The Internet is a great way to get on the net. - Senator Bob Dole

23.07.24 1105 [PST]

   EAC & MP3s
   Life of Myden

Best MP3 Guide


Good Movies




Home >> Articles >> Recipes

Building The Ultimate Home Network


Asus RT-N16 router Installing Tomato on an Asus RT-N16 router

DOWNLOAD TOMATO FIRMWARE - K26 version - MIPSR2 version - VPN version INSTALLING TOMATO ONTO ROUTER # Go into our router page ( default user/pass is admin/admin for Asus router firmware - download a generic version of DD-WRT to install on the NT-16 router first, such as from: example .trx file: # administration -> restore/save/upload setting -> restore -> yes # administration -> firmware upgrade -> select .trx file for generic DD-WRT that we downloaded above -> upgrade firmware The router is now running DD-WRT. In DD-WRT ... # administration -> firmware upgrade -> please select a file to upgrade -> select the Tomato by Shibby firmware file we downloaded. You may first need to rename the extension from .trx to .bin Once firmware is finished loading, you may need to do a hard reset on the router. The router is now running Tomato by Shibby. default user/pass is root/admin for Tomato firmware In Tomato by Shibby... # administration -> configuration -> Restore Default Configuration -> Select ... -> Erase All Data in NVRAM memory (thorough) # advanced -> MAC address -> WAN Port -> Clone PC -> Save -> OK # Status should now see an IP address from your ISP TOMATO: CHANGING THE ADMIN PASSWORD # administration -> admin access -> change password at bottom TOMATO: CONFIGURING THE WIRELESS CONNECTION # basic -> network -> wireless - checkmark beside 'wireless' - SSID: think of something clever - click on SCAN. Once it's done, it will show you which channels are being used, and by how many people. Pick a channel that is furthest from everybody else in your area. - under security, pick WPA2 personal. Change the encryption type from TKIP to AES. Click on 'random' to generate a 64 character key. - Click save. - Copy and paste the 64 character key to a text file and save it on a usb stick. You can bring this to your laptop later. I like to lower the transmitting power of my router, do we really need more radio waves than necessary running through our body? And who knows, maybe it even extends the life of the router. I bring my laptop to the most likely furthest point in my house that I'll be using it. Run a speed test. Then, in Tomato... # advanced -> wireless change 'Transmit Power' from the default 42 to 32. Hit save. Run back upstairs to the laptop, run the speed test. Still going plenty fast. Dropped it to 22. Still going the same speed. Dropped it to 12. Wow, still no drop in speed. Can I really get by with just 6mW ? Nope. Now having trouble connecting. Let's try 9 mW. Hmmm, still problems. Looks like 12 mW is about as low as I'll want to set it for now. TOMATO: USING DIFFERENT DNS SERVERS (such as Unblock-Us) # advanced -> DHCP / DNS Make sure there is a checkmark beside 'Use internal DNS' In the Dnsmasq box, enter the DNS servers you want to use, ie: strict-order server= server= server= Hit Save. Now take the checkmark off of 'Use received DNS with user-entered DNS' Hit Save again. Now go to... # basic -> network Under 'LAN -> static DNS' , enter the IP addresses of the DNS servers you added above. Example: Hit Save. TOMATO: CONFIGURING OPENVPN Follow instructions at (also saved under Chris Myden's Ultimate Netbook -> saved pages) Start at 'Configuring OpenVPN' and follow the instructions from there - Important: Change the KEY_SIZE in vars.bat from 1024 to 2048 Meanwhile back in Tomato... # Advanced -> VPN Tunneling - put a checkmark beside 'Start with WAN' - interface type should be TUN - protocol should be TCP # now click on the 'Advanced' tab of the OpenVPN Server Configuration - put a checkmark beside 'Direct clients to redirect internet traffic' - put a checkmark beside 'Respond to DNS' - put a checkmark beside 'Advertise DNS to clients' - change the encryption cipher to 'AES-128-CBC' # now click on 'Keys' - In Windows Explorer (on our client machine), navigate to C:\Program Files (x86)\OpenVPN\easy-rsa\key Paste in the keys box 1 = ca.crt box 2 = server.crt box 3 = server.key box 4 = dh1024.pem - Note that for the server certificate, you don't include the first part of the file '-----BEGIN CERTIFICATE-----' Hit Save Hit Start Now Okay, now we just need to do a few more things before testing our OpenVPN connection # basic -> time - change Time Zone to the correct time zone (-7) - set the NTP time server to North America - hit Save # basic -> DDNS -> Dynamic DNS 1 -> select 'FreeDNS (' Beside Token / URL, enter the Token URL from and hit Save And now back in Windows... create a .bat file with this in it: start C:\"Program Files (x86)\APPS\OpenVPN\bin\openvpn-gui-1.0.3.exe" --connect