Hi on 08th of November 2024 I installed the FreshTomato freshtomato-R8000-K26ARM7-2024.3-AIO-64K on NETGEAR R8000 AC3200 Nighthawk X6. But I can see wired and wireless internet download speed has dropped significantly.

You can see purple box contains internet download speed after I have flash the router to freshTomato.

Wired

Wireless 5G

Please help me.

Hi recently I have installed the FreshTomato freshtomato-R8000-K26ARM7-2024.3-AIO-64K on NETGEAR R8000 AC3200 Nighthawk X6 after stock firmware instability issues. Everything installed without any issue.

I just want to log everything on the router. I have plugged a USB drive and create folders. I SSH to router and found logs are been created.

But I can't see any log details from FreshTomato Admin interface.

Can you please help me?

Empty FreshTomato Admin logs page

Logging configuration

Long-term solution:

A code commit was made on 2024-10-19. It should be included in the next release.

https://bitbucket.org/pedro311/freshtomato-arm/commits/51c6dd9fd650b5527abb34bb876e593200901aa1

.

.

Until then, you can try test builds from user @/M_ars which tests the proposed fix:

(These are dated 2024-10-08)

https://www.linksysinfo.org/index.php?threads/wireguard-error-could-not-create-ipv6-socket.78872/#post-353912

.

.

Some users reporting the following workarounds worked for them:

- Disable IPv6

- Disable CTF (Cut-through forwarding)

,

,

my freshtomato router is used as access point mode.

I have created a guest wifi using this guide:

https://zedt.eu/tech/hardware/setting-up-guest-wireless-access-on-tomato/

But the guest wifi does not have internet access. I have set up the firewall rules.

any idea?

Hello, I bought a second hand net gear router that has tomato firmware. I wonder if it's possible and how I could revert it back to the original firmware.

Thank you

I have Netgear R7000 setup as media bridge. I most likely do not care about those to be monitored.

What do you guys think?

Is a new firmware due yet for the R8000?

https://www.linksysinfo.org/index.php?threads/media-bridge-failure-caught-in-the-act-and-potential-fix.78408/

Hello everyone

I managed to put my brother hl-l2300D (USB ONLY !) over wifi via a netgear r7000 on latest freshtomato VIA USB 2.

Windowd is OK, but i can't manage to use it on mac and Android.

Is there any way to print via this server on those platforms ?

Thank you !

https://www.home-assistant.io/integrations/tomato/

I'm just curious...not setting it up myself, but would like to see if anyone else has and how it's configured/progressing.

More for info but if anyone has any ideas... Upgraded to 2023.4 K26ARM7 multiple times but wifi interfaces & all GUI references to wifi interfaces non-existent. However, viewing page source does show interfaces exist, albeit disabled. Attempts to manually enable via command line unsuccessful. All fine with K26ARM.

Hello,

I am using FreshTomao 2024.3 VPN build. I was wondering if anyone could help me with the answers,

1. What is the best process to configure firewall to bypass all client dns requests to dnsmasq?

2. What are the ideal config for DNSmasq?

3. Which additional firewall options/commands will protect me from outside attacks?

Thanks in advance.

I have a TV in my house that I would like to firewall and block ALL traffic to it during a time range during the week and all day during the weekend. I've tried access restrictions which work somewhat but it does not block Plex which I have on my LAN. Is this possible and if so how do I do this?

[SOLVED] All the VLAN wackiness disappeared after I turned off CTF, based on guidance from helpful forum guru from another site.

I have 2 AC68U with FreshTomato (2024.2) wireless APs configured for 2 wireless networks and VLANs. Main network (VLAN 10 - 10.10.10.0/24) and IOT (VLAN 20 - 192.168.20.0/24). Its part my of pfSense, Netgear homelab.

The problem is my pfSense firewall seeing IOT IPs (192.168.20.x) on the Main Interface (VLAN 10 - 10.10.10.0), and Main IPs (10.10.10.x) on the IOT interface (VLAN 20 - 192.168.20.0).

I would really appreciate if you can point out what I am doing wrong or where I can find out how to fix this problem. Thank you very much in advance.

Guys, I have tried all the ways to make my router a wireless repeater but I am unable to do that. It’s not connecting to it. If it does connect to it but i don’t see internet access. The noise say -92dbm And rssi 0 dbm.

