    Please clarify “My GL1.1 is running the Linksys firmware now, But i’m worried if i’ll be able to get online (L2TP connection) and run everything stable.” Are you wanting to run an L2TP server yourself or connect to a VPN box on someone else’s network via L2TP?

    The dd-wrt will not function as a L2TP server (though it can function as a VPN server using OpenVPN which uses the SSL protocol in place of L2TP. Another solution would be to run an L2TP server on your home network and port forward traffic to it. I would put it in the Demilitarized Zone (DMZ) to help protect the rest of your network from outside attacks.

    If you’re just wanting to connect to another network via L2TP, its very easy. The dd-wrt allows VPN passthroughs of IPSec, PP2P, and L2TP. The VPN passthrough allows you to run one of these VPN services on a server in your network, not on the router. Thus, you could set-up L2TP and the router would let external machines connect through it to the L2TP server.

    Please let me know if you have any other questions.

  31. Ran Sagy says:

    Thanks for the comment, Matt. My ISP allows me to establish a connection only through its L2TP server, So i imagine the passthrough should work. However, When i tried the Thinbor firmware, I couldn’t get online for some reason, I never had a ping to the ISP’s L2TP server no matter what i did.

  32. Matt says:

    @Lee: I decided to split this response b/c my last reply to Ran Sagy was so long.

    Rather than trying explain what what each of the different firmware versions offer, I recommend you check out this chart. I’m not sure which firmware loads support the feature of acting as a PP2P server, but I believe both the VOIP and VPN versions do.

    All version of the firmware should allow you to connect to PP2P VPN servers, but not all of them will act as a PP2P server. Personally, I would not run a PP2P VPN server because PP2P is not secure and could allow people to comprise your network. Read this post you’ll know why PP2P should NOT be used.

    If for some reason you must run a PP2P server, the wiki has instructions on setting up dd-wrt to do this. You should also look at PPTP Tunneling

    SSL VPN is much more secure solution than PP2P. Only the VPN version of the firmware allows you to run a SSL VPN Server via OpenVPN.

    I think the main difference of the VOIP version of the firmware is it allows you to plug a VOIP phone directly into your dd-wrt router rather than requiring you to turn your computer on (see the DD-WRT Glossary for VOIP). This is really only useful if you’re using Vonage or some other similar service.

    I hope you’re not more confused than you were before I responded Lee. If so, just send me your questions and I’ll try to clarify anything I confused you on.

  33. Matt says:

    @Ran Sagy: I made one minor adjustment to my comment after realizing I mis-defined the passthrough feature. Please see the edit on Comment 27.

    I don’t know why an ISP would want to restrict your connection opens, but ISPs are doing that more and more these days. Just out of curiosity, could you explain why your ISP has an L2TP server you need to connect through?

    Depending on how they are filtering/restricting traffic, you might be able to use SSH Port Forwarding to make any protocol look like standard Internet traffic. I would use port 443 which is used by https. An ISP must allow port 443 because all secure websites use this port; plus 443 is always encrypted so seeing encrypted traffic come through this port wouldn’t look strange. I don’t recommend doing this if you’re going to breaking some kind of terms of service by circumventing your ISP’s restrictions.

    SSH isn’t as robust as VPN because I believe it only allows you to forward one port at a time whereas all ports are available through a VPN tunnel. However, SSH is still secure. SSH may work for you depending on your needs. Another tool to check out is Hamachi.

  34. Ran Sagy says:

    Perhaps i mis-represented my case. I simply need to ‘dial’ to an L2TP VPN to get online. After that i can use the connection normally. Similar to the default firmware’s L2TP feature.

  35. Matt says:

    I just mis-understood your need. I’m believe the L2TP passthrough would work, but am not sure. You’ve got an unusual connection case.

  36. Lee says:

    Matt
    Thanks for the link to the chart, that’s exactly what I was looking for. The reason for using PPTP, even with it’s faults, is so that I can use my Palm Tungsten C, when travelling. It only comes with a PPTP client, and since I won’t be using it for long on any one access point (just email), there shouldn’t be a problem, it’s better than using nothing. I currently have it working via a computer running WinXP PPTP server at home. I’d like to get away from having to leave the computer on all the time. If i read the chart correctly then all the loads support both PPTP client and server? I may try the VoIP load, just to play with as I have a number of VoIP ATA’s that I use with Freeworlddialup. I can’t see that load making the Linksys work as an ATA as it would have to have a jack to plug in a phone,may be a SIP server.

  37. Matt says:

    Lee, I’m glad that chart helped. I agree that if you’re only using your Palm to check email then PPTP should work fine. It is better than nothing. Besides, the chances of people cracking the PPTP on random access points you’re using for a short period of time is small.

    I think you’re correct, all the loads support a PPTP client and server (excluding the micro load).

    Good point about the VoIP load…I never had a need for VoIP and didn’t think about the Linksys missing the phone plug. If you go with the VoIP version, I’d be curious to hear about what some of the other features do.

  38. Lee says:

    Well since last week I’ve updated a WRT54G ver. 4 to the VoIP firmware V23 SP2. It looks like the VoIP will act as a very basic PBX allowing your ATA (analogue telephone adapters) to route internal calls directly to each other rather than going to Vonage, FWD or whoever you are using, and then back, thus saving you money if you pay per call. It’s OK, but not something a lot of people will make use off given the cost of ATA’s or VoIP phones. The notes on the web pages indicate it is still a work in progress. It also looks like you have to be able to configure your ATA’s as well, and most if not all of the commercially supplied ones are locked to the provider.

    I’ve been able to get the VPN using PPTP via both my Palm Tungsten C and a laptop running XP home. I can surf the net and send and retrieve emails using my providers SMTP. However, I’m unable to “see” any of the devices on my home network. I had assumed that I should be able to use the browser and go into any device on my network. I have even tried using windows explorer to see a network web server, no dice. If I go to the IP of the router (192.168.1.1) I get the router on the network I’m going out on , not the one at home. Does the IP have to be different? I’d love to change my home network to something like 192.168.5.XXX, but the DD-WRT only allows the router to be a “1″. Any reason why I can go out of the router back to the web but can’t get to a device on my home network? Is there a setting in the WRT54G that need to be enabled? Thanks

  39. Matt says:

    Thanks for letting me know what the VoIP version of the DD-WRT firmware offers. I’d agree that not many people will find it useful due to the cost and complexity, but it is neat that you can sort of configure your own PBX with a Linksys router.

    Are you sure you can’t change the router’s IP to 132.168.5.xxx. I have this option under Setup > Basic Setup. It appears in the Router IP title.

    I’m not sure why you can only connect back to the Internet and not to any device. It sounds like you have a routed connection rather than a bridged connection. A bridged connection will make whatever computer your connecting with look just like a member of the LAN.

  40. Lee says:

    Yes, you’re right about the IP for the router. It’s the DHCP server that doesn’t have the flexability to change from a “1″. I will play with the IP setting, will try on one of my servers first to see if I can’t reach it through VPN. I was expecting that i would have something like the “bridged” connection that you mention, by default.

  41. Matt says:

    I see what you’re talking about now Lee. I guess I should have read your post a bit closer. You’re right, there isn’t a way to change the IP to something other than “1″ for the DHCP.

    I haven’t messed with the PPTP VPN at all. However, from my research of SSL VPN via OpenVPN, I have learned that Bridged connections are not the default/standard setup. Of course OpenVPN is entirely different than PPTP, but if a bridged connection is standard there it might not be in PPTP.

    Like I said, I haven’t looked at PPTP enough to even know what, if any, options are available for the connection settings. OpenVPN requires you to provide information in the start up scripts. I also found that some useful information can be obtained by logging into the router via SSH and using the Linux shell.

  42. Lee says:

    Well I can now “see” devices on my network when using a browser. Changed all the IP’s of the static devices to 192.168.5.XXX. Also changed the IP’s that the routers assigns for PPTP to match. All subnet masks changed to 255.255.0.0, router too. Left the router IP as 192.168.1.1 for the time being. The one thing I can’t do, yet, is see the devices when using Windows Explorer, like my disk servers or other computers left on on my home network. Maybe there is another protocol thet windows uses that isn’t supported over PPTP?

  43. Rock says:

    hello saw yr guide is pretty amazing few question to ask what is the purpose of having a 3party firmware install does it bost bt speed? or just do it for fun sorry I am new to the router thing hehe hope you reply~

  44. Kleinenbroicher says:

    Thanks a lot for your guide. I guess it saved me a lot of time by not reading the general WIKI but special instructions for my hard- and firmware.

    Just one note: I didn’t even get a login prompt after flashing the firmware. I guess I would have hyperventilated if I had not read your guide … ;-)
    But after resetting the router everything worked fine.

    Cheers,

    Kleinenbroicher

  45. Matt says:

    @Lee: I apologize for my delayed response. To be honest I have no idea why you can’t see your in Windows Explorer. It could be possible that Windows uses a different protocol over PPTP, but being how PPTP used to be Microsoft’s preferred VPN protocol it doesn’t seem likely. You mentioned the only thing you can’t do yet is see the device in Explorer. I guess that means you’re able to connect to them and use them, just not easily traverse through their folders?

    @Rock: Several good reasons exist to have 3rd party firmware installed. Unfortunately, a speed boost isn’t one of them. 3rd party firmware offers a lot more support for advance router features such as Quality of Service, VPN, static/dynamic routing, extra firewall configurations, increasing signal power (better wireless range), etc. Plus, its fun if you’re a geek like me ;)

    @Kleinenbroicher: I’m glad you found the guide useful. It is a more consolidated source for specific hardware and firmware while the Wiki offers a lot of info on a wide variety of setups. Also, I’m glad my note kept you from hyperventilating. Being afraid you bricked your router is no fun! I know I was worried when I flashed my firmware.

  46. Lee says:

    That’s right I can’t ‘ “see” any of the computers or file servers unless i FTP through to my file server. No devices show up on the network unless i use a browser and go directly to their IP. I’ll continue to play with it and see if i can’t get it working. Will let you know.

  47. Mark says:

    My apologies I must clarify, I downloaded the main 20meg file and there is are several files dd-wrt.v23_generic.bin, dd-wrt.v23_wrt54g, dd-wrt.v23_wrt54gs.bin, dd-wrt.v23_wsl54gs.bin and dd-wrt.v23_wrt54gsv4 etc.

    I am assuming the VPN generic you are refering to in this tutorial is the first file I have listed?

  48. Matt says:

    @Lee: That’s very interesting. I’m not sure what would cause that. I’m sure you’ll get it figured out though.

