1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Making 2nd Tomato Router a dumb access point

Discussion in 'Tomato Firmware' started by personalt, Apr 20, 2012.

  1. personalt

    personalt Networkin' Nut Member

    I have a second linksys router with tomato installed that I would like to make a dumb access point. I see lots of threads about how to do this with WDS but since I have a wired connection between the basement (main) router and this upstairs AP location I would rather not use WDS.
    I swear there was a thread about Toastman did this in his apartment buildings but I checked here
    and read the whole QOS thread again and couldnt find it mentioned.

    Is there any write-ups on what to do to make a AP that just passes through? I seached for a while but when you seach for generic terms like 'access point', 'NAT DISABLE', & 'multiple routers' you pick up a lot of random threads.
  2. crhiles

    crhiles LI Guru Member

    On the second router, disable DHCP, change the IP address of it to one different from the main but on the same subnet, plug the wired connection into one of the LAN ports, configure it as an access point with the same wireless settings as the main router but use a different wireless channel.
  3. fubdap

    fubdap Addicted to LI Member

    crhiles beat me to it.

    Leave the settings the way they are on your main router (aka router1)

    Plug Router2 (aka AP) directly to your computer LAN port to set it up first.

    On Router2:
    Disable DHCP
    Use an IP address outside of the DHCP pool of Router1, but in the same subnet
    Use the same Subnet Mask as Router1
    Use Router1 IP for the Gateway
    Choose Access Point for wireless
    Match all of your wireless settings exactly on both routers, except for the wireless channel. Use Ch: 1 for Router1 and Ch: 6 or 11 or for Router2 or vice-versa.
    Plug router2 LAN port into router1 LAN port. You can use the WAN port of Router2 if you disable it on the GUI.
    Under Advanced/Routing/Miscellaneous change “Gateway” to “Router”
    zavar likes this.
  4. personalt

    personalt Networkin' Nut Member

    Thanks... this is the part that seems a**backwards to me

    "Under Advanced/Routing/Miscellaneous change “Gateway” to “Router” "

    I have read that a few places but wondered why this seems backward to what you would think... What does putting it in router mode do?

  5. gfunkdave

    gfunkdave LI Guru Member

    Gateway hosts your internet connection; router is just a router that moves traffic on your local network. It can stay in Gateway mode if you don't use the WAN port.

    From the Tomato docs:
    Gateway = Don't let WAN traffic access the LAN, except through port forwarding or DMZ. (Required mode for PPPoE connections connected through WAN port to a bridged ADSL modem.)
    Router = Turn off these features and NAT. (May be incorrect on details, but this is the idea)
  6. Toastman

    Toastman Super Moderator Staff Member Member


    Connecting two devices by cable remains the best method in terms of speed and reliability.
    The router connected to the internet is known as the "gateway".
    The secondary router will now be called just an "AP" (access point).

    Set it up exactly as follows:
    • Give the new AP an address outside your DHCP range (e.g.
    • Confirm "Wireless Mode" mode set to Access Point
    • Put the the IP of the gateway (e.g. into the "Default Gateway" box
    • Put the the IP of the gateway (e.g. into the "Static DNS" entry box
    • Disable the DHCP Server
    • Use the same security settings and SSID as the main gateway
    • Decide what wireless channel to use for the AP - usually a different channel to the gateway - 1, 6, or 11 only please.
    • Connect a cable between LAN port on the AP and a LAN port on the gateway router
    Do exactly this. Don't do anything else that you "think" is necessary.

    You don't need to do anything at all to the gateway machine. You can use several access points if you want to.

    If you want ultimate stability on your gateway machine, you may choose to turn off the wireless and just use the AP(s) for wireless access. Without the complications of wireless, these routers are almost 100% stable and will usually stay up for several months or more.

