Sorry, I know this is a 12yo router and there are lots of threads on this already, but every thread I've found so far suggested either:

1. *Enable CTF
2. Try a different cable
3. Reset NVRAM
4. FreshTomato (or any non-stock firmware) might be slower than stock

and I've already tried 1, 2, and 3, so I'm here to ask if I should just accept 4 and give up.

The Details

I am on FreshTomato Firmware 2024.3 K26ARM USB AIO-64K on a Netgear R7000, and speed over an ethernet connection is averaging 350Mbit/s, measured via iperf3 (Tools > iPerf, followed by iperf3 -c 192.168.1.1 on the connected computer)—that is to say, this is a test of the LAN connection, over a wire, with no involvement from my ISP.

Based on the specs for this device, I am expecting gigabit speeds.

I have swapped out multiple CAT6 cables and multiple laptops (all with Gigabit NICs). I have verified that these same computers and cables are capable of Gigabit speeds when running iperf3 on a new router (GL-iNet MT6000, which runs OpenWRT). As mentioned, cut-though forwarding is enabled and NVRAM has been recently reset.

Could there be any other factors at play here? Is it normal for Ethernet speeds to cap out at 350Mb/s on an R7000 with FreshTomato? Should I just cave and buy a new router?

Hi

I have an old R8000, i used to use it many years ago with FreshTomato, I recently got it out of the cupboard and I wish to move it back to the official netgear firmware.

1. is it possible to go back to the official netgear firmware?
2. How can this be done?

I've got a 2015 version of Asus RT-AC68U. My current installed FT version is: freshtomato-RT-AC68U-ARM_NG-2020.5-AIO-64K.trx

In searching for the most current version, I've noticed that there is a 2022 version: freshtomato-RT-AC68U-ARM_NG-2022.7-AIO-64K

But after this, the "NG" disappears from all the names. Is this 2022.7 version my latest or did the naming convention change and can I use the version: freshtomato-RT-AC68U-K26ARM-2024.5-AIO-64K

Thanks in advance for helping me get up to date. I may choose to upgrade to a more current and faster router, but this one works and if nothing else, I'll use it as a Access Point.

Hello,

I would like to use my home internet as a VPN when I am abroad, and have the same Ip I would have if i were at home.

I have a Netgear r6700v3 and freshtomato ver. 2020.3 on it, I just don't know how to setup the whole thing. I couldn't find any helpful tutorial on internet, the only ones that used freshtomato were really outdated.

I am a total newbie in terms of IT, sorry if this is not the palve to ask as all posts here seem to be from people who know at least a decent amount about VPNs and all that stuff

Hello friends,

I am trying to convert my asus ac-67u with latest freshtomato into a wired access point which will allow me to

1. connect a wired computer to an existing network through this router

2. Create a wireless network that can access the existing network

3. Create a guest wifi network that will NOT allow access to existing network.

Since I've disable WAN and DHCP in order to turn the router to a dumb access point (Connect it via one of the lan ports to the main existing network router lan port), I'm afraid it won't allow me to recieve an ip after creating vlan for the wireless guest network :

https://learntomato.flashrouters.com/setup-guest-network-guest-wifi-tomato-vlan/

Is there a configuration I can make all 3 of my needs met with this router ?

Thank you

I'm just wondering if there is any support this router or do I have to buy another one?

Hello, all. I'm quite limited in my modem/router setup. I currently have my ISP modem/router giving my actual router a PPPOE passthrough via a PTM bridge. My actual router is a Netgear R7000 running Fresh Tomato. I am trying to set up a Wireguard host on the router so that I can access my home network while I am away, but no matter what I change in the settings, it will not handshake (or maybe performs one handshake and then drops). Do I need to do something special to allow Wireguard peers access to the host while in this configuration?

-Do I need to port forward from the ISP modem/router to the Tomato router?

-Do I need to try to put the Tomato router in a DMZ?

-Do I need to set up something special with the NAT? Could an unintentional double NAT be blocking this?

I searched extensively but cannot find someone trying to implement this exact configuration. Thank you for any help you can provide!

Hello,

I am using a Tenda AC18 router with the latest 🍅 firmware. However, I'm experiencing an issue when trying to access my network externally while connected to the same internal network—I can't establish a connection.

My ISP-provided router does not support bridge mode, but it does have a DMZ feature. To work around this, I configured the DMZ to point to the Tenda router's IP address.

Interestingly, when I connect from a different network (external to my home network), I can successfully reach my services.

I have two WANs: WAN0 for IPTV and WAN1 for internet. I've (attempted to) use IGMP Proxy's default settings to get the multicasted TV stream from WAN0 to the LAN.

This works for about a day, then TV fails after 45 seconds, likely indicating a multicast issue. A restart of IGMP proxy makes it work until the next time it fails. Nothing appears in the logs other than "igmpproxy is stopped/started". I've tried with and without quickleave.

Using FreshTomato Firmware 2024.4 K26MIPSR2_RTN USB VPN on an Asus RT-N16. Any suggestions would be appreciated.

Apparently the kernel of FreshTomato is very old compared to new systems like Fedora 41, so formatting a drive to Ext4 in them causes issues when mounting. The drive is detected, but trying to mount it results in "Failed to mount. Verify the device is plugged in, and try again." Ext2 mounts perfectly though.

The answer is to remove some features unsupported by the FT kernel, so when formatting a drive, use this instead:
"sudo mkfs.ext4 -O ^metadata_csum,^64bit /dev/sdX1" - replace sdX1 with your drive, in my case it was sda1.

Now the Ext4 drive mounts without issues.

As a bonus, add "veto files = /lost+found/" in USB and NAS > File Sharing > Custom Configuration box to hide the lost+found folder in your drive.

Hope this helps someone.

It's been some years since I've used Tomato. I have an RT-AC66U (not B1) which I just flashed to 2024.5 (and cleared nvram from hardware and from the gui). What I'm trying to do is basically a travel router. I think it's called WISP mode.

EDIT - PROBLEM FOUND

I just found this info:

https://wiki.freshtomato.org/doku.php/basic-network

This mode does not yet work on SDK6 MIPS RT-AC images

I did not notice this, since a bit above there was this line:

Wireless Client mode works for: MIPS devices (SDK5: RT and RT-N images)

And I didn't really understand this SDK thing. No luck I guess. :(

=== OLD POST ===

What I want

My phone will share its 4G network via wifi. The router will use this wifi connection as wan, and then act as a normal Tomato router. Media bridge is not fine since I would lose access to all of my router's functionalities.

To achieve this, I could dedicate the 5GHz radio to client mode, but I'd rather have a virtual connection to the phone, as performance is not of primary concern but versatility is.

What I see

To my understanding the first step would be to setup Basic>Network>WAN0 Settings> with "Type" DCHP and "Wireless Client Mode" on something. However, there, I can only select the field "Disabled". No other fields are present.

Under Basic>Network>Wireless eth1 (and eth2) the "wireless mode" has the options "wireless client" and "wireless ethernet bridge" grayed out.

Under Advanced>Virtual Wireless I can change the mode of eth1 and eth2 to Wireless Client or Wireless Ethernet Bridge, and under Bridge I can select either LAN0 (br0) or none.

What I tried

I tried to change some settings that could maybe "unlock" the functionality, like selecting Wireless Client under Advanced>Virtual Wireless or disabling radios, but with no success. I also tried googling for one hour :/

Help? :)

Is this even supported by the hardware? I've seen people discussing Wireless Client being broken for years, but I'm not sure what's going on. Should I maybe try DD-WRT?

https://bitbucket.org/pedro311/freshtomato-arm/src/arm-master/CHANGELOG

I have an Asus AC66_B1 which has now reached EOL. I've been using Merlin's firmware which is updated to November 2024, the same month as FreshTomato's latest FW. I'm concerned that EOL means no more security updates.

Is FreshTomato a way to essentially continue getting security updates (as well as other benefits) for however long FreshTomato supports this model? I don't really use any features beyond the basics.