    @Mark: I’m sorry, I did misunderstand. You are correct, the first file you listed (dd-wrt.v23_generic.bin) is the VPN file I’m referring to. I’m not sure why they include all of the other files in the download when you clearly select to only download one of them.

  49. Mark says:

    Thanks Matt,

    Apologies for my ignorance, but what are the main differences with all of those files? If I have the WRT54GL, should there be only one of those files I should be installing? e.g. the generic?

    What is the difference between the generic and _wrt54g file? or the _wrt54gs? Can I install any of those three?

    I am guessing of the others (wrt54gsv4, wrsl54g) I should definately not use those?

    cheers,

    Mark

  50. Lee says:

    Well I finally got it working but only after changing my router (and the entire network) to 192.168.10.XXX. Had to change the “trusted” zone in Zonealarm too. I guess there was a conflict with the originating router being the same IP as the WRT54G at my home. Now if i could just set the DHCP server to assign IP’s in the same range…..maybe the next version.

  51. Matt says:

    @Lee: Sweet!!! I’m glad you came back to explain the work around. It makes sense that the conflicting addresses now that you’ve mentioned it ;)

    It also make sense about the trusted zone. I always disable security features when I initially configure new network settings to make sure they’re not causing the problems. Once its working, I add the security back on and open any holes in the firewall I need to, etc.

    Thanks again for coming back and sharing.

    @Mark: You should only be installing the dd-wrt.v23_generic.bin file.

    The dd-wrt.v23_wrt54gs.bin, dd-wrt.v23_wsl54gs.bin, and dd-wrt.v23_wrt54gsv4 are not designed for your router model. You should check the dd-wrt wiki for additional info on each of these. I don’t know the exact differences between each.

    The dd-wrt.v23_wrt54g is designed for your router, but if I remember correctly, it should only be used if you’re flashing your router in a certain way (not the standard flash method described in my tutorial).

    The wiki recommends the dd-wrt.v23_generic.bin file for WRT54GL. My instructions are specifically for that file as well. I have not tested any of the other files and am afraid that would cause problems when installing.

  52. edlogic says:

    i am using a wrt54gl
    the only thing i could add here is something that i read somewhere else where the poster stressed the point – DON’T GIVE UP too easily .
    i tried flashing with firefox and ie browsers on two different wrt54gl routers – and i got the message – upgrade are failed – and the blinking power light -
    i went through the shorting pins and grounding stuff but still had the blinking power light – i thought i would have to get a JTAG .
    then i finally saw the post that talked about try and try again using TFTP – i was surprised when after a few tries with TFTP hitting the upgrade button immediately after powering the router on – that i finally got a good transfer !
    but then the power light kept flashing and i could not get the login prompt from the router -
    i tried the hard reset etc several times .
    i once again was about to panic and take it apart and try the pin shorting etc .
    then i noticed – about 2 minutes after the flash with tftp – if i just left it alone – the power light stopped blinking and everything was fine -
    at first i loaded dd-wrt v23 sp3 and then when i tried playing battlefield 2 ( bf2 ) i notice very high pings to all of the servers – so i went in and set the qos and the pings got better but not as good as i hoped .
    then i decided to be brave and try the newest tomato firmware – and it seems to work better for me – all around and especially in bf2 . ( not using the wireless right now )

  53. Matt says:

    Don’t give up is really good advice…something I probably should have stressed more in my tutorial. In most cases, even when you think all is lost, there is probably a work around to save the router if something doesn’t go as planned.

    I haven’t read or heard anything about the new tomato firmware. I’ll have to go research that. Thanks for bringing it up. It might make a good article to write on sometime if you’ve got a blog. I check your website, but it looked like a your company site which is cool.

    Thanks again for sharing your comment!

  54. [...] M and L Adventures Installation Guide – click here [...]

  55. Tana says:

    Guys, how do I install back the original wrt43gl firmware?? I have tried simply to flush it, but no success.

  56. Tom says:

    Thanks for the great tutorial. I just had one question please. You stated after the flash that you had to do a hard reset by holding the reset button on the back of the router while unplugging the router. My question is how long do you hold the reset button for before you pull the plug?

  57. Baker says:

    Hey there,
    I was kinda worried about how “difficult” this upgrading of firmware might be, but with the use of this tutorial and another tutorial, just to be sure of course, my WRT54GL router with V23 SP2 firmware on it works wonders now. I havent experienced with much other than gaining wireless strenth, but I definately plan on it.

    Thanks Matt

  58. edlogic says:

    i went to the http://www.linksys.com site and then went to the support forum – looked up the firmware for my router wrt54gl and downloaded it . and i got the tftp program . then i used the tftp program to flash the router with the firmware that i downloaded .
    push the reset button for over 10 seconds until you see the power light flashing or wait about 30 seconds then release – you can also try holding the reset button while powering on the router and hold it for about 10 seconds . the best way i found to flash is use the tftp program and if you have trouble flashing at first then try when you power on the modem – press the update or upgrade button on tftp program about a second after you apply power .
    i had to do this several tries before it finally flashed – then after the flash – just wait about 2 minutes .

  59. tellme says:

    Great tutorial, could not be better !!!
    great step by step explanation, simple and plain !!
    good job, thanks for sharing your experience and knowledge

    regards
    Tellme

  60. lee says:

    Well discovered the the DHCP of the router changes to match the IP you set the router to. So if it’s 192.168.50.1 it will issue IPs with 50 as the second to last set of digits. If you want to access, via, PPTP you are best to change that set of digits to something that isn’t going to be used by the router you are originating from ( most likely 0 or 1). Also played with the VoIP feature. I have 3 devices on Free World Dial up and it worked Just fine, allowing a voice path each time (which was hit and miss in the past). No port forwarding set up required. All your devices have to be with the same provider or you would still have to forward ports to the “odd” device, like if I had one on Vonage. It also requires that you can change settings in your ATA’s, which means you can’t set up most commercial devices as the settings are locked.

  61. Matt says:

    Hi all, sorry for the much slower responses than normal. I’ve been quite busy lately and am currently away in Alaska, so blogging has been much of a priority lately. If you do have any other questions please let me know and I’ll do my best to get back to you in a more reasonable time frame next time.

    @Tana: I’ve never tried re-flashing to the original WRT54GL firmware. I’d imagine you would have to download the firmware from linksys and then upload it. I recommend reading through the dd-wrt wiki. If anyone else knows how to do this, please let Tana know.

    @Baker: I’m glad you didn’t find flashing the firmware too difficult. It’s really not bad at all as long as you careful follow the directions outlined on the wiki or my site.

    @edlogic: Thanks for the advice and pointers.

    @tellme: I appreciate hearing that you enjoyed the tutorial and found it useful.

  62. chan says:

    just to say that this site really did make the whole process very easy – I can’t recommend it enough, was all plain sailing, the wiki site although full of info was very daunting, this page cut straight to what you needed to know for all those who want to use dd-wrt but are not hard core techies.

    Thanks

    Chan

  63. Matt says:

    @lee: Thanks for providing that extra info about the VOIP version of the firmware. I’m glad you’ve been sharing because I don’t have the opportunity to mess with it.

    @Chan: I’m glad you found the site helpful!!!

  64. Paul says:

    Worked like a dream!
    If I had not read this, I would have panicked instead of resetting the router!
    For a WRT54GL Ver1.1 which VOIP version do you recommend?

  65. Matt says:

    Paul, first off let me just say I’m glad you didn’t panic…I was a bit worried when I flashed my router (luckily, I read the DD-WRT wiki close enough to try the unplug and reset thing).

    As far as the VOIP version, I honestly don’t know. I currently have no need for VOIP functionality and have never really looked in to using the DD-WRT VOIP version. That being said, I bet Lee (one of the other users who has made several good comments on this post) could make a good recommendation. He has experimented extensively with the VOIP firmware.

    Lee, if you’re still subscribed to the comments, do you mind answering Paul’s question?

  66. HighTechDad says:

    Great tutorial (it’s now on my Del.icio.us list – grin – ). I have a question that is a bit different, I think. I currently am running the “DD-WRT v23 SP2 (09/15/06) std” version on my Linksys.
    I’m now intrigued by the VPN version and want to do a cross-grade (is that the best word?) from standard to VPN. What I’m wondering is, if I back up my settings, flash the drive, can I re-import those settings? Or will I have to do the manual method (which I have done before) and print out all of the config pages?
    Also, how well does the VPN solution truly work? Once configured, can I use a built in Mac VPN or Windows clients to connect?
    Thanks!
    -HTD

  67. Tomikmar says:

    Thanks for the tutorial. My new WRT54GL v1.1 router works great with DD-WRT v23 SP2 (09/15/06) std. I used IE7 to flash it. There is also no need to connect the “Internet” port on the router to a broadband source while flashing.

  68. Matt says:

    @HighTechDad: I haven’t ever changed from one version of the firmware to another, but I fairly certain you’ll have to manual transfer your settings due to the differences in the firmware source code.

    The Administration > Backup tab on my firmware (VPN) has the following warning message: “Only upload files backed up using this firmware and from the same model of router. Do not upload any files that were not created by this interface!”

    I honestly haven’t had as much time to work on my VPN to get it to work. Mainly because I want to do it the complicated way with a bridged connection and Public/Private key infrastructure. However, from everything I’ve read it works great once configured correctly ;)

    Any VPN client should work to connect, even a MAC one because SSL VPN uses a fairly standardized protocol. However, I haven’t tested this.

    @Tomikmar: Thanks for the comment. I appreicate you letting us know that IE7 works for the flash and that a broadband source is not needed during the flash. I’m sure that info will be helpful to others reading my tutorial and hopefully the comment section as well.

  69. chris says:

    HI Im new to this custom firmware and i just bought this wrt54GL router. I would like to enquire if installing 3rd party firmware like ddwrt will it increase the download speeds or even for BT software? even via wired or wireless? or just the signal strength only?

  70. Matt says:

    Chris, the new firmware will not really increase the speeds of your downloads, at least not the overall speeds. It can offer you the ability to increase the amount of bandwidth/speed allocated to certain protocols/file types.

    For instance, you could have BitTorrent (BT) software receive have the highest possible download speeds (100% of your Internet connection speed) when no other application is using the network. Then for your convenience, the custom firmware can throttle down the BT download/upload speeds when you start surfing the Internet so that you web
    surfing is not slowed down by BT.

    This feature is known as Quality of Service (QOS) and is very useful if you have Voice over IP (VOIP) on your network. It works via both wired and wireless.

    In short, to answer your question directly the custom firmware doesn’t increase overall download speeds. It does, as you correctly stated, increase signal strength.