    (from http://www.linksysinfo.org/index.php?threads/using-qos-tutorial-and-discussion.28349/#post-138463)
    momonth and zavar like this.
  7. zavar

    zavar Networkin' Nut Member

    If the AP is assigned a static IP on the gateway, is there any way to configure this on the AP so that the IP does not need to be manually configured?
  8. CardinS2U

    CardinS2U LI Guru Member

    no, you usually have to configure it manually. I leave .1-50 open to add more routers/statics to system/machines that needs them.
  9. personalt

    personalt Networkin' Nut Member

    Thanks.. I did what toastman said and it worked like a champ.. I was not 100% sure what
    "Change mode to AP only" meant but I took it to mean both of these things...
    * Under the wireless settings pick Access Point as type rather then WDS or other type
    * Under Advanced/Routing/Miscellaneous change “Gateway” to “Router” "

    Right away the DHCP flowed through and I got an ip on the original subnet. At first I tried to ping from my main network to the laptop on this AP and it didnt work. But it could have been a windows firewall issue as once I shared a folder on the laptop I was able to ping the laptop on the AP and I dont recall making any changes on the router.
  10. zavar

    zavar Networkin' Nut Member

    Thanks for the help with the setup folks. I'm using this configuration on my old Buffalo WHR-HP-G54 to provide a separate wireless G network from my wireless N. The only thing I changed from Toastman's recommendations was that I have different SSIDs for each network.

    Does anyone know what the DHCP Routes option on the Advance/Routing/Miscellaneous menu does? When I turned this option off, I wasn't able to access my router through the WAN port (configured to use for LAN in the Basic/Network setup).
  11. pwillikers

    pwillikers Network Newbie Member

    Hmm, I've followed these instructions to the letter but continue to have a problem. Devices wired to the "access point" connect and are assigned an IP address from the "gateway" just fine. On the other hand, wireless devices can connect to the "access point" but are not assigned IP addresses. I've reflashed the router and tried many configuration permutations to no avail.

    Any suggestions would be greatly appreciated. ("access point" is the latest Tomato on an ASUS wl500gp v2)
  12. FL Guy

    FL Guy New Member Member

    Thanks for the instructions. I've tried to follow, but it's not working for me, so I must be missing something.

    The symptom is that devices connected to the AP via wired connections (such as a blue ray player/media streamer) do receive IP addresses, but are not able to access the internet.

    One step that I'm not sure that I've done correctly is the following: "Make a Static DNS entry for the IP of the gateway". Is this intended to mean to make an entry in the list of DNS servers with the address of the gateway router? If so, I've done that...

    Any suggestions for what else I might be missing? Must be something obvious, but I'm not seeing it... Thanks for any suggestions.
  13. fubdap

    fubdap Addicted to LI Member

    Your main router (gateway) and your second router should be configure the same except for the following.
    On your second router you should:
    (1) Disable DHCP Server
    (2) Use an IP address outside of the DHCP pool of main Router, but in the same subnet
    (3) Under Advanced/Routing/Miscellaneous change “Gateway” to “Router
  14. FL Guy

    FL Guy New Member Member

    Thank you for the reply fubdap.

    I have double checked, and confirmed that the AP is set up as you described. Still no luck... Traffic from the media streamer (blue ray player) is not able to reach (find?) the Internet.

    a) This same configuration used to work, until the WRT54 router lost its settings a few days ago (before I loaded the Tomato FW).
    b) If I put a simple switch in place of the AP, everything works (except for the wi-fi features that would have been provided by the AP).
    c) Internet access via the main router works (as long as you are within range of the gateway router)

    So I believe that the gateway router is working, and the wired cable between the AP and the gateway router is in tact.

    Any other suggestions?
  15. fubdap

    fubdap Addicted to LI Member

    Check the cable connection between the two routers. Try a different cable.
  16. FL Guy

    FL Guy New Member Member

    Replacing the AP with a switch works - using the same cable between the two devices that was used with the AP. So the cable between the devices is working.
  17. vincom

    vincom LI Guru Member

    here is a config setup w/pics making a 2nd router an ap

    make sure internet is working on 1st router
    1st router connected to modem
    wan = to type of internet you have, in this pic its cable = dhcp
    lan settings:
    ip address
    dhcp enabled


    2nd router wired into lan port from 1st router lan port
    wan type = disabled
    lan section:
    set ip for 2nd router same subnet as 1st router , in this eg
    dhcp disabled on 2nd router
    default gateway/dns matches 1st router ip =
    works as a wired & wireless gateway/ap


    get mac address from 2nd router from the tomatoes menu "status>overview" button


    bound the 2nd routers mac & ip in the 1st router menu "basic>Static DHCP/ARP/IPT"

    Last edited: Jul 6, 2015
    momonth likes this.
  18. fubdap

    fubdap Addicted to LI Member

    @vincom - I have had my setup working without bounding router 2 mac and ip to router 1. What does that bounding do?
  19. vincom

    vincom LI Guru Member

    just makes s
    it wil work w/out as it justs makes sure that no other device can use the ip other than the ap, in this case router 2.
  20. Mercjoe

    Mercjoe Network Guru Member


    If you are hooked directly to the upstream router can you access both router UI's by direct IP?

    and when you are connected directly to the downstream outer? are they both still accessible by direct IP?
    dbaettig likes this.
  21. FL Guy

    FL Guy New Member Member


    Awesome, thanks. I had forgotten about connecting from the first router to a LAN port on the second router (doh!). I knew that, but had forgotten about this bit. I had disconnected and moved the second router / AP in order to connect to a PC so I could flash the Tomato FW into it.

    Pretty busy today, but I'll try this out later, and let you know if that resolves the problem.
  22. momonth

    momonth Network Newbie Member

    I'm puzzled with the same question, as I failed to access the AP's (aka downstream router) via the static IP I assigned to it.
  23. vincom

    vincom LI Guru Member

    answer to 1st quote > yes you can.

    answer to 2nd quote >are u trying wireless conection, u must enable wireless login access on downstream router or any router u want to login in from a wireless connection, iirc its disabled by default

    from admin gui

    Last edited: Oct 3, 2015
    momonth likes this.
  24. momonth

    momonth Network Newbie Member

    Thanks! Indeed, the 'wireless access' was disabled in my case. It now works as expected.
  25. Papka__

    Papka__ Addicted to LI Member

    I tried such setup some time before. There were 2 problems. Sometimes AP became unreachable for WIFI clients. AP was visible, but there were not possible to connect to. Second problem was, that I can't access AP GUI neither from LAN nor from WAN (using NAT). Have no idea why this not worked. So I installed on AP (only on AP) original ASUS firmware (it was RT-N12) and switched it into AP mode (actually exactly same setup you provided above) and such setup worked for me. No idea why it was not stable in Tomato-Tomato setup.
  26. Monk E. Boy

    Monk E. Boy Network Guru Member

    I have about a dozen routers configured as access points and wired to the actual gateway, and they're all Tomato-Tomato. Its possible something in your configuration was off.

    As far as the AP becoming unreachable, the RT-N12 (original model) has stability issues with every Tomato release I've tried to use it with. While it can work fine for long periods (as long as a few months) it eventually freezes and require a power cycle. I had mine running for over a year at first w/o any issues, but then they started seizing so I phased them out.
  27. dbaettig

    dbaettig New Member Member

    Dear all,

    I have followed this conversation with lots of interest and also searched for quite a while on the internet, but I am not able to find a solution to the following problem:

    I am not able to access the web user interface of my access point. Neither am I able to ping it. However, when I log into the user interface of my main router ( I can see that the access point is connected ( Also, the access point works just fine (LAN as well as WIFI).

    My set up is as follows:
    - Both devices are Netgear WNR3500Lv2 running Shibby Tomato v 1.28
    - Main router (gateway):
    - Access point:
    - Both have the same subnet mask (
    - Otherwise, my setup is pretty much as described in the above posts (cable from main router goes into LAN port of access point)

    I have tried to connect through WiFi as well as when being connect by cable to the main router or the access point.

    Does anyone of you have an idea how to fix this?

    I would appreciate any input.

    Thanks a lot in advance,
  28. vincom

    vincom LI Guru Member

    what error do u get when trying
    which browser.
    if pc ur using is connected to main router via ethernet or wifi(main routers wifi, not ap) it should work
    dbaettig likes this.
  29. dbaettig

    dbaettig New Member Member

    Hi vincom,

    thanks for your immediate reply.