It worked for few hours but the moment I unplugged it and plugged it back in same room it won’t work. Kindly help me out thanks

Hi everyone

I'm trying to setup mullvad VPN into my R8000 using freshtomato 2024.3 K26ARM7 USB AIO-64K. I want to have every users on my br0 and br1 using mullvad for everything.

Right now I have the wireguard config setted for br0 users and I have the handshake status but no users (from br0) are using VPN at all.

Here are screenshots about my existing config + routing table: https://imgur.com/a/2kB9yVT#vVjN43G

I'm quite confused what I'm missing. Help is welcome!

(cross-post with https://www.linksysinfo.org/index.php?threads/wireguard-on-freshtomato.76295/page-35#post-353736)

Hey Everyone!

I wish to configure a FreshTomato (AC66U_B1) router so that it simply connects to my main router as a wireless client using the 5GHz, then acts as an AP with its' LAN ports and the 2.4GHz. Basically I want to achieve the exact same thing as a simple AP mode router would do, except that I want to connect to my main router with the 5GHz radio (exclusive for this purpose) instead of a LAN port.

I don't really want a WDS, nor a MeshWiFi, I don't want to fully clone/extend the main router's wireless network. I want controlled access to it, with the 5GHz radio being dedicated to this purpose, and beyond that I kind of want it all to work as if it was all the same network, just like it would work with a cable connection. I mean, for example if I connect a PC to a LAN port of the FreshTomato router, I want my main router to DHCP assign settings to it and let it access the internet, seamlessly, through the 5GHz channel. As if the FreshTomato router wasn't even there...

The router is on the latest stable AIO release and there is nothing configured on it, I reset the device multiple times.

So my first attempt for the configuration was to select the 5GHz under Wireless Client Mode for WAN0. DNS is set to Auto while DHCP and IP configuration I already tried both with Auto and Manual configuration, but they make no difference. The 2.4GHz I simply disabled for the time being. The 5GHz I configured as a Wireless Client and set it to match the main router's wifi config.

I didn't change anything else. After saving the changes and restarting the router, it does connect to my main router through the 5GHz wifi, I can see it as a connected device on the main router's client list. However the FreshTomato router itself does not seem to be able to make any kind of connection to the outside world. It does get an IP assigned from the main router through DHCP, but cannot even configure it's own clock, so it can't access time servers. Furthermore when I connect to this router through a LAN cable I can access the router's admin page using the IP address assigned to it by the main router, but I cannot access anything else at all. Not the main router's admin page, no internetz, nothing.

After a couple of messing around and router resets, I then tried a different approach. I disabled the WAN0 completely, and set the 5GHz radio to Wireless Ethernet Bridge mode. I tried both Auto IP and manual IP (gateway, etc.) configuration again.

However, the results are nearly the same. No internet access at all, when connected to the FreshTomato router with a LAN cable. It is connected through WiFi to my main router, but does not want to route traffic through it at all. The only difference this approach made is that for some weird reason I can now access the admin page of my main router through the FreshTomato router... but nothing beyond that.

Also in both cases, when I'm connected to the (5GHz) WiFi of my main router, I cannot access the admin page of the FreshTomato router. I tried enabling admin page Remote Access, but that didn't help either.

I have absolutely no idea what I'm missing and it's driving me nuts... Please help!

Hello, I’ve been scouring the HOWTOs and tomatoFTW threads with no luck pertaining to my specific situation. Good news is I am learning a lot when reading. lol ton of info out there!

But I need some help.

My current setup: ATT fiber 1gb modem/router set to ip pass through. 3 TP-link decos, 1 acting as gateway and the other 2 as AP. TP-link managed switch connected to gateway, supplying internet to my PC and server.

What I want to do: I want to divide and isolate my network into 4 sections.

1. Home/iot wireless

2. guest/other iot wireless

3. Office/server/management

4. Open for testing

What I can’t figure out: Freshtomato on my R7000 I am so excited to get this up and running but I’m not sure where to start.

I am thinking of setting it up this way.. ISP->

R7000(subnet the four ports on router,also using R7000 WiFi for guest/iot) ->

managed switch ->

PC/Office, deco for home/iot, remaining port for other devices, and testing.