    One interesting thing to note about having increased signal strength is that your wireless connections that are located far away from your access point will have a faster internal network connection. Unfortunately, the amount of speed lost from having poor signal strength is not enough for you to notice a difference in your Internet connection though you may notice the speed difference if you’re transferring files across your LAN (i.e., between computers on your home network).

    The main benefits of the 3rd party firmware like dd-wrt is the extra functionality provided such as Virtual Private Network (VPN) capabilities, QOS, etc.

    Let me know if the stuff I mentioned above is completely confusing to you. If it is, then you probably don’t need to go through the time and trouble to install the 3rd party firmware on your router unless your just curious and like learning new things.

  71. joeychizzel says:

    thank you a million times + 1 for this tutorial. It has definitely helped this noob in flashing his linksys!

  72. Matt says:

    Joey I’m very glad the tutorial helped out. Its good to know its written at a level that a noob can understand.

  73. Ryan says:

    Hey, just wanted to say thank you for your great tutorial. I used it efficiently and was able to flash the firmware in no more than 10 minutes out of the box. Thanks again!

  74. Soporose says:

    Hi Matt.

    Firstly, my apologies for the length of this post, but you are the first glimmer of hope I have had and I want to provide full information.

    After reading your tutorial and your answers to all these questions I’m hoping I might have found the beginnings of a solution to my problem. Although I have a fair bit of general IT experience (Windows mainly) I have never had occasion to set up a VPN before this. The few remote access needs we have had in the past have been served admirably by GoToMyPC.

    Now we have a new Windows application which runs on all PCs (local and remote) but shares an SQL database on a central server. Seems to me that VPN is the sensible way to go. The computer distribution is like this:

    MAIN OFFICE:
    - WRT54GL (CL7B) – Linksys firmware v4.30.7
    - OS: Windows NT4SP6
    - LAN IP: 192.168.1.0
    - Router LAN IP: 192.168.1.1

    HOME OFFICE:
    - WRT54GL (CL7B) – Linksys firmware v4.30.7
    - OS: Windows XPSP2
    - LAN IP: 192.168.2.0
    - Router LAN IP: 192.168.2.1
    - VPN Client: Win XP’s New Connection Wizard.

    LAPTOP (Not purchased yet):
    - No router
    - OS: Probably Vista
    - LAN IP: Can make it anything

    I won’t bore you with all the gory details, but after much trying of various things I have been unable to establish a valid VPN connection. However, I can:

    - Ping the MAIN OFFICE router from the HOME OFFICE client.
    - Access the MAIN OFFICE router’s management screens from a HOME OFFICE PC.
    - Use GoToMyPC from the HOME OFFICE client to a PC in the MAIN OFFICE.

    The only way I know of to verify that the MAIN OFFICE VPN is correctly set up is by using Microsoft’s Port Query tool. Running it from a PC at HOME OFFICE returns the following (sensitive IPs and domains disguised):

    —–Query Tool Start———-

    Starting portqry.exe -n nnn.nnn.nnn.nnn -e 1723 -p TCP …
    Querying target system called:
    nnn.nnn.nnn.nnn
    Attempting to resolve IP address to a name…
    IP address resolved to blah.com
    querying…
    TCP port 1723 (pptp service): LISTENING
    portqry.exe -n nnn.nnn.nnn.nnn -e 1723 -p TCP exits with return code 0×00000000.

    AND FOR UDP:

    Starting portqry.exe -n nnn.nnn.nnn.nnn -e 1701 -p UDP …
    Querying target system called:
    nnn.nnn.nnn.nnn
    Attempting to resolve IP address to a name…
    IP address resolved to blah.com
    querying…
    UDP port 1701 (l2tp service): LISTENING or FILTERED
    Sending L2TP query to UDP port 1701…
    UDP port 1701 (l2tp service): FILTERED
    portqry.exe -n nnn.nnn.nnn.nnn -e 1701 -p UDP exits with return code 0×00000002.

    —–Query Tool End———-

    That looks OK to me, but I’m no expert. If there are other ways of verifying that the MAIN OFFICE VPN setup is working correctly, other than giving out the connection details to a stranger, I’d like to know about it.

    I have searched the web widely in an attempt to solve this, and I keep coming across people with WRT54G/GL routers who cannot connect to their corporate VPNs, and the standard response from Linksys seems to be to deny there is a problem. There are literally hundreds of these instances.

    OK Matt, I’ll stop there before this becomes a book, and wait to see what comments you have. Do you think flashing with DD-WRT will provide a solution? If so, would I have to flash both routers or just one?

    In the future (if I can get this connectivity problem resolved), there will be more HOME OFFICES with routers and more LAPTOPS without. In other words, router-to-router VPN will be no good for the LAPTOPS; they’ll need to be computer-to-router or computer-to-server.

    Thanks in advance for any advice you can give.

  75. boyan7640 says:

    Great article, man! It helps me very much and I feel a little more sure when flashing my WRT54GL v1.1.

    I want to thank you and give some good information to you and to the Linux community:

    I flashed my firmware to dd-wrt.v23 SP2 vpn generic version (dd-wrt.v23_vpn_generic.bin) from Linksys stock version 4.30.9 (WRT54GL_4.30.9_US_code.zip) successfully on/with:
    ———————————–
    Fedora release 7 (Moonshine)
    Firefox 2.0.0.5
    ———————————–

    Sincerely yours,
    Boyan Boychev

  76. Matt says:

    Soporose: That is a long comment and a lot to process. Give me some time and I’ll try to give you some good ideas to help you find a solution. It’ll just take a while for me to respond.

    boyan7640: I appreciate your complement.

    Big thanks for sharing the information regarding your setup. I’m sure the Linux and dd-wrt communities appreciate knowing all works well with Fedora and Firefox when flashing the WRT54GL. It takes people like you sharing their personal experiences to keep fueling the Open Source revolution. Thanks again!!

  77. Randy Engelken says:

    Matt,
    Thank you very much for the easy to understand step by step instructions on how to flash my linksys wrt54gl router. I have been warned not to over clock my router. Does anyone out there know what is the breaking point?.
    Thanks Randy

  78. Soporose says:

    > Soporose: That is a long comment and a lot to process. Give me some time
    > and I’ll try to give you some good ideas to help you find a solution. It’ll just
    > take a while for me to respond.

    Thanks Matt. I look forward eagerly to any light you can shed on this problem.

    I have even searched far and wide for a third-party solution, but nothing I have found in that regard is suitable for XP -> NT4. Seems all the third-party stuff requires that the VPN server to be a Windows 2003 Server, or another XP/2000 machine. If your corporate server is NT4 you’re out in the cold. However there are still an awful lot of very reliable NT4SP6 servers “out there”.

    I’m at the desperate stage now, so your input will be much appreciated.

  79. Noslenfa says:

    dd-wrt.v23_voip.bin is this the same for voip as the dd-wrt.v23_vpn_generic.bin for vpn?
    My router is WRT54GL tks

  80. Matt says:

    @Randy: Glad you enjoyed the article. As far as your question regarding over clocking, I’m not sure what the breaking point is. I would be careful not to over do it. You should make sure that it is adequately cooled and know that over clocking may shorten the life of the Linksys processor.

    The DD-WRT Wiki reads says WRT54GL v1.1 is stable when overclocked at 250MHz, with no extra cooling. Your mileage may vary.

    @Soporose: I hope to have an answer to your comment before the weekends over. :D

    @Noslenfa: The answer to your question is yes (i.e., dd-wrt.v23_voip.bin is the same for voip as the ), if I understand what you’re asking which I think I do.

  81. andy says:

    hi andy,
    thanks for all the instructions. i followed teh wiki and the install/flashing went off pretty smooth. however i’m having another issue..can’t access the internet.
    i’ve a desktop and a laptop and both get ip’s from the router. i can ping the other machine and the router from any machine, but no internet. any ideas??
    any help would be greatly appreciated. thanks.

  82. andy says:

    woops pressed submit too soon :)
    i’m sure this is more of some configuration in dd-wrt and not any hardware related issue as i’m able to ping the machines and the router.

  83. Matt says:

    @Andy: The first thing I would do is bypass the Linksys to make sure that your Internet connection is working at all. To do this, simply plug in the Ethernet cable coming from your Cable/DSL modem directly into your computer’s Ethernet port. If you’re able to connect then you know the problem is the router. If not, then call your ISP.

    The next step would be to make sure you’ve got the cable coming from your cable/DSL modem plugged in to the correct port on you Linksys. It is the one on the far left (if looking at it from the back).

    I’m not sure that you have a configuration problem on your Linksys. Have you checked the status page when you login to your router to see what it says under the Internet heading?

    Can you ping anything on the Internet like “ping google.com”? What do you seen if you type “ipconfig /all” in your command prompt?

    Without further info, its hard for me to diagnosis your connection problems. Look at this stuff and if you don’t find the problem, get back with me about what you see.

  84. andy says:

    thanks matt. my mistake…i should’ve mentioned it’s not a linksys router..i was trying with a buffalo whr-g125.
    anyways i got a workaround to make it to work..the good guys on dd-wrt forum answered my question..

    since your post comes up in search..may be this might help someone.
    this is what i’d to do (from the dd-wrt forum) to make it work:

    do a hard reset
    reconfigure router (if you have comcast – do “No STP”)
    clone address to your machine
    unplug cable modem (if you have the VOIP via the cable company – double modem – then pull its batteries also) for 5 minutes
    plug ethernet back into the router / cable modem
    make sure router is all configured and up
    plug in cable modem
    wait for everything to setup
    check dd-wrt webpage
    if no WAN IP – do DHCP renew
    wait a minute
    try to ping 208.67.222.222 (opendns server – good place to ping)

  85. Matt says:

    @Soporose: Before I begin let me apologize for being a little slow to respond especially since I failed to get back to you before the weekend was over. I ended up having a bit of unexpected stormy weather last night and I always turn off my computer and unplug the Internet connection so I wasn’t able to write my response last night as I planned.

    VPN is a sensible way to go for your solution. There are several ways to

    To get started let me say that I don’t think the DD-WRT is the optimal solution for your problem. It sounds like you need a more full-blown VPN solution but I don’t know the budget or size of your business. Where I work, we use an SSL-VPN with a RSA SecurID system which is extremely robust and secure. However, I work for a Fortune 500 company with a large IT budget and a ton of remote users.

    Let me also say that I recommend you upgrade any Windows NT servers you have to an OS supported by Microsoft. NT servers are very insecure since Microsoft doesn’t patch widely known vulnerabilities anymore. Any scriptKiddie could hack one of those…now that I’ve got all of that out of the way let me answer your question about the dd-wrt firmware.