    I have been trying with Chrome, Firefox and Edge.
    The error message is "The connection has timed out" in Firefox. In Chrome and Edge it is similar.

    Kind regards,
  30. ghoffman

    ghoffman Addicted to LI Member

    1. did you enable AP isolation in advanced wireless settings? this will prevent wireess clients form seeing anything on lan bridge i think.
    2. do you have separate vlans for lan and wireless? if so, you need to bridge them.
    3. is the .99 address within the dhcp range? if so, then another device may have that address also.
    4. AP should be configured as router, not gateway.
    5. clear your browser cache and renew your laptop IP address.

    like others have said, you will be able to access the gui interface on the AP if you have configured correctly.
    dbaettig likes this.
  31. dbaettig

    dbaettig New Member Member


    thanks for your message. Regarding your suggestions:

    1. I have just checked this setting in my main router. Isolation is disabled there and this is also the default setting. As I did certainly not change this on the AP (I was not aware of this setting), I think it safe to assume that this is not the reason why it does not work.
    2. No
    3. The DHCP range for IPs assigned by the main router (DHCP server) goes from to, hence there should be no conflict with the 99 one.
    4. Not sure about this. However, I am not able to check it... :-(
    5. Tried this; also tried on four different devices (wired and wireless) to connect - to no avail.

    I am getting more and more puzzled. Either there is something really evident that I have not grasped yet - or the only way out is a reset. Here my next question:

    What happens if I push the Factory Reset button at the back of the device? Will it go back to Tomato defaults - or will it destroy my router (obviously I have overwritten the Netgear default and flashed Tomato...).

    Thanks again for all your inputs!

    Kind regards
  32. gfunkdave

    gfunkdave LI Guru Member

    What happens if you plug a cable into the AP and try to connect to it?

    Did you disable the AP's DHCP server? Did you set the main router to the AP's gateway?

    The Gateway vs Router setting is under Advanced -> Routing.

    The reset button will clear Tomato's settings and leave you with Tomato as if it had been freshly installed.

    Have you tried unplugging the AP and rebooting it? Or, disconnect it from your network entirely, reboot it, and try to connect to it with a cable directly into one of its LAN ports.
    dbaettig likes this.
  33. Monk E. Boy

    Monk E. Boy Network Guru Member

    Did you connect the WAN port on the "AP" to one of the LAN ports on the "gateway"?

    Try connecting LAN1 on the AP to one of any of the LAN ports on the gateway.
    dbaettig likes this.
  34. rickmav3

    rickmav3 Connected Client Member

    Start from the scratch with the AP; double check each step; don’t do anything else:

    • Reset configuration on the AP.
    • Disable DHCP on the AP! Very Important!
    • If main router is on, make AP IP
    • Enter main router IP for Gateway and primary DNS.
    • Configure Wireless access on the AP same as main Router: same SSID, same security, same password. But different 2.4GHz channel! Make main router and AP distanced by 4-5 channels: ex: 11 on main, 6 on AP.
    • Connect LAN port from main Router to LAN port on AP.
    • Connect to Internet Wireless and LAN from the AP. Everything should work. Enjoy!
    Last edited: Apr 26, 2016
    dbaettig likes this.
  35. Monk E. Boy

    Monk E. Boy Network Guru Member

    When you disable the WAN port (or assign WAN to LAN) the default gateway field will appear on Basic -> Network. If the WAN is left at default (DHCP) the default gateway field will be hidden.

    This won't stop you from talking to the AP though, not unless you're using HTTPS. Without a default gateway set the router can't NTP its clock, which causes all kinds of encryption issues.
    Last edited: Apr 20, 2016
    dbaettig likes this.
  36. dbaettig

    dbaettig New Member Member

    Dear all,

    thanks again for all your valuable inputs.
    In the end, I simply reset the access point and started over, taking into account all your recommendations.
    Now it seems to work just fine. I can access both the main router's and the AP's web interface.

    Have a great evening!

    Kind regards,
  37. Monk E. Boy

    Monk E. Boy Network Guru Member

    Thanks for checking back. Sometimes these threads never get an update and we're collectively left scratching our heads as to what was the problem.
    koitsu likes this.

Share This Page