I Need Website For JTAG, How To Build A Serial Cable?

Discussion in 'Tomato Firmware' started by txnative, Feb 23, 2014.

  1. txnative

    txnative Networkin' Nut Member

    Does anyone know of a good website tutorial on building one(Serial Cable)? I am not sure but dd-wrt has info on Jtag?
  2. mstombs

    mstombs Network Guru Member

    Lots of information out there, JTAG not the same as serial console! You should consider a universal board such as tumpa, http://www.tiaowiki.com/w/TIAO_USB_Multi_Protocol_Adapter_User's_Manual

    which will give you both using usb - since serial and parallel ports are becoming less common.

    But what router, JTAG support for many newer routers not good, although there are encouraging developments in openocd etc.
    txnative likes this.
  3. txnative

    txnative Networkin' Nut Member

    I had wanted to build the serial cable just for I did it purposes as opposed to just buying one. Using the JTAG method was to maybe get a belkin F7D4302 running again. I had used the Shibby 116-EN F7D4302 mini.bin 3.8 mb file. All seem to take then the power light turned off on the router then it just never worked. A dd-wrt user had a similar incident but using dd-wrt firmware a mini.bin file to begin with then using different firmware of choice. Power led off, no use using 30