    The dd-wrt firmware is better than the standard Linksys firmware and offers a lot more features. Not only does it have VPN pass through like the standard Linksys firmware, but it can act like a VPN server with support of public/private key encryption.

    The dd-wrt would allow you to connect one of your laptops (no router) to the office router via VPN. Once connected to the router, you should be able to set up the appropriate configuration to forward your traffic to the appropriate server(s).

    The dd-wrt would also allow you to connect the home office routers directly to the office routers assuming both Linksys routers were flashed with the new firmware.

    I’m not familiar with Microsoft’s Port Query tool but one other way to verify if the office VPN is correctly setup is to actually make a good connection to it. You haven’t been able to do this yet but you think the WRT54GL has a bug that prevents you (and many others on the Internet) from connecting.

    However, if you could borrow another kind of router that is known to work with VPNs, you could do a real test of the office VPN. If it still doesn’t work, then you know its a configuration issue.

    Also, you could also setup a test very insecure test environment (i.e., no sensitive information and not connected to the corporate LAN) with the WRT54GL’s standard firmware. What I mean about being is secure is that every single firewall should turned off and has all the necessary ports open. Once you get this setup you can test the VPN and know that no random security configuration is preventing you from connecting. If it works, then you can add layers of security till you locate the problem and know what to correct.

    Something else that may work as a solution is Hamachi which is a zero-config VPN solution. If you didn’t mind using GoToMyPC in the past, then you should try Hamachi before doing anything else. If it works then you’ve saved yourself a ton of trouble.

    OpenVPN is another open source VPN solution but it is very complicated to set up. Once setup though its supposed to be great. One other lesser known, but good from everything I hear, is iPIG (Private Internet Gateway) from iOpus.

    Hope all of this info helps. Let me know if you have any questions about what I said or anything else. Also, be sure to come back and let me know what solution worked for you. Helps me learn more!!

  86. Fahad Yousuf says:

    Thanx Matt! Although I am tech-savvy enough to know whats going on in great detail, this page here summarizes the required information very nicely. And since I have nothing better to do now I’ll post my experience of flashing my newly purchased WRT54GL here.

    We have frequent power outages in this part of the world (Lahore, Pakistan) and although I timed my routers firmware flash quite decently right after electric power was restored after a power failure (assuming that the next one would be at least a few hours into the future), the power just had to go out in the middle of the upload. Then after a nailbiting half an hour when the power finally came back. And much to my dismay the power light was blinking fast with no other LED showing any activity except the one for the port to which my laptop’s wired LAN interface was connected. The router did however give me a DHCP IP and was pingable

    I followed the management mode guide in the “recover from a bad flash” wiki page. To my surprise the tftp method worked effortlessly and the transfer took only 8 seconds contrary to the page’s warning that it would be painfully slow. As noted the tftp method only works with Linksys’s original firmware. But all in all I was quite releived to see the web admin page working once again. So with my fingers crossed and praying that the lights wouldn’t go out this time I started the firmware upload once again. This time all went well and after fiddling around with my DD-WRT router for an hour or so all I have to say is: “Dang this thing is sweet”.

  87. Soporose says:

    Hi Matt.

    Thanks for the detailed reply.

    > To get started let me say that I don’t think the DD-WRT is
    > the optimal solution for your problem. It sounds like you
    > need a more full-blown VPN solution but I don’t know the
    > budget or size of your business. Where I work, we use an
    > SSL-VPN with a RSA SecurID system which is extremely robust
    > and secure. However, I work for a Fortune 500 company with a
    > large IT budget and a ton of remote users.

    Very small business, very small budget. Only one remote user to start, maximum of five when all concerned have their access. Despite NT server, quite reasonable security measures are in place, as is very robust backup system. But even so, security is not a big deal. Even if the data were stolen it’s pretty worthless to anyone else, even to someone in the same business.

    > …if you could borrow another kind of router that is
    > known to work with VPNs, you could do a real test of the
    > office VPN. If it still doesn’t work, then you know its a
    > configuration issue.

    Not easy to do in a small town, and I’m not in the USA.

    Re: Hamachi, I looked at it early on. Neither it nor iPig support NT Server.

    > The dd-wrt firmware … can act like a VPN server…
    > The dd-wrt would allow you to connect one of your laptops (no
    > router) to the office router via VPN.
    > The dd-wrt would also allow you to connect the home office
    > routers directly to the office routers assuming both Linksys
    > routers were flashed with the new firmware.

    This sounds like the most promising option for our circumstances.

    Correct me if I’m wrong, but is it correct to say that what I’m trying to do at the moment (and failing at) is establish a PC-to-Server (XP-to-NT) VPN, passing it right through the WRT54GL’s at each end.

    On the other hand, what your suggestion would be doing is establish a router-to-router connection. That should be easier to verify, than wondering if the server VPN is correctly configured, yes?

    Can you give me the exact URL of the DD-WRT firmware I should download? There seems to be so many versions spread all over the place. I have the CL7B routers with Linksys firmware v4.30.7.

    Many thanks for your help.

  88. boyan7640 says:

    Hello, again!
    I will give you all Linux fans more good information:

    I flashed my firmware to dd-wrt.v23 SP2 vpn generic version (dd-wrt.v23_vpn_generic.bin) from Linksys stock version 4.30.7 (WRT54GL_4.30.7_US_code.zip) successfully on/with:
    ———————————–
    CentOS release 5 (Final)
    Firefox 1.5.0.12
    ———————————–

    Sincerely yours,
    Boyan Boychev

  89. Neur says:

    Matt, can you please tell me if this firmware will possibly eliminate the latency problem that I am having with RR? Without the router connected web pages complete almost immediately but with the router connected (Wrt54gl v1.1) graphics on web pages lag to a standstill and when I ping various sites there are dropped packets but not the router disconnected. My neighbor down the block has the exact same problem with a different version from Linksys…Please detail what is going on if you can…Neur

  90. Matt says:

    @Andy: Thanks for the info on the buffalo whr-g125. I’m not familiar with those routers so I’m glad the good old dd-wrt forum guys had an answer for you. Thanks so much for sharing. I’m sure other’s will find your info very helpful.

    @Fahad Yousuf: That must have really been scary having the power going out during your firmware flash. I haven’t ever had to use the tftp method but its good to know it works if needed. Thanks for sharing what you learned. You are correct that dd-wrt firmware is very sweet indeed.

    @Boyan Boychev: Thanks once again for sharing all your Linux knowledge. I haven’t had the need to do any flashing from the Linux side but if I do I know who to contact ;)

    @Soporose: Now that I know more about your business, I feel more comfortable recommending the DD-WRT firmware and a little less apprehensive about the NT4 Server.

    Correct me if I’m wrong, but is it correct to say that what I’m trying to do at the moment (and failing at) is establish a PC-to-Server (XP-to-NT) VPN, passing it right through the WRT54GL’s at each end.

    On the other hand, what your suggestion would be doing is establish a router-to-router connection. That should be easier to verify, than wondering if the server VPN is correctly configured, yes?

    Yes, right now you’re trying to establish a PC-to-Server VPN while passing through the WRT54GL. You are correct that my suggestion is to create a router-to-router connection for your PC to Server connections (this is semi-permanent VPN).

    For your laptop-to-server connections you’ll be creating a similar setup but your laptop will connect to the WRT54GL which is itself a VPN server.

    Actually, after rethinking this, it will probably be easier to set up all connections like the laptop-to-server connections. That way you only have to deal with one set of configurations and not try to get a router-to-router config for some devices and a PC-to-router config for others.

    You might check out the OpenVPN server and client on DD-WRT — Bridged article from Geek Pages for some more ideas.

    @All: Its good to know that my site reaches beyond the US. I always like hearing from others all across the globe.

  91. Matt says:

    Hi all, I’ve recently updated my site to make use of the WordPress Paged Comments Plugin by Keyvan Minoukadeh because the number of comments on this post was getting to bit too long for one page. I’ve conducted some quick tests and everything seems to be working right, but please let me know if you see something strange.

    One thing I know I’ve got to work on is get the styling of my comments to like what I had before installing the plugin or otherwise I might just have to uninstall this thing. Can’t have my site looking ugly ;)

  92. Soporose says:

    > Actually, after rethinking this, it will probably be
    > easier to set up all connections like the laptop-to-server
    > connections. That way you only have to deal with one set
    > of configurations and not try to get a router-to-router
    > config for some devices and a PC-to-router config for
    > others.

    Thanks Matt.

    To be sure I understand what you are saying there, do you mean I should flash only the server router with DD-WRT, leave the remote routers alone (default Linksys firmware), and use the Windows XP VPN Wizard on the remote PCs or laptops to establish a VPN connection with the server router?

    If that’s correct, would I have to open any ports on the remote Routers?

    I think I’ll keep it simple by not using bridging – it is easy enough to use different domain IPs at each location. At the moment the server site is 192.168.1.0 and my first home office site uses 192.168.2.0 and I can continue that pattern to subsequent installations.

    Now I apologize for harping on this, but I am still confused by the different versions etc. of DD-WRT. Is this the file I should be downloading:

    dd-wrt.v23_sp2_vpn.zip from http://www.dd-wrt.com/dd-wrtv2/downloads.php

  93. Matt says:

    Hi Neur,

    You’re the first one I’ve heard of having those types of problems with the Linksys. It’s hard for me to give you a definitive answer about whether flashing your firmware will fix your latency.

    Since eliminating the router does speed things up for you, it leads me to believe that the problem results from your router. However, I’m not sure if its a firmware or hardware problem. I would lean towards it being a firmware problem since you have noticed dropped packets when pinging a site.

    Flashing to the DD-WRT firmware should help. Even if it doesn’t you don’t have anything to lose because your setup isn’t working at all. Plus, the DD-WRT firmware offers many great configuration advantages over stock Linksys firmware. Therefore, I recommend trying to flash your router. If the new firmware doesn’t work then you know that you more than likely have a hardware problem with your router.

    The only other thing you could try is hooking up someone else’s router that is known not to cause latency problems just to make sure that the problem with your connection is your router and not some random network configuration that only comes into play when you don’t have your computer directly connected to the Internet.

  94. Matt says:

    Hey Soporose,

    Now I apologize for harping on this, but I am still confused by the different versions etc. of DD-WRT. Is this the file I should be downloading:

    dd-wrt.v23_sp2_vpn.zip from http://www.dd-wrt.com/dd-wrtv2/downloads.php

    You need to download dd-wrt.v23_sp2_vpn.zip. It is located at the URL you specified but you must traverse through the following directories to get to it: stable >> dd-wrt.v23 SP2.

    To be sure I understand what you are saying there, do you mean I should flash only the server router with DD-WRT, leave the remote routers alone (default Linksys firmware), and use the Windows XP VPN Wizard on the remote PCs or laptops to establish a VPN connection with the server router?

    Actually, that is not what I’m saying entirely. You have the first part of it right about only needing to flash the server router with DD-WRT. However, I wouldn’t recommend leaving the remote routers with Linksys firmware (though that should work, it just may not be as easy).

    You will not need to use the Windows XP VPN Wizard on the remote PCs or laptops. Rather you’ll be using OpenVPN client on the remote computers.

    If that’s correct, would I have to open any ports on the remote Routers?

    Ports do not need to be opened on the remote routers since they will be initiating the request. You see, the way Network Address Translation (NAT) routers work is that they don’t let any unrequested traffic come into your network unless you’ve opened a port and used port forwarding to send the unsolicited traffic to a specific location on your LAN.

    Requested traffic is handled completely differently. When a computer on your LAN requests a download or whatever it sends a request to your router which then forwards the request to the Internet using the router’s on public IP. As the router does this, it keeps track of which computer it sent the request on behalf of and when the response from the request comes back it auto forwards the into to the computer on your LAN.

    Since your remote computers will be requesting the VPN connection, NAT will take care of you automatically and no ports are required to be opened. The only ports that will need to be opened is on the office router that is acting as a VPN server…the one that everyone wants to connect to.

    If you want to learn more about NAT, check out the How Stuff Works article on it. I haven’t read it myself but at first glance it seems to do a good job explaining NAT.

    Now that you’ve got more info than you ever requested in your question about opening ports, I’ll move on :)

    I think I’ll keep it simple by not using bridging – it is easy enough to use different domain IPs at each location. At the moment the server site is 192.168.1.0 and my first home office site uses 192.168.2.0 and I can continue that pattern to subsequent installations.

    Actually, I think bridging will fit your needs better. Read the following explanation of the difference between bridging and routing from OpenVPN’s site.

    I really recommend reading the DD-WRT Wiki for info on setting up your VPN connection. You should plan on setting up the VPN to use Server Mode with Certificates to ensure all of your needs are covered.

    The guys on their forums know a lot more about this than I do. I’m doing my best to explain how I think things should work and be setup but I haven’t actually configured VPN myself. This is something I hope to do in the future and I plan on completing a detailed tutorial if I manage to get everything to work the way I want it to.

  95. Soporose says:

    Well, partial success, Matt.

    I wanted to get the office router flashed over the weekend, so I went ahead without waiting for your reply. Found the right file and got the server router flashed as per your guide above — had all the same hiccups as you described, overcame them all in the same way as you suggested. Many thanks for a great time-saver.

    However, that’s only part of the equation. Back at my own WRT54GL at home (which is still Linksys default firmware) I still cannot get any connectivity to the remote server router. If it turns out that I have to flash all home-office Routers with the DD-WRT firmware I will, but I’d prefer to be able to make a VPN connection with stock standard WRT54GL routers on the client side if possible, as it will make life easier for future home-office installations.

    I have been trying to get it to work with the XP VPN Wizard. Maybe I’ll have more luck with the client you suggested, but there are a couple of things that have me dubious about an easy success.

    For example:

    1. After flashing the office router I enabled remote access on the Administration/Management tab, with “Web GUI management” enabled, “Use HTTPS” not selected, port is 8080 and SSH management is disabled. But I cannot browse to http://nnn.nnn.nnn.nnn:8080. With the Linksys firmware I was at least able to do remote management, if nothing else, but not now.

    2. I also enabled Telnet on the Administration/Services tab of the server router, but cannot telnet to it either. Don’t need telnet and I would disable it eventually anyway, but it was just something else to try for the time being.

    I can however ping the WAN IP of the server router and I can connect to a PC behind the server router using a GoToMyPC account.

    Before flashing the DD-WRT firmware, I printed out all tabs from the Linksys configurations and, after flashing with DD-WRT, I typed the relevant configurations items into the DD-WRT setup, thus ensuring connectivity for all internal PCs without any extra messing about on individual PCs at the office.

    I’d like to try the OpenVPN client you suggest, but not sure exactly what file I should be using. Is it the top entry (openvpn-2.0.9-gui-1.0.3-install.exe) at http://openvpn.se/download.html? That file seems to be a bit more than a simple client?

    Anyway, I’ve spent the last hour or so printing out a heap of stuff from the DD-WRT.COM website, and will wade through it tonight and tomorrow. I should know a lot more about this in a couple of days :-).

    In the meantime, any suggestions from anyone as to where I may have gone wrong most welcome.

  96. Soporose says:

    UPDATE:

    Well after my reading I’m none the wiser as to why I can’t connect. However, I have a ascertained that OpenVPN is not compatible with the windows NT server. OpenVPN needs Windows 2000 or above.

    Also, according to this paper:
    http://dd-wrt.com/wiki/index.php/VPN_%28tutorial%29
    the Windows XP VPN client should work fine.

    I have also tried bypassing the router at my home office end, connecting the PC directly to the cable modem. Still no joy.

    As I can’t connect to the remote management interface via a Web browser, it’s unlikely that I’ll have any luck with VPN until some basic problem is sorted out.

    It’s all very frustrating!

  97. Matt says:

    Soporose, I wish you weren’t have so much trouble and I also wish I knew a easy solution for your problem. I’m glad you corrected about the Windows XP VPN client. Believe it or not, I had actually seen the page you linked to just the other day but ignored it since it wasn’t written in English.

    Anyway, it sounds like you need to spend a little to upgrade the NT server because that seems to be the common pain point. If nothing else, tools like Hamachi would work on a newer server.

  98. Tomikmar says:

    Hi. I have just tested flashing my new WRT54GL v1.1 router with Firefox 2.0.0.6 on Windows XP SP2. Everything works great. There is also one thing that my friend advised me – it is good to wait about 2 minutes after you see “Upgrade is successful” message. I am not sure if it is important, but after showing the message power led still blinked for some time.

  99. Henri says:

    Hi @ all, I have a question.
    There are some rumors that the WRT54GL whit serial nrs. above CL7B1F6300 are not custom flashable any more. The say that Linksys change their chipset and it will brick.
    My serial is 646…
    So your advise please.
    Thanks

  100. Shawn Goertzen says:

    To Henri:

    I just bought a new WRT54GL with a serial that starts CL7B1G639…. I was able to custom flash this without a problem.

    To Matt:

    This guide was perfect, thank you for putting it together! Spent 2 hours pouring over the DD-WRT Wiki, and once I found your guide I was able to do it in under 10 minutes.

    Thanks!
    Shawn

  101. Matt says:

    @Tomikmar: Waiting a couple of minutes is a good tip….I should have included that one. Thanks for sharing.

    @Henri: I believe Shawn answered your question perfectly.

    @Shawn: Thanks for taking the lead on Henri’s question. I’m also glad my guide was helpful. I decided to create it because it also took me a long time pouring over the DD-WRT Wiki before I was confident enough to attempt the flash.

  102. CyBeRcR0W says:

    I bought a wrt54gl v1.1(CL7B1G705..)from Frys on saturday Sept-1-2007 and flashed the dd-wrt v24 generic no kaid, and it is working flawlessly

  103. Henri says:

    Everything Ok here to, thanks Everyone.
    Anywone already tries the v24?

  104. Henri says:

    Already awnserd, Thanks again.

  105. Den says:

    Matt, greatest thx!
    Successfully burned wrt54gl v1.1 , now device working much better!
    Looks like without reset after upgrading it will not work!
    Do You recommend use v24 of firmware? In stable?
    Thx again!

  106. Matt says:

    @CyBeRcR0W: Everyone keeps talking about Fry’s but I haven’t had the chance to go to one yet….there aren’t any in my area. Glad to know the WRT54GL v1.1 is working out for you.

    @Den: No problem. You are correct, the reset is required after upgrading. I’m not the one to answer your queestion about v24 of the firmware. I haven’t upgraded to it yet since v23 is serving me just fine right now. I have been debating on making the upgrade though. CyBeRcR0W or Henry may be able to help you CyBeRcR0W indicated in his comment v24 worked.

  107. David says:

    I just flashed my WRT54GL version 1.1 per above instructions. Everything seemed to work fine – got a new log in for the DD-WRT interface. It accepted the user name of “root” and password of “admin”. I also “pinged” my router with success. When I am in the new interface, I get incomplete pages. For instance under set-up, I can only see the bottom 1/4 of the page. Not sure what is going on here. Help!

  108. David Schauer says:

    As an update to my 103 post – I was not able to access the DD-WRT interface through Internet Explorer no matter how many hard resets I performed. I downloaded Firefox and it worked perfectly. So I am up and running.

  109. Tomas says:

    This is a very good tutorial. I had no problems at all flashing my firmware.

  110. Matt says:

    @all: Sorry for the slow responses lately. I’ve been out of town a lot this month.

    David: Glad to hear you got it working. Not sure why IE is giving you trouble but Firefox is a better browser anyway.

    Tomas: Thanks!

  111. Roger says:

    Awesome guide man! Havnt done it yet, im at work, but it was exaktly what i was lookin for! Need to flash it to be able to get vpn goin. Thnx man!

  112. Matt says:

    @Roger: Glad you like it….good luck on the flash when you get home from work…you’ll be impressed by DD-WRT.

  113. bucky says:

    This guide is fantastic. I spent ages looking through the DD-WRT website and after a while, everything I needed was starting to come together in my head, but I still felt REALLY apprehensive about it…so much so, I was thinking of backing out.

    Then I read this walk through and it put my mind at rest.

    I had a worry for about a minute whilst I realised I couldn’t get back in, but a 30 second reset and all was well.

    Thanks for the guide, it was a real help.

  114. João Martins says:

    Excellent guide! Everything worked like a charm!

    I’m now writing happily connected to my brand new dd-wrt wireless network…

    Upgrading even fixed some annoying and unexplainable connectivity problems I was having…

    kudos!

  115. paul chang says:

    Very unfortunately, my flash failed and bricked my new WRT54GL (CL7B). Also checked the link: http://dd-wrt.com/wiki/index.php/Recover_from_a_Bad_Flash, it seems the only way left is to open the device.

  116. nuttijay says:

    Hi,

    exactly the way to do it!

    One Point, if i tried to flash a new firmware onto the router, using linux and mozilla firefox, the routine didnt do the trick. shortly after hitting the upgrade button, firefox moaned, that he was gettin redirected, and the update didnt took place.

    Hope this canbe worked around ???

    Cheers

  117. Matt says:

    @bucky and João Martins: Thanks!!!

