1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help me setting my tomato up pls!

Discussion in 'Tomato Firmware' started by terence8888, Sep 2, 2012.

  1. terence8888

    terence8888 Serious Server Member

    I'm a newbie in setting up network. I bought TP-link 8817 (used as modem) and Asus RT-N16 (with tomato) to replace my old Netgear ADSL modem. I managed to set it up (sort of) but I'm sure something is not quite right - I login from work onto my network but instead of getting tomato, I get the TP-link web interface. Otherwise I can connect to the internet from home.

    I suspect the bridge mode on the TP-link is not set up properly.
    My settings on the TP-link are:
    VPI/VCI 0/101 (UK O2 broadband setting)
    Dynamic IP address
    it is set to ip address 192.168.2.1

    On tomato:
    ip address set to 192.168.1.1
    WAN: DHCP
    Route Modem IP 0.0.0.0
    Script on firewall:
    ifconfig `nvram get wan_ifname`:0 192.168.2.2 netmask 255.255.255.0
    Scipt on init:
    iptables -t nat -I POSTROUTING -o `nvram get wan_ifname` -j MASQUERADE
    As per instruction on dd-wrt. Without these, I cannot connect to the internet.

    I tried to put the TP-link to bridge mode (using its web interface) but I cannot connect to the internet. Tried fiddling around with the tomato's setting to no avail. So any clue/help will be greatly appreciated.

    I would like to eventually set up SSH tunneling from office. Please help! And many thanks in advance!
     
  2. terence8888

    terence8888 Serious Server Member

    Bump... Please help!
     
  3. rs232

    rs232 Network Guru Member

    What is it not working exactly?

    Where do you want to terminate the SSH tunnel? on the RT-N16? On the device behind it? Whatever the answers are read below.

    I've never come across a TP-link 8817 but if you can set it in bridge mode (if!) that's the solution to your problems. Most likely reason the RT-N16 connected to it is not working could be related to DHCP e.g. packet too bid or class-id missing. I suggest you re-try to set the TP in bridge mode and the RT connected throught the WAN port in DHCP. Reboot both devices and check if the RT get an public IP. Then we'll pick up from there.
     
  4. terence8888

    terence8888 Serious Server Member

    Thanks for the reply.... I will try and report back... thanks in advance!
     
  5. rs232

    rs232 Network Guru Member

    I've tried to replicate your scenario. One thing you might want to try is to set pppoe on the wan interface od the RT. In that case i guess username+password is coming from Orange directly ;-)
     
  6. terence8888

    terence8888 Serious Server Member

    My ISP (O2 in the UK) does not require password or username. I set up my TP-link to DHCP and it connects OK.
     
  7. rs232

    rs232 Network Guru Member

    If the TP is set in modem mode it will not get any IP address but modulate analog frequencies only so that the RT can "talk digital" and get get an public facing IP. If you go in the TP config page when in router mode you should find a username/password somewhere under ADSL or WAN config. So to cut a long story short it would make sense to me to have TP in modem mode only and RT set in pppoe on the wan interface using the ADSL credentials from your ISP. Never tried this before though.
     
  8. terence8888

    terence8888 Serious Server Member

    I tried exactly your suggestion but I cannot connect to the internet. I tried pinging from my PC and there is no response.

    I tried to use PPPoA (with blank username/password) or DHCP: both give the same result.

    I'm going to setup my old netgear to modem only and try. Will report back.

    Thanks.
     
  9. terence8888

    terence8888 Serious Server Member

    Tried it swapping to a different modem... same result! Any thoughts?
     
  10. rs232

    rs232 Network Guru Member

  11. rs232

    rs232 Network Guru Member

    Another thing I though about, possibly not as nice as the one above but at least simpler: try to use the DMZ.
    To do so, set your TP in router mode and in its DMZ config specify the IP address of the RT (better if set it has a WAN IP static).
    Somebody refers to this scenario as double-NAT as the Internet packet is translated twice (not a big deal in most of the cases).
    The DMZ idea being: TP will forward all the unknown incoming request to the DMZ IP (RT in this case). If you have upnp running on RT there should be no difference to the users.
    The only possibly thing with this scenario is that TP will stil track all the connections and it if it doesn't it well.... you see where I'm going ;-)
     
  12. terence8888

    terence8888 Serious Server Member

    I did not manage to follow the thread you mentioned above.

    Tried the DMZ route: switched on DMZ on the TP-link with the server at 192.168.1.1 (where tomato is located). Set up tomato remote access to HTTP (tried both 8080 and 80 port). Connect from the outside to 188.xxx.xxx.xxx but it did not work (says timeout on the browser). If I switched off DMZ, I can connect at the same address 188.xxx.xxx.xxx and I can access the web interface of TP-link.

    Any more ideas????
     
  13. terence8888

    terence8888 Serious Server Member

    Still no luck.... I discovered that the TP-link cannot ping 182.168.1.1

    To summarize, the set up is:

    O2 broadband (UK) <----- TP-link 8817 (dynamic IP currently 188.223.xxx.xxx, NOT bridged, LAN address 192.168.2.1) <------ Tomato (with script as above, LAN 192.168.1.1) <--- PC

    The PC can see the internet with no problems. However, from the outside, pointing to the IP address 188.223.xxx.xxx gives me the TP-link web interface. I would like to see the tomato interface pls.
     
  14. rs232

    rs232 Network Guru Member

    sorry why do you use the firewall script? I don't see a need for that.
    Can you just set a static IP address for the WAN interface on tomato 192.168.2.2/24?
    If you want to see the tomato web interface set a manual port mapping on TP external TCP port e.g. 888 pointing to 192.168.2.2 tcp 80 or whatever port you have set under administration/admin access/Remote Access

    This setting though will not allow you to create a tunnel anywhere but just to see the configuration interface.

    Also TP doesn't ping 192.168.1.1 because that IP is natted behind tomato. Nat is enabled between WAN and LAN because under advanced/routing/mode is set to gateway. I suggest you leave it as it is.
     
  15. Monk E. Boy

    Monk E. Boy Network Guru Member

    Exactly what I was about to say. On the TP-Link set the DMZ host as the RT-N16's WAN address, which is going to be 192.168.2.something.

    Note that this is not perfect since any ports which the TP-Link is responding on for it's WAN port won't be available for use by the RT-N16. For example, whatever port you're currently seeing the TP-Link management page on when you're not at home wouldn't be available for use by the RT-N16.

    If you can figure out how to put the TP-Link in bridge mode then the WAN port of the RT-N16 would get a public IP address, at which point all ports would be available.
     

Share This Page