Access modem in bridge mode without direct connection?

Discussion in 'Tomato Firmware' started by Vezado, Jul 10, 2009.

  1. Vezado

    Vezado LI Guru Member

    My adsl modem, in bridge mode, has a static IP of so that i can access the web gui when i connect to it directly. Is it possible to add something to the routing table, startup scripts or anywhere else to allow access from the lan?
  2. Toastman

    Toastman Super Moderator Staff Member Member

  3. Vezado

    Vezado LI Guru Member

    Perfect! That's exactly what I've been looking for, thanks.
  4. philtrim

    philtrim Addicted to LI Member

    Toastman, will this work just the same if your bridged
    modem is on the same subnet as your router/Lan?

    My modem currently is on the same subnet, and I just wanted
    to take a peek at my stats without disconnecting, and reconfiguring
    my modem.

    Is having the modem on the same subnet as your LAN/Router a bad idea?

  5. Toastman

    Toastman Super Moderator Staff Member Member

    Bad idea. It needs to be on a different subnet. Try this setup exactly, after changing your modem's address to, and it should work.

    in init script box:

    #Assign an address to vlan1 port in different subnet
    sleep 10
    ip addr add dev vlan1 brd +

    In firewall script box:

    #Route anything for this subnet via vlan1
    #and access the modem at on vlan1
    iptables -I POSTROUTING -t nat -o vlan1 -d -j MASQUERADE
  6. philtrim

    philtrim Addicted to LI Member

    Great, and easy explanation for the novice user, like myself!

    I will apply and confirm my results when completed.

  7. philtrim

    philtrim Addicted to LI Member


    It worked as advertised!

    You guys are very talented, and eager to share your wealth of experience with others with far less knowledge of Tomato/routing/Linux, including myself.

    This forum, and others like it, are some of the greatest platforms for learning available, and I would recommend them to anyone wanting to learn new or unfamiliar technologies.

    It is very much appreciated.

    Keep "Paying it forward"

  8. Bill_S

    Bill_S Network Guru Member

    Toastman, if my router is set to address and the rest of the networked devices are in the range of - 254. Can the modem be set to and work with those scripts, if I just change the addresses in the scripts? My modem is set in the bridge mode and I am not sure how to access it to change it's address. The default address of the modem is and I didn't change it.
    If changing the script addresses is ok, which ones would I change and what would they be changed to.
    Thanks for any help you are able to give.
  9. Toastman

    Toastman Super Moderator Staff Member Member

    Plug your LAN cable into the modem. Set your IP address for the PC's LAN card to say and the gateway to Log into your modem and change it's IP address. That's it. It generally takes about a couple of minutes.
  10. Bill_S

    Bill_S Network Guru Member

    Ok, was able to change the IP address of the modem to and I added the two (2) script files to the router and then rebooted the router. I attempted to access the modem but the browser says it is taking to long and times out.
    By the way, I already had a script in the Init area and one in the WANUP area dealing with ad blocking. In the Int area I just added the script below the ad blocking script, is that ok?
    Any idea what I should do?
  11. Planiwa

    Planiwa Network Guru Member

    192.168.0.whatever -> 192.168.122.whatever

    everywhere in

    I have edited that post to include a pointer to a more complete treatment. Might want to read that.
  12. Toastman

    Toastman Super Moderator Staff Member Member

    Nope :confused: Generally, if this doesn't work, it is because you have made an error somewhere. Just work through things slowly.

    Make things simpler for yourself by removing your other scripts for the moment - you can put them back later.

    Check that the vlan1 port has accepted the assigned IP address by pinging If that works, then try pinging the modem (assuming it responds to ICMP pings). If it responds, then the GUI should also come up. Many modem/routers (such as Zyxel) are very hit and miss on this, often there is no response until it is rebooted several times or your web browser has had its cache refreshed.
  13. Bill_S

    Bill_S Network Guru Member

    I removed all scripts and just installed these:
    #Assign an address to vlan1 port in different subnet
    sleep 10
    ip addr add dev vlan1 brd +

    #Route anything for this subnet via vlan1
    #and access the modem at on vlan1
    iptables -I POSTROUTING -t nat -o vlan1 -d -j MASQUERADE

    Then tried to ping and got no responce?????

    The router is a WRTSL54GS running a version of Tomato 1.25 and the modem is a ADSL Thompson SpeedTouch 510v6 running firmware version

    Any ideas as to why it doesn't seem to setup the vlan1 port?
  14. Toastman

    Toastman Super Moderator Staff Member Member

    At least it seems now we know why it isn't working. Anyone got any ideas how to debug this?
  15. Planiwa

    Planiwa Network Guru Member

    My ideas are of no use to those who won't read what I post for their benefit. :-(
  16. Bill_S

    Bill_S Network Guru Member

    Ok, I found the problem, it was the router itself. I had a spare WRT54G v3 so I replaced the WRTSL54GS. Both were running the latest version of Tomato (v1.25.1720) and both were setup identically, including the router access scripts. Once the WRT54G came on line I could ping and then log in to the modem.
    Sorry to have caused any problem but at least we found the problem. I am not sure if the router is faulty or Tomato just doesn't function well with this model.
    By the way, I just added the new scripts to the bottom of the ones that I was already running so there seems to be no conflict.
    Thanks again, you guys are really helpful and I and I am sure the rest appreciate your assistance.
  17. Toastman

    Toastman Super Moderator Staff Member Member

    Sounds like some problem or rather, difference, with the GS. Unfortunately I've never even seen one locally so can't offer an opinion, but if you can get it going it is a much better router.