    @paul chang: I hate to hear that your flash failed…I think it happened to one of the other guys who read my instructions but he managed to get the recovery instructions to work for him. I haven’t experienced this before so can’t offer much personal help. Have you posted your issue on the dd-wrt forum? Those guys might have an answer other than opening up the case.

    @nuttijay: Should be a way to work around Firefox complaint, but I’m not sure how. Search Mozilla’s website. Might find a setting in the about:config page of your browser.

  118. GB says:

    This is probably the best site I found for firmware upgrade information. Thank you for your efforts. I have a WRT54GL router. Which bin file is best suited? I think my only two options are dd-wrt.v23_generic.bin or dd-wrt.v23_wrt54g.bin.

  119. Matt says:

    Thanks GB….the dd-wrt.v23_generic.bin is what you need for your WRT54GL router. For mine, I used the dd-wrt.v23_vpn_generic.

  120. Mark B says:

    Just wanted to let everyone know my experience. My goal was to flash DD-WRT v24 beta onto my WRT54GL v1.1, and set up the wireless repeater feature in v24. The first time trying to load v24 std failed for some unknown reason (maybe web content filter which I forgot to turn off), and I thought I had a brick. But, I was able to reload the Linksys firmware, and get it running again following the recovery instructions on the DD-WRT Wiki. I then tried again to load v24 std, but I got the message “Upgrade are Failed” (sic). This jogged my memory, and I had seen that this error is caused by loading too large a file. I thought my v1.1 would accept the v24 std load. I then flashed v24 mini, and it worked! I then uploaded v24 std with no problems.

    Thanks for posting your site.

  121. David says:

    Just wanted to leave a note to say thanks.

  122. jadz says:

    Thanks for the posting! Very clear and strait forward.

  123. GB says:

    I successfully upgraded my firmware on the first attempt; it took about 7 minutes WOW!. I am now running my WRT54GL as a client bridge with absolutely no problems. THANK YOU for your easy to follow instructions.

  124. [...] How to Flash the WRT54GL with DD-WRT Firmware at M and L Adventures (tags: hardware Linux network security wifi howto) [...]

  125. vt839 says:

    This is great but why did you flash with the VPN version if the WRT54GL does not have enough memory to support the VPN function?

    If you do use the VPN feature on the WRT54GL *without* having to mount an *external* samba share, then I would love to learn about this. Thanks.

  126. Matt says:

    vt839,

    As far as I know, the WRT54GL does have enough memory to support the VPN function without mounting an external samba share. You might run in to memory problems using public and private key pairs with a bit strength greater than 1024 bits.

    Where did hear about the memory problems? Post the link and I’ll check it out. It’s been a while since I did extensive research on the dd-wrt VPN but I do not recall reading about memory problems though I could be wrong.

    Thanks,
    Matt

  127. vanDivX says:

    GB (and many others) asked “dd-wrt.v23_generic.bin or dd-wrt.v23_wrt54g.bin”…

    the ‘g’ and ‘gs’ etc are firmware that are router model specific for the WRT54G and WRT54GS (S here means speedbooster and L in GL means Linux…) respectively

    IF you download .zip files for given flavour of firmware (standard/VOIP/VPN), you get firmware for all router models (GL G GS etc) which you don’t all need except one of them and you use too much bandwidthfor useless download, instead you should pick your specific firmware for your router and for the flavour you want (standard VOIP VPN) and then your download and confusion is much smaller, if you do a guide things like this should be made clear

    bottom line is, for WRT54GL v1.1 you need only three files
    dd-wrt.v23_generic.bin
    dd-wrt.v23_voip.bin
    dd-wrt.v23_vpn_generic.bin

    depending what flavour you want (if you got GL ver1 you need to flash first with ‘dd-wrt.v23_mini_generic.bin’ and only then with whichever of the above, I think it can’t hurt to flash with this one first regardless if you are not sure what version of router you have

    and before each operation and after each operation or any change like setting default setting which reboots the router do the powercycle anyway, powercycle the router before you proceed to next step is the way to avoid heart damaging moments

  128. Steve says:

    Hi Matt…Great site and instructions. One problem though that maybe you or your readers may be able to solve…before I take the WRT54G V8 back to frys.

    All is set up and communicating…with one problem.

    I can ping the other workstations behind the main (sending) router, I can ping the WRT54G router IP, but I can’t ping anything behind the WRT54G. I have checked the firewall settings on the WRT54G, but it’s disabled. I’m stummped. Anyone else having this problem?

    Thanks in advance,
    Steve

  129. Karl says:

    While many have posted this before, I would like to thank you for the information you’ve put together. The process is much more concise and made the flashing process relatively painless. Thank you, Thank you, Thank you. Now I’m off to figure out what I’m supposed to actually do with the additional features on my router :)

  130. Jonathan says:

    Great instructions!! Spent 30 minutes reading the wiki, another 5 minutes scratching my head trying to figure out how much of that I actually needed to do, another 5 minutes reading your instructions, and literally no more than 5 minutes actually doing it. Worked perfectly, thanks!!!

  131. Sav says:

    Hey,

    this worked like a charm in one try. Total time under 15 mins. I had to reset the router after it was flashed as mentioned in the article and then i had to reboot the cable modem to get the router an IP address.

    Thanks for putting this together.

    Sav

  132. Blebekblebek says:

    Hi Matt

    unfortunately I flash my router without your guide and “almost” stuck with that “30s reset” part, it’s already running btw

    it just I wondered with bandwith monitor, why there’s no Bandwith Monitor at my router status?

    Which version had that feature?
    btw this is the status screenshot from my router
    http://www.blebekblebek.net/blogger/wp-content/uploads/2007/12/9747606b261a098.png

    I don’t have any wireless stuff so I turn the wireless off, and DHCP off, firewall off (I don’t know why if I enabled it some parts it won’t connect to my modem, or when it connect it can’t browse to some site, etc…)

    This is awesome guide…

  133. Terry says:

    Matt:
    I was nervous!! But with your hand holding and feeding it to me with the spoon, all the planes got in the hangers!!

    Thanks Dude!!

    Terry

  134. G.Tas says:

    Hello people ,great instructions…i just ordered the WRT54GL we’ll see the version as it comes over and you already persuade me to install the DD-WRT firmware…i just cant figure one thing….better VPN or just the STD generic version..? the VPN supporting and VPN settings but the STD generic not?

    Thank you…seems great guide will try it soon as possible….

  135. Brian says:

    I, too, have been researching on upgrading my firmware on my brand new WRT54GL. I knew absolutely nothing about flashing routers until a lot of people who wrote reviews on newegg.com said they flashed it with DD-WRT and said it worked great. As I read more about this I want to go through with it. But one question: my router’s serial begins with CL7C. Does that make a huge difference or can I follow this guide as well?

  136. Brian says:

    Oh nevermind. I just read on the DD-WRT website that I can use the DD-WRT v23 SP2 since my router comes with v1.1. I’ll try that out as soon as I get home and I’ll let you know how it goes. Thanks for the website :)

  137. Matt says:

    Everyone who thanked me for the guide, your welcome. I’m glad I was able to help.

    @Blebekblebek: I’m not aware of a Bandwidth Monitor. I just checked my router status page and I don’t have one. I’m using the VPN version of the firmware. I checked your out screenshot and everything looks like I expected it to. Where’d you hear about a bandwidth monitor?

    @G.Tas: The answer to your question about whether the STD or VPN version is better just depends on your needs. If you don’t need VPN capability than the STD will work. VPN support (i.e., the ability to be a VPN server and not just to connect to another VPN server like you would have at your work) is the main difference between the two versions of the firmware. You can read more about all the differences between each of the available file versions here

    @Brian: Looks like you answered your own question before I had the chance :D

  138. Brian says:

    Hi Matt,

    Thank you for your reply and thank you for your website. :) I was able to successfully flash my router effortlessly and now it’s running DD-WRT. I just have one question: my roommates like to use torrent programs so they hog the bandwidth. I dont mind asking them to turn it down but sometimes they forget when they’re away and I can’t change limit their download/upload settings because I can’t log into their computers. One of the reasons why I flashed my router is because of the QoL option. This way I can surf and play online games without worrying about my roommates’ downloading. I’ve been tinkering with that today but every time I save with QoL settings enabled, my internet slows down to ridiculous speeds. It’s like my internet came to a pause. The only way I’m able to restore my “normal” internet speed is by doing a hard reset (holding RESET while unplugging then replugging and holding RESET for 30 seconds). I read somewhere that I need to be pretty accurate with the maximum D/L and U/L but I’m not sure how I can get an accurate reading on that. DSL Reports is a joke because it tells me I get 5mb DL and 2mb UL speeds :T Anything else I can try or that I’m doing wrong?

  139. x-demon says:

    I flashed my wrt54gl 1.1 too. But… where i can enable a VPN server?

  140. G.Tas says:

    Thanx Matt i will use the VPN version too in case i need this function….

    Another thing please….is there the option to load linksys firmware back or load STD firmware..generally play with firmwares? Just in case but i dont think i will need something like that DD-WRT roxx as it seems:)

    Than You

  141. G.Tas says:

    Sorry for double post i forgot to ask…is DD-WRT going to make the access point function on the WRT54-GL A/C client mode too?

  142. Matt says:

    @Brian: I’ll admit before I respond to your questions that I have not used the QoS features in DD-WRT…just don’t have a need as me, wife, and an occasional guest are the only ones who use the access point. I have looked at the QoS and it should be able to do what you want though it will take some tinkering. I’m not sure where to get a good report on maximum D/L and U/L. All the sites I’ve seen don’t seem to be accurate. To might be able to download and upload (if you have access to an FTP server) a large file and manually obtain your speeds. I know Firefox reports the download speeds. Just make sure you convert everything to kbps.

    If I were to set my router up, here is what I would do. I’d be really specific about the different protocols and their priorities. I’d make sure bittorrent was at the bottom and any protocol you use such as http (80), https (443) are given top priority. An additional thing you should try is setting the MAC priority. I’d look up the MAC address of your computer(s) NIC cards and give them top priority with your roommates MAC addresses given less priority.

    I’d also spend some time reading the dd-wrt wiki and the help file included on the QoS page.

    @x-demon: You can’t just enable the VPN. It requires a lot of configuration. You’ll have to build public/private keys, etc. The dd-wrt wiki will have the info you need.

    @G.Tas: You can re-flash the DD-WRT with other (i.e., old) firmware though a similar process as you completed by following my above tutorial. If you ever need to do so (highly unlikely) than just search the net and you’ll find some instructions.