My ISP offers DS-Lite for IPv6 connectivity... But that option seems to be missing from GUI. Anybody knows how to configure that manually?

Or maybe whether that's just not possible? (i'm not even going to be angry - I just want to know whether it can be done, or not, and documentation is kinda missing)

Netgear R7000, firmware 2024.3 K26ARM USB AIO-64K

With CTF disabled, my LAN<->WAN speeds top out at ~300/~300 (tested from a wired LAN device), and my mobile on cellular connected as a client to either the OpenVPN or WireGuard servers running off this R7000 gets 100% ping success to LAN devices and WAN destination, and everything works flawlessly.

Whereas with CTF enabled I achieve the full speeds offered by my provider ~1000/~400 (tested from a wired LAN device), and my mobile on cellular as the OpenVPN/WireGuard client still gets 100% ping success to LAN devices, but now gets 30%-50% ping failure to WAN destinations, and browsing/streaming is essentially unusable.

Is there any known solution to this, or is this just an inherent trade-off of how CTF operates?

Anybody know if this will support FreshTomato?

I'm currently using an Asus router that's supported by FreshTomato but that router is getting long in the tooth.. I'd love to buy one of these and run FreshTomato on it, as I'm not a big fan of any of the other 3rd party firmware.. What say you?

I've been having an issue for a few weeks (months?) now with FreshTomato 2024.3 and now 2024.4

I have WAN0 linked to a faster ISP but with a bandwidth cap. This is using a Static IP address. It is set to Load Balancing Weight 1, and it's interface is vlan2.

And WAN1 linked to a slower ISP but unlimited bandwidth. This interface is using PPPoE. It is set to Load Balancing Weight 0 (failover). Connect mode is set to Keep Alive. It's interface is ppp1

I have set under MultiWAN Routing some devices (media streaming devices etc) to always use WAN1 based on their IPs (I also have DHCP reservations for those devices). This seems to work most of the time, and always immediately after a reboot.

For some reason the PPPoE connection on WAN1 occasionally (regularly?) disconnects and reconnects. When this happens all devices configured to use WAN1 default back to using WAN0. I was able to block this for some devices by putting an iptables rule for their IP address under Admin > Scripts > Firewall

iptables -I FORWARD -s 192.168.x.x -o vlan2 -j DROP

However when the WAN1 reconnects those devices (including the ones blocked from using WAN0/vlan2 via the iptables rule) don't switch back to using WAN1 until I reboot the entire router. I've tried a bunch of commands via the ssh terminal:

conntrack -F
service multiwan restart
service wan1 restart
service wan restart
service network restart

Nothing does the trick short of a full reboot.

Any suggestions for what else can I try? I can't really do a full reboot during the day while my wife is in meetings so I'm stuck waiting until the end of the day and hoping I remember to do it before she turns on the TV and starts streaming and using our limited bandwidth on WAN0 (and no I can't schedule it for 5pm because she doesn't always finish at the same time).

Hi All,

I have the following setup (load balancing):

1. Fiber internet connected via PPPoE.
2. Pixel 6 (5G) connected to the router via a USB-C to Ethernet adapter.

My question is about 2). I currently have it set up as DHCP, which results in an IP address in the 192.168.* range, which is not my real external/public IP address. So, in terms of load balancing, it is working fine, but my issue is that I would like to SSH to my network using that IP address, but I cannot because it is not assigning the proper IP address.

I tried setting up WAN1 using a 3G modem and 4G/LTE, but I am guessing Tomato does not have the drivers for the Pixel 6?

Appreciate any help.

R7000/latest fw

Good Day, I recently got another r7000.. is it possible to extend the wifi networks 2.4 and 5 if I connect these two using Ethernet cable? Also which version of freshtomato is the most stable?

Hello!

I updated my Netgear R7000 with the latest 2024.4 release. This time I used the AIO version, while previously I've been using the VPN version, if that matters, then I restored my backup config.

Previously I used NAS storage with username and password and everything worked fine - I could log in from my PC without no issues. After updating I can no longer log in my NAS. It always says "The username or password is incorrect" even though everything should be correct.