xxxxx.ovpn exit - Add this .bat file to the Windows startup menu in your client, so that OpenVPN starts and connects automatically. ITEMS BELOW THIS LINE HAVE NOT BEEN COMPLETED ON THE NT-16 ROUTER YET TOMATO: CONFIGURING QOS Used the following 3 tutorials as a guide... QoS -> Enable QoS - left checkmark beside ACK packets (see debates in tutorials above) - left SYN, FIN, RST unchecked - Prioritize ICMP: left unchecked, useful if you're running a game server, which I'm not - Kept default class as Low. OUTBOUND RATE: Max Bandwith: This is an important value. To figure out what mine was, I went to and ran a speed test to each city. 845 895 with QoS Los Angeles: 3930 527 119 4211 720 4208 690 3842 692 4206 724 Chicago: 5165 845 28 New York: 4532 818 45 4218 838 3760 809 4194 821 3791 778 San Francisco: 2040 829 43 2121 652 2042 807 2113 859 2109 854 Parsippany: 3661 844 53 4416 762 3968 784 2642 818 It would appear that my max is 845. This is what I set it to. I'll probably revisit these speed tests later and make sure. Highest: 90%-100%. High: 10% - 92% Medium: 3% - 90% Low: 3% - 100% Lowest: 2% - 70% Class A-E: none - none (for all) INBOUND RATE: We don't want any QoS on our inbound rate, so set the Max Bandwidth to something ridiculously high... Max Bandwidth: 999999 and leave all dropdowns in their disabled state. Highest: None High: none Medium: none Low: none Lowest->Class E: none Click Save. Now we move on to QoS -> Classification First I use the up arrow to move the DNS match rule to the top. Then I set it as class 'highest'. Click OK. - Then I click on the one that has the description of WWW (should already be second from the top now). Beside ports 80 and 443 I add 21 and 23, so it looks like this: 80,443,21,23 I change the description to WWW, FTP, SSH. I set the class as 'high'. Click OK. Now at the bottom we'll create a new match rule, with a class of 'lowest'. In the description box put 'uTorrent'. Changed the IPP2P (disabled) to BitTorrent. Then I moved this uTorrent rule up to 3rd place. Moved the 'bulk traffic' rule up to 4th place. Deleted the WWW (512K+) rule, and the DNS (2K+) rule. Click 'Save' at the bottom. TOMATO: CONFIGURING FOR UBERNET Ok, getting Tomato to work with Ubernet was a bit annoying and caused me headaches. To do it successfully, follow these steps, the order is very important. Go into the router, Port forwarding -> UPnP / NAT-PMP -> take the checkmark off of UPnP Hit save. Now, disconnect the Linksys router from your setup. Connect your modem *directly* to your computer. Go into Windows Vista firewall. Start -> control panel -> security -> allow a program through Windows firewall -> exceptions Clear any entries relating to UberDC++ or the port you plan to use. Click add port. Name: Ubernet TCP Port number: the port you want to use. 60125 for example. Protocol: TCP Click OK. Click add port. Name: Ubernet UDP Port number: same port # as above. Protocol: UDP Click OK. Click OK. Launch UberDC++. When Windows asks, unblock it. Go to Shields Up port test at Proceed -> enter in the port # that you entered above -> click User Specified Custom Port Probe -> It should say open. If it doesn't, well there's no point in going further. Go back into UberDC++. File -> Settings -> General Active IP: enter your outside IP address ( can tell you what it is) Searching IP: same as above Active Port: enter the port number from above Searching Port: enter the port number from above Hook your router back up the way it was before. Go back into your router page: Status -> Device list Which one is your computer? Not the one with interface vlan1. You want the internal IP. Should start with 192.168.x.x Copy down the IP address, it's your internal IP. Port forwarding -> basic -> Change the dropdown box from TCP to 'Both' Under Ext Ports, put the port that you entered into UberDC++ Under Int Address put the internal IP address that you just figured out (above) Under Description put Ubernet Click Add Click Save Go back to the Shields Up port test. Is it still open? Should be. Try searching on UberDC++. Can you connect to other users? Can you download their lists ? Go back into Windows firewall. You can remove the 'Ubernet TCP' and 'Ubernet UDP' port entries. Just make sure the UDC++ stays there, and stays checked. TOMATO: CONFIGURING FOR UTORRENT in uTorrent, go Options -> Preferences -> Connection. Note the incoming port. Now in the router config page, go to Port Forwarding -> Basic Change TCP to 'Both'. Set 'Ext Ports' to the incoming port noted above. Set Int Address to the IP address listed under Status -> Device list (whichever one is your computer, your internal IP address, usually 192.168.1.X) Set Description to 'uTorrent'. backing up the router configuration -> Administration -> Configuration -> Backup