    I’m not sure I understand your question about the access point functioning on the WRT54-GL A/C client mode too. Would you please clarify so I can be sure I answer you correctly? Thanks!

  143. G.Tas says:

    The access point function into the WRT54-GL Linksys is Able/Cert Able…and i heard that as an access point it can only send signal and not receive….must be client mode to send/receive signal….i.e if you want to connect to a local wireless network that works into a city….must have access point that supports client mode

  144. Felix says:

    Thanks Matt, by means of your detail tutorial explaination, I’m able to successfully flashed my Linksys WRT54GL version 1.1 with the open source dd-wrt version 23 SP2 standard firmware (generic).

    After the download, I verified the MD5SUM hash of the “ddwrt.v23_standard_generic” file by the HashCalc to ensure that that download wasn’t corrupted or hasn’t been compromised as the tutorial recommended.

    I’m sure the HashCalc website link provided in the tutorial explained clearly how to use the HashCal, But I admit, I had a tough time understanding how to use the MD5SUM HashCalc tool. Couldn’t make it work for me, perhaps windows xp “send to” folder was not helping either. But this link below was very helpful to me :http://www.slavasoft.com/hashcalc/index.htm

    After the MD5SUM hash of the “ddwrt.v23_standard_generic” file download was verified as a perfect match by this HashCalc,the rest was easy,thanks to you.

    I’ve already saved the flashing of the Linksys WRT54GL version 1.1 tutorial on my wife’s laptop as a reference to use offline.

    Next, I turned off my firewall and anti-virus. (perhaps I tuned them off too early at this point ) .Went to the IP address of my router (192.168.1.1) to reset the router to “Factory Defaults” under “Administration” tab after log-in with password.

    The reset was succeful. Back to the page again, clicked >“Administration”>“Firmware Upgrade”>“Browse” >found the “dd-wrt v23_standard generic.bin”"Upgrade”>“ .

    I was expecting the upgrading to take a while but it seemed like a few seconds to me.
    Then comes the good news,“Upgrade is successful”. Next I was prompted to log-in to the new dd-wrt interface.

    Here, since eveything was going on so nicely I was tempted to just log-in with password (admin) and see what happens next,ignoring all the readings I’ve done recommending otherwise.

    But I like to follow instructions, so I went to cmd prompt and ping the router to see if ir’s working,the response was: Packets Sent = 4, Received = 4, Lost = 0 (0% lost).”

    All good news, next,I ignored the login prompt and just push the reset button on the back of the router,I pushed and hold for more than 30 seconds, I wasn’t counting but it was more, probably a munite or close to it, did not unplug the power from the router,only pushed the reset button as explained above.

    Next, I’m on the the new dd-wrt interface.I then put in passwpword in other to move through the interface tabs, which was also successful.

    Next I change the log-in user name and password.Going through the tabs made me realized that there are more to learn from this software, but I’m counting on knowlegdable guys like you and others here and DD-WRT Forum to learn more about this software.

    Next, I followed your “Securing Your Wireless Connection” link.Thank you very much.

    Everything is running ok, only my wife PSP – software version 3.80 will not connect to the internet with the “63 random printable ASCII CHARACTERS” after sevaral tries.

    However,it now connects to the net with 61 random printable ASCII CHARACTERS” but not the whole 63, even though the PSP says that it should connect from 8 to 63 ASCII CHARACTERS”. Don’t know why. Not complaining just like to know why. Still, I consider it as a enough protection.

    Thank you very very much along with all those who posted your flashing outcome for others to learn from.

  145. [...] Step 6 Flash the standard-vpn-generic Step 7 I now have a really nice router! (How-To I followed How to Flash the WRT54GL with DD-WRT Firmware at M and L Adventures) I love my new router I can now ssh into it and run some commands! I hope that he add in iptables [...]

  146. G.Tas says:

    Matt i flashed my router soon as i got it but i cant coonect to the internet…strange i cant find Internet Connection Type PPPoA is that because i flashed the VPN Generic?

  147. Matt says:

    PPPoA seems to be a bit uncommon…at least in the home broadband market of the States. DD-WRT does not offer PPPoA in any firmware version as far as I know (at least not when using a WRT54G*. As I’m sure your already aware, the A in PPPoA stands for Asynchronous Transfer Mode (ATM). Whereas the E in PPPoE stands for Ethernet. Ethernet and ATM work completely different.

    From my limited knowledge in this subject, you will need another piece of hardware to get your network running with the DD-WRT firmware on a WRT54G*. I think you’ll need a modem/router that converts the ATM signal your receiving from your ISP to the Ethernet protocol. You’ll configure your ATM modem/router to provide a IP address to your dd-wrt router. Then you can use all of the dd-wrt routers features (i.e., it can be the DHCP server for all other devices, provide wireless, etc.).

    I recommend checking the following forum threads for more information as I’ve never had to deal with PPPoA:

    forums.whirlpool.net.au;
    dd-wrt.com; and
    hostingforum.ca/.

    Hope this helps. Let me know what you find out. Thanks!

  148. Matt says:

    @Felix: Thanks sharing your experience. I’m not sure why the PSP doesn’t work with 63 ASCII characters but does with 61….very weird. I wouldn’t worry as 61 characters is still very, very strong. Frankly, I’m surprised the PSP supports WPA at all much less with such a long password. I’m very glad it does though. Luckily, my Wii supports WPA2 with my with 63 ASCII character (hard to type in correctly though).

  149. Pink says:

    Thanks Matt. Hooked it up today without a hitch. Now I need to figure out how to get QoS for Skype and P2P going. Happy New Year!

  150. G.Tas says:

    Matt thanks will check the forums soon as i can…anyway another company hooked me up after 10 months lol with 24mbit ADSL2+ Line so now i just wasted 70euros into a useless router for me :P now is that DD-WRT supports any ADSL2+ router? Not mentioning anywhere on the site about the Linksys WAG54GS for example ,anyone can help for a router work with an ADSL2+ router?

    Happy new year…thanx :)

  151. Samir says:

    Thank you for the elaborate instructions. Would this custom firmware upgrade only work on the WRT54GL or will it also work on WRT54G?

  152. dragon` says:

    Thx a lot, nice work!

  153. [...] devices, and don’t have $500 laying around. I guess my rockin’ Linksys WRT54GL with custom firmware and USB 2.0 external Seagate drive will have to do for [...]

  154. Mouncif says:

    Thanks man,

    It totally worked for me.

  155. Matt says:

    @Pink: I’m sure you got QOS figured out without any trouble. Hope you enjoy.

    @G.Tas: Sorry you wasted 70 euros. I really don’t know about finding a ADSL2+ router or if DD-WRT supports any of them. I sort of doubt but check their list of supported routers to be sure if you find a ADSL2+ router you like.

    @ Samir, dragon, Mouncif: Thanks! I’m glad my post could be of assistance.

  156. [...] List so you can send it to me easily. Also, don’t forget to check out my ever-popular “How to Flash the WRT54GL with DD-WRT Firmware” tutorial. Author: Matt   |   Filed under: DD-WRT [...]

  157. [...] fix this vulnerability and gain additional features by upgrading to an open source firmware such as DD-WRT or Tomato. I happen to own a Linksys WRT54GL version 1.1 and have flashed it with the DD-WRT [...]

  158. Jouni says:

    Nice and simple tutorial. After reading the “official” installation instructions, I wasn’t sure whether or not to even try. But your instructions were much more encouraging, and the whole thing was over in a flash. Thanks.

  159. Irvin says:

    Thanks Matt! I read over your well-wrttien guide and then flashed it successfully. The only difficult thing for me was after the flash, when I tried to log in again as root/admin…until a few minutes later when I thought about your instructions again to reset after and now I have dd-wrt on my router. Thanks a bunch!

  160. Doren says:

    My modem now only works through my router! If I disconnect my router my modem does not put out any ethernet signal for my computer to recognize. Any one have this problem?

  161. Jusitn says:

    Very good walk through, I followed your instructions and the firmware install went smoothly.

    Thanks

  162. Juergen says:

    Thank you very much for that great guide.

  163. Valerie says:

    Hello,

    I followed all your instructions and the upgrade was successful. The last step was to go to the command prompt and ping 192.168.1.1 and I got a reply. Now, I can’t connect to the internet connection. What can be the problem?

  164. Flash says:

    Hey, thanks a lot for the guide. I used yours and all the other pages from Wiki to make myself a very clear picture, plus I got helped from a friend as well :)

    Basicaly after firmware update I got the succesfull message and pressed continue and page was blank. Then I reset my computer and at the same time, I pushed the reset button for 30 seconds.

    Once the computer restarted I got the page.

    Only 1 problem tho. Before this firmware upgrade I had my internal IP to xx.xx.xx.100, and my second computer has xx.xx.xx.101. But after this DHCP assigned me the total random xx.xx.xx.116.
    Any way I can get back my xx.xx.xx.100? On the firmware page it is set that the IP range will start from xx.xx.xx.100 so I don’t really understand why it dosen’t want to take back the 100 since it’s free now. I tried ipconfig /release and /renew. I tried to make the DHCP to keep the lease for 1 minute and I reduced the string to only 1 so the range is xx.xx.xx.100 and xx.xx.xx.100. Well this made it to not be able to get any IP automaticaly.

    Any hints what I have to do?
    Thanks

  165. zazz says:

    hello. a BIG thank you! i had a WRT54G v2.0 for 5 years and was on 24/7 withe no problems until the wireless board died. bought a new WRT54v.8.00 G, but returned it after a week of trying to get my wireless network connection for sharing files up (couldn’t get it working) …so bought a WRT54GL after reading forum posts and reviews about how it was the same as the old 54G v4.0 and how it could be flashed with dd-wrt, tomato, etc.
    i stumbled onto this site and this is the best how to flash dd-wrt guide on the internet by far. i read the “official” instuctions on Wiki, other sites, etc. and was afraid to brick my new 54GL ‘cuz i paid double for it. (the 54GL is pretty scarce where I live)

    following your instructions, it literally took me 15 minutes (i timed it). the reset instructions works like a charm. the only hiccup was when the Internet Explorer said the dd-wrt web pag had expire and wouldn’t load. thought i was screwed, but after hitting the back button, it loaded just fine. took me 45 minutes to reconfigure my desktop and wireless laptop and after about and hour, my shared drives were working again.

    now i just need to tweak dd-wrt a little.

    what i used:
    Desktop: Windows XP Pro SP2
    Laptop: Windows XP Home SP2
    Internet Explorer v6.0

    thanks Matt :) for this very simple guide

    aside: the new WRT54G is just a piece of garbage

    the best part is my wireless sh

  166. zazz says:

    edit:

    the best part is my wireless network shared folders are working fine

    other info:

    WRT54GL V 1.1 (skipped the mini flash step. flashed with standard/generic)
    serial: CL7C….