Does this look right or sound right? I unfortunately can’t afford internet to be down for an extended period of time. (Currently have the r7000 bridge from gateway so I can configure and save settings before swapping over)

I see a lot of posts here in which someone asks whether their router is supported by FreshTomato.

Much of this is explained in the wiki, but here's a quick tip:

1. First, check the Hardware compatibility list in the wiki. It's the most authoritative resource for this. Pay particular attention to the hardware revision of your model. Sometimes one hardware version of the same model may be supported, and another one may not. e.g. "A1" is supported, but "B2" is not. In other cases, different hardware revisions of the same model can even use different chipsets, so read carefully. FreshTomato supports Broadcom-based hardware with ARM- and MIPS-based chipsets. Period.
2. If you don't see your model in the wiki, someone may be working on creating support for your model. Search for your model in the Tomato forum. Again: sometimes one hardware revision of the same model may be supported, and another one may not. e.g.. "A1" is supported, but "B2" is not. In other cases, different hardware revisions of the same model can even use different chipsets, so read carefully.
3. Sometimes, a firmware build for another model may work on your model, but not perfectly/completely. Depending on the model, significant risks can be involved.
4. If neither of those yield the information you want, go to a hardware reference database, such as

https://deviwiki.com/

Enter your model number, (including dashes) in the search box. The search results will show you if your model is in the database. If it is, click on the entries, starting with the first entry, to check to see if one of them includes:

CPU(x): Beside CPUx, you want to see "Broadcom"

Wl(x)Chip(x): You want to see "Broadcom" here too.

Wl(x) Chip(x): You want to see "Broadcom" here.

Switch: You want to see "Broadcom" here.

*Where (x) is a number indicating first, second etc.
So, wireless chip no. 1 would be "Wl1" and so on.

Here's an example to make it more obvious:

https://deviwiki.com/wiki/ASUS_RT-AC1900P

So there's been a fire sale of these Linksys routers lately: woot.com and Amazon have both been selling them for ~$20 each.

They're rebranded from some failed marketing attempt. The firmware is not likely to get updates as they're just trying to unload them to write off less of a loss. The factory firmware is pretty bare bones, and the USB is disabled. What are the chances this will be targeted for support from the Tomato team?

Solid hardware, mesh capable, 3 radios, etc.

Hi, I am trying to flash my Linksys EA6900 router with fresh tomato by following the unofficial guide linked on the wiki page. (Link: https://www.linksysinfo.org/index.php?threads/guide-flash-linksys-ea6300v1-ea6400-ea6500v2-ea6700-ea6900v1-0-1-1-with-tomato.73877/)

After resetting the router and setting a static IP, it says to go to 192.168.1.1, but that didn’t work for me, so I just went into windows explorer and clicked the view device page button under network where it took me to the router config page which was under the domain ea6900.home.linksys.com. From here, I was able to follow the guide to flashing the ddwrt firmware file which the web page accepted and flashed on the router. It then said the router needs to reboot and it did, but now the LED indicator stays off except during the power up sequence and the login page (both the linksys domain and 192.168.1.1) don’t work with the latter saying the connection timed out and the former saying server not found (which I guess would be expected). I’m not sure where to go from here as the guide says to log in and then proceed by enabling sshd. I am able to ping the router and see that while booting up it gives a ttl of 100 and after it is booted, a ttl of 64. Any advice on how I should proceed would be appreciated!

Hey guys, I hope you guys are doing well. So recently installed FT on my router and I wanted secure my router through vpn. Firstly the configuration is confusing on the website. Secondly can I use free vpn servers on my router. Any guide for beginners would helps thanks

I was looking to buy a modem/router combo and a reddit post referenced tomato firmware. I am planning to get the netgear nighthawk r7000 as my router. What does the tomato firmware help with? Does it make my internet more secure? Is it necessary? How do I add this to the router? Thank and sorry for the stupid questions :(

Hello guys, so I bought a Netgear R8000 from a local shop. It was used one. I wanted to use it as an extender but I couldn’t find that in its original firmware.

Then I found about these 3rd party firmware and was interested on installing this. I saw a video from the website That we have to install an initial version then main one.

I am confused which one is initial one and confused which version should I download I see 2024.3

Which has one AIO And one has vpn on it.

It’s different from the video kindly guide me on that thanks.