Anyone has a clue what am I missing here? Thanks!

https://bitbucket.org/pedro311/freshtomato-arm/src/arm-master/CHANGELOG

I am running the latest build on a Netgear R7000. I have my VLANs all set up and working. I want clients on LAN0 to access a server on LAN1.

I have made two entries on LAN access LAN0 source with LAN1 destination and vice verse. Rebooted and all but still am unable to ping the server from LAN0.

Thanks!

https://preview.redd.it/8d9vf8btwn3e1.png?width=984&format=png&auto=webp&s=8a811ea20a5ae3773b7f28f1ff159c209a02f8f1

Hey guys, I apologize for being this noob but this wanted to know if there’s a way I can make my router accessible, I mean network access even when I am not at home. I will be traveling soon and saw videos related to that gli routers and was wondering if it’s possible in tomato. Thanks

Sorry I'm a total noob with all things related to Linux. I need help with scheduling Transmission to turn off at nighttime, on an RT-AC66U running FreshTomato.

I know there is a Scheduler on the webUI, but I can't figure out what to type into the command field to make it stop/start Transmission.

Basically I want to set it up to completely shut down Transmission for every night, so it allows the attached USB HDD to go to sleep, which in turn allows myself to go to sleep. (the HDD is noisy)

I guess I'm looking for something like /tmp/stop_transmission.sh, but I have no idea how to do it. I need the exact command that will work in the Scheduler.

In the advanced scenarios on the wiki, Scenario 4: Pure WiFi Dual WAN says

"You could configure wl0 as a wireless client for the public Internet and wl1 as a wireless client towards your neighbour's network."

I am trying exactly that. I've set up a vlan for WLAN1, set the radio to client mode in the vlan settings, but down in the wireless settings it tells me only one wireless interface can be configured in client mode.

Is this not supported? It's in the wiki. What am I not understanding?

I'm running in to some weird routing issues when using Fresh Tomato (2024.2, on RT-AC68U) as a dumb AP with pfSense as the router/firewall. I have 3 VLANs (1, 10, 11) in pfSense, (each with different firewall rules/restrictions), and I have these configured in FT (screenshot below), with each VLAN associated with a different virtual wireless interface (more details on these later).

For the most part, everything works fine. Devices always get the correct IP from pfSense's DHCP, but sometimes (80% of the time everything is fine), devices connected wirelessly to FT (no issues for wired connections) somehow end up on the wrong interface in pfSense (while still having the correct IP). Consequently, pfSense applies the rules for that interface to them, which is a serious problem as this basically destroys the purpose of having VLANs.

VLANs

Network

Screenshot from pfSense:
192.168.58.0/24 is VLAN1, but for some reason this device ends up on the VLAN11 interface

https://preview.redd.it/1c7ugex4gc2e1.png?width=596&format=png&auto=webp&s=94fe5bbea35dbbecc0e55a33bfea7b6fa864b372

Because this only happens on wireless connections, I'm 90% sure this has something to do with how FT handles VLANs/routing. (In theory, it shouldn't need to do any routing, though)

How would I go about debugging/fixing this?

Hi! Wanted to take the plunge and install fresh tomato on my Netgear R8000. It's been running the Koolshare firmware for a while, so it has an administration - firmware upgrade screen where I can pick the tomato firmware to install it. Can I do this (will it work?) or do I need to go back to stock firmware or something like that? Pretty new at this, just went off of the stock firmware a long time ago when it got too buggy.

Thank you for the help!

R7000 still serves my needs, and recently upgraded from Shibby Tomato to FreshTomato.

But pressing the WPS button on the router [for up to 2 seconds] does not disable the radios as is supposed to be the default.

Anyone have a fix or script to turn off both radios (2.4/5ghz) and their two LEDs.... then another press would turn the radios and their LEDs back on?

(...need to leave the router on overnight now, but want the radios off and my computer is powered down by the time I go to bed so don't want to have to issue commands... a physical button is needed) Thanks for any help.