  167. Matt says:

    @zazz: thanks for sharing your experience. Glad the guide helped!!!!

    @Flash: You should check into Static DHCP. It allows you to specify an IP address for any machine while still letting other machines obtain an IP address automatically. The one catch is the static IP must be outside of the dynamic IP address range. So I suggest you change the dynamic range to something that doesn’t include the xx.xx.xx.100 you want to assign statically.

    You can change the dynmaic range on the setup > basic setup page (sounds like you’ve already did this to force the IP to xx.xx.xx.100). Go to administration > services to set up your static leases. You should be set then.

    @Valerie: Not sure what the problem would be. Make sure you configured the “Internet Connection Type” and “Optional Settings (required by some ISPs)” correctly on the Setup > Basic Setup page.

    @Doren: First time I’ve heard of that problem. Just to make sure I’m understanding you correctly, your modem doesn’t work at all even when you plug the Ethernet cable into your computer and bypass the router?

  168. Joshua Lenmarc says:

    Thanks! Great guide, it works!

  169. Matt T says:

    Heya;

    umm im kinda scared to do this. This will be my first attempt to putting the firmware on any router. Just wanted to let you know. I guess im lookin for some moral support. I just hope that the version i buy from newegg is the right version, if not, RMA time

  170. neil c says:

    just wanted to add my name to the thank you list.

    the guide worked a charm

    as for compatibility…
    i used firefox/linux on an asus eee

    no problems.

    -nc

  171. I just wanted to thank you. Because of your explanation of the wireless router I was able to set edit the password, because I had forgotten the password and I needed to add other connections to my wireless connection.

  172. Martin says:

    Just thank you for your tutorial, i´ve updated my WRT54GL V1.1 CL7C with the ddwrt Standard and it works great !!!

    Queria agradecerte por el tutorial, acabo de actualizar mi WRT54GL V1.1 CL7C con la version Standard de DDWRT y funciona de maravilla !!!

  173. David says:

    Thanks for your how-to, got my new Linksys working in no time :)
    Best
    -David

  174. David says:

    I just got a new Linksys WRT54GL router with default firmware and for some reasons, it keeps disconnecting me from the internet whenever i access the router wirelessly. Anyone experienced the same issue? If so would the firmware flash fix this issue?

    Thanks,
    -D

  175. Sarfraz says:

    Hi Matt,

    Yesterday, I picked up my new LinkSys WRT54GL ver 1.1 (Serial: CL7B). After following your guide, in just 10 minutes I was able to run WRT54GL under DD-WRT v23 SP2 (VPN version). I had to do a hard reset though.

    Fantastic guide and good on you.

    Before, I switched to (WRT54GL / DD-WRT) I was using “monowall” on a Celeron 500MHz PC. The main reason to use “monowall” was to use PPTP. My brother who lives overseas was getting a great speed over the VPN (PPTP) connection. However, he reported this morning that my new VPN (PPTP running on (WRT54GL / DD-WRT) is much slower. Does anyone has experience in this area?

    Regards,

    Sarfraz

  176. Thanks a lot mate! I was totally puzzled about the dd-wrt upgrade process. dd-wrt wiki did provide enough information regarding the same. However, it is quite scattered and doesn’t give enough confidence to actually go ahead and play with the router. Your guide is the most comprehensive guide I found on the Internet.

    It took less than 15 minutes to get dd-wrt running. I used the standard image instead of the VPN image mentioned in your article with no change in the procedure. Although I was little panicked when I could not get to the admin page even after hard resetting the router. The problem was that the Windows Vista had, for some reason (actually it’s the normal behavior), cached the ARP entry for the IP address of my router. Removing that entry got me to the dd-wrt admin console.

    Cheers,
    Nikhil

  177. Kruno says:

    Great tutorial, thanks for the help! :)

  178. Jim says:

    Thanks Matt,
    Very useful. I bought a WRT54GL specifically to upgrade to DD-WRT. What I found is that on the DD-WRT website, they contradict themselves regarding flashing procedure. On the list of supported hardware, they say you must initially flash the micro version first. On the installation page they reference the micro as being needed only for 2m machines, then reference the mini version as necessary for initial flashing over original Linksys firmware. Yet another place (I cannot locate it at the moment), they reference the macro version. One would think it was merely a brain fart, but were they referring to mini or micro? This gave me some headache. I finally decided to initially flash with the mini because your post as well as a few others, including one youtube demo, consistently referred to the mini for initial flash.

    Everything worked perfectly and I’m now up and running wii and laptop. Today’s project is security features to which I have bookmarked your detailed entry on that subject.

    Thanks again,
    Jim

  179. Matt says:

    Thanks Jim! Do you happen to still have a link to the YouTube video of the flashing? Sounds like that might be something worth linking to on my blog. Have fun setting the security features later. It really gives you a chance to interact with the new firmware.

  180. krzyskup says:

    I’ve just flashed my wrt54gl v1.1 using this tutorial. it works after first reboot :) thanks!

  181. Matt says:

    Thanks krzyskup.

    Also everyone, just so you guys know the final release of dd-wrt version 24 recently occurred. You can read more about it on my blog.

  182. [...] DD-WRT on my WRT54GL for well over a year not and even documented detailed firmware flashing instructions. However, I’ve been debating on switching to the Tomato firmware for close to year [...]

  183. [...] to install the update or to even research all of the new features but based on the popularity of my How to Flash the WRT54GL with DD-WRT Firmware post I felt obligate to write a quick post informing everyone of this new update. You can read more [...]

  184. Matt says:

    To anyone who is interested, I recently published a tutorial that switch from using the DD-WRT firmware to Tomato firmware. Check it out at http://www.mandladventures.com/2008/12/03/how-to-change-your-wrt54gl-firmware-from-dd-wrt-to-tomato/.

  185. john says:

    I didnt notice you say to flash with mini first then generic or whatever anyway ive heard if you flash with generic first it will brick your router or its a higher chance of this happening

  186. Matt says:

    You’re correct John. With a Linksys WRT54GL version 1, rather than 1.1, you will need to flash to a smaller version of the dd-wrt firmware (the mini version) first due to a flash file size limit on the version 1.0 WRT54GL firmware before flashing to the standard, VOIP, or VPN versions. I believe this info is in the first paragraph of my article but thanks for reminding everyone to be careful.

  187. Alex says:

    Router: Linksys WRT54GL v1.1

    I am doing everything as instructed, including 30/30/30 resets, but no matter which version I try, micro or mini, v24 SP1 or v24 SP2 beta or v23 SP2, I always get “Upgrade are failed” message. Each time I was able to successfully flash back to Linksys firmware via TFTP. Besides web interface, I also tried upgrading via Linksys TFTP utility, but it was never able to get the connection, no matter how hard I tried to adjust timing between the router launch and starting of TFTP.

    Any advice would be greatly appreciated. I hope I will not have to stay with the Linksys firmware.

    Thanks,
    Alex

  188. Matt says:

    Alex,

    That stinks. I haven’t heard of anyone else having that problem so I don’t know a solution. You might try flashing to the Tomato firmware and then switch from Tomato to DD-WRT (assuming you don’t like Tomato). Either way, it’s got to be better than the Linksys firmware. Give that a try and let me know if it works. I’ve got a few posts about the Tomato Firmware on my site if you’d like to read more about it.

  189. Janez says:

    Alex,

    The same happened with my WRT54GL v1.1. Yes and I was able to successfully flash back to original Linksys firmware. But after that I’m not able to upgrade via web interface neither with tftp.

  190. Chris says:

    hey dudes,

    I flashed my WRT54GL v1.1 with the WRT54G_v4.21.1_fw file and I did the hard reset and everything but I can’t get the GUi of the router, I can log in with the username root and everything but I can ‘t see nothing in the GUI of the router , what should I do and how?

    Thanks,

    Chris

  191. Matt says:

    Janez and Alex, I’m sorry that I don’t have an answer for either of you. I’m a bit surprised that TFTP doesn’t even work.

    Chris, try holding the reset button on the back of the router while unplugging the router. Continue to hold the reset button as you re-plug in the router. Once the router is plugged in you should continue holding the reset button for 30 seconds to complete the hard reset. I had to do this because the web interface didn’t come up for me after the flash but it worked after resetting the firmware to defaults.

  192. Chris says:

    OKies, thanks meng will try it again.

  193. dd-wrt newbie says:

    Hi Matt,

    I have flashed Linksys WRT54GL successfully to mini generic first and then to Standard. My question is: Can I upgrade to VPN version since I have already installed standard? I would really appreciate all the help I can.

    I have the following currently in my router:

    DD-WRT v23 SP2 (09/15/06) std – build 3932

    Please advise.

    Thanks.

    Regards,
    VJ

  194. Matt says:

    I do believe you can upgrade to the VPN version now that you have the mini generic in place.

  195. dd-wrt newbie says:

    Hi Matt,

    I was able to upgrade to VPN version.
    Now my firmware is:
    Firmware: DD-WRT v23 SP2 (09/15/06) vpn.

    Thanks for the quick response. Btw, Thanks for the excellent tutorial.

    Thanks.
    VJ

  196. Matt says:

    I’m glad it worked for you VJ. It’s sad to say but I’m normally slower at responding. You just caught me at the right time with the right question ;)

    Enjoy the new, more powerful firmware.

  197. [...] I have several posts related to the Linksys WRT54GL (e.g., Tomato, DD-WRT, etc.), I thought I’d let my readers know that Newegg has the WRT54GL on sale for $47.69. I [...]

  • Recent Comments

    • Ubuntu HDMI Sound Configuration (22)
      • Tim: Thanks Matt and Mark!! I now have sound through HDMI on my HTPC. I have Ubuntu 9.04, ASUS EN9400GT with Nvidia....
      • Mark: Thank you. Worked on my Toshiba M300 Laptop running Ubuntu 9.04 Jaunty, with the following modifications: I...
    • Tomato Firmware Option for WRT54GL (9)
      • junn: I just upgrade my brand new wrt54gl to dd-wrt. Do have compare dd-wrt with tomato ? Which is fast and stable ?...
      • brianko: FWIW, after having a year of 1500/300 speeds with Time-Warner (supposedly after the RR-Turbo free upgrade),...
  • All About Me

    I'm a recent college graduate with a degree in information systems and work as an IS Internal Auditor. I enjoy creating websites and learning about new technology. The best way to get me away from the PC is a good camping trip or mountain bike ride. Want to learn more?