Running FT 2023.4 version on RT-AC68U. dnsmasq is enabled by default and I'm using the FT web GUI to assign DHCP reservation IPs to some computers and given them unique hostnames. I expected dnsmasq to autonatically recognize and resolve the hostnames when I do a ping command, but it is not resolving.

The dnsmasq.conf file has addn-hosts=/etc/hosts.dnsmasq

The /etc/hosts.dnsmasq file contains all the hostnames I defined.

The /etc/resolv.conf has 2 entries pointing to Cloudflare DNS.

Is there something I'm missing to make it work? Thanks!

This is the first time trying to get natpmp set up in freshtomato. I do not really see any options for setting the forwarding ports on the web interface.

on the manual instructions for linux I am supposed to enter:

while true ; do date ; natpmpc -a 1 0 udp 60 -g 10.2.0.1 && natpmpc -a 1 0 tcp 60 -g 10.2.0.1 || { echo -e "ERROR with natpmpc command \a" ; break ; } ; sleep 45 ; done

I tried to ssh into the router and enter this command but it is a no go. I can not even just get natpmpc to work.

root@unknown:/tmp/home/root# natpmpc

-sh: natpmpc: not found

I then tried to set up NAT-PMP on my laptop and it did not seem like a problem.

I ran the command and got the response "Mapped public port 63571 protocol TCP to local port 0 lifetime 60"

So I went to the tomato router and added a port forward for my computer:

internal / external ports both set to 63571 and forwarded to my computers LAN IP.

and clicked save

services were restarted

then I added 63571 to my torrent clients incoming connections port and clicked [test].. it remained closed.

soooo...

I checked iptables on my computer.. that was fine.

I checked netstat to ensure it was listening on that port... it was.

I went back to the router and just stuck my computer in the DMZ, opened up my torrent client, and tested the incoming port again.. and it still says it is closed.

Anyone tell me what I am doing wrong?

https://www.bleepingcomputer.com/ne...0-000-routers-ip-cameras-with-botnet-malware/

Empasis in brackets was mine.

This includes models by:

Actiontec
Asus RT-*/GT-*/ZenWifi
DrayTek Vigor
Mikrotik
Ruckus
Ruijie
Tenda
TOTOLINK
TP-Link
VPNT iGate

So I just got FT installed and working, at least for the most part. While going thru this process, there were a lot of re-boots, some taking longer than expected. I don’t remember the last setting I changed, but now I seem to be in a re-boot loop. I’m your garden variety home user, so don’t know and would not have been tinkering with any of the advanced settings…

Not a rant, not angry, this was on a spare router, so if its history, i’m ok. But nevertheless, I’m wondering if there is anything I can try to gain access to the router again.

Hello all, trying to do a bit of a weird implementation with this FT router. Router setup is as below. Note this is a lab router for me so it is grabbing "WAN" IP from a separate janky ISP router that I have minimal control over.

FT Version: FreshTomato Firmware 2024.1 K26ARM714 USB AIO-128K

Current networks running:

WAN IP: 192.168.0.x/24

br0/LAN0/VLAN1: 192.168.1.0/24 Base wireless network, appliances currently live here.

br1/LAN1: 192.168.10.0/24 FT 5Ghx wireless, works great.

br2/LAN2/VLAN12: 172.16.100.1/30 Point to point to an OPNsense VM running in Proxmox.

br3/LAN3/VLAN10: 172.16.1.0/24 General management network for other network devices.

Currently, my Proxmox box is connected to the FT router on physical LAN0, and I am tagging VLAN0, 10, and 12 to it. The virtual Linux bridge on the OPNsense VM is VLAN aware and is currently set to tag 12.

OPNsense has been configured with a static "WAN" address of 172.16.100.2/30. From OPNsense I can ping to 172.16.100.1/30, but I cannot seem to understand how to use the static routing in FT to give that P2P network access to the WAN and LAN0 networks, as this should have internet access as well as access to other appliances within the other networks available to the FT router.

Currently using the below as a static route statement with no luck.

|| || |Destination|Gateway|Subnet Mask|Metric|Interface|Description| |172.16.100.3|172.16.100.1|255.255.255.252|0|LAN2|

I have an old TP-Link AX1500 and would like to get some more life out of it, is tomato compatible with the router and if not do you know of something else that is compatible

Thanks in advanced