    If you are going to dump it, please remember me :biggrin:
  18. Bill_S

    Bill_S Network Guru Member

    I cleared the NVRAM on the WRTSl54GS flashed it with the latest factory firmware, pressed the reset button to make sure it was at the factory default then installed Tomato 1.25.1720, cleared NVRAM again then installed the script for accessing the modem and it failed again.
    I had a WRT54GSv1.1 so I flashed it with the Tomato 1.25.1720 just to see if it may be the GS version that had the problem. It isn't, the script worked and I could access it through the router. I guessing, but based on those test, I would assume that the WRTSL54GS has some type of problem with the setting of VLAN's. I had no problem with the script on a WRT54G, that I also tested.
    Hope that helps someone in the future.
  19. mstombs

    mstombs Network Guru Member

    I seem to remember the interface names are different on a wrtsl54gs - vlan1 is normally the Internet Ethernet Wan port, but maybe you have eth1 (which is normally the Wireless) or something - can you post the output of "ifconfig", obscure any MAC or IP addresses with XX... before posting.
  20. Bill_S

    Bill_S Network Guru Member

    Yes, I will be happy to post it but before I do, do you want it with the wrtsl54gs acting as the router or do you want it with my current router, a WRT54GSv1.1?
  21. AlterEgo

    AlterEgo LI Guru Member

    Although a old thread however since I needed to do the same task on my Linksys E3000 I would like to share my two cents for the community, its been a after a long time I am refreshing the old skills put to work.

    I am now running Linksys E3000 (originally a WRT610N but reborn after CFE upgrade as E3000) with the following tomato shibby mod
    Tomato Firmware 1.28.0000 MIPSR2-121 K26 USB Big-VPN
    Router IP is
    Have connected a 2GB USB flash drive to the router, formatted as Ext2/3 for primary partition and some space for a swap partition as well.

    My DSL modem is Aztech (dont remember the modem model, single DSL line and USB port) which is running the custom firmware [CODE} RouterTech AR7RD Custom Firmware ( v2.95 ) [/CODE], so I can access the modem internals via telnet as well.
    Modem IP is

    There whole reason of being able to access the DSL modem running in PPoE bridge mode behind the router was to be able to somehow automatically detect if the modem link is down/out of sync and reset the modem.

    So as guided I experimented with scripts guided in this thread , and similar ones around the internet, to be added to the init and firewall section of the router firmware, however it was not working and something was missing. In the end the slight variation of the scripts, which worked out for me (presumably with the command to auto detect the port of the WAN side connection) were

    sleep 5
    ip addr add dev $(nvram get wan_ifname) brd +
    sleep 5
    iptables -I POSTROUTING -t nat -o $(nvram get wan_ifname) -d -j MASQUERADE
    Hence first objective of being able to access the modem (whether connected to the internet or in disconnected state) was acheived.

    I know on the shibby main page (Basic) there is an option to the directly given the modem IP and make the access available without the hassle of adding the scripts and trying out to see if they work. However what I experienced is that the access worked fine if the modem is connected to the internet , however if the modem was in a disconnected state then entering the modem's IP address will not open its configuration page.

    This kills the whole purpose of being able to detect when the modem is actually disconnected and to be able to reboot it. Hence i reverted back to the method of utilizing the scripts option. Maybe because of my limited knowledge to make the built in option work according to my purpose.

    Second objective, check the internet connectivity periodically. For this I made a custom script as follows and placed it in the /opt/bin/ folder inside the mode, /opt/ is actually symlinked to the USB flash drive primary partition, hence the script actually resides on the USB flash drive. I use WinSCP (SCP / PORT 22) to move and place files around in the router's firmware.

    I call this script as (placed in /opt/bin/)
    x=`ping -c2 2>&1 | grep 100%`
    if [ ! "$x" = "" ]; then
      gpio enable 3;
        sleep 5;
      gpio disable 3;
      PRINT="Modem Failure and Restart-Soft Reboot @ "$DATE;
      echo $PRINT >> /opt/modemlog.txt;
    Without much technical explanation (most of which I have forgotten), the above scripts listens for ping replies from the given IP address, if ping is responded within defined parameters (which means internet is alive) then nothing happens. If ping is not responded or 100% packet loss then it branches into another script, at the same time it turns a LED light on the router (via GPIO command, to show me that disconnection had occurred ) and it also prints the date/time of this disconnection in a text file called modemlog.txt.

    Using the Scheduler in the tomato firmware , I have enabled the Custom 1 option to run every day of the week after every 3 minutes. The script name is given the command window as "/opt/bin/"

    Third objective, reset the modem when the internet disconnection is detected via the first script mentioned above. It is run by another script which actually is branched into by the first script(as mentioned above ).

    I call this script as (placed in /opt/)
    sleep 2
    echo root
    sleep 2
    echo Admin
    sleep 2
    echo /usr/local/bin/
    sleep 5
    ) | telnet > /opt/session.log
    Cutting it short, it opens an internal telnet session from the router to the modem, passes the login username and password, and then runs a pre-delivered script inside the modem firmware to reboot the modem, optionally prints the details to a session log.

    The above mentioned of course was achieved after quite some hit and trials and the help/support of the experts on this excellent forum and some others around the internet.

    I thought it would be a good idea to share back the set up I was able to make for myself, which mostly works fine for the intended purpose.

    I wonder if the devs like Shibby or Toastman would be able to build a similar functionality inside their firmware builds to acheive the same. The Init and Firewall scripts for me were working fine however don't work at other times, hence modem access is lost.

    Please post your comments and suggestions if you liked the idea and maybe some further optimizations can be done to it.

    Thanks for reading.

    Looks like scripts in the Init and Firewall section only keep the modem access alive for some time. Trying to get some help on it
    Last edited: Oct 3, 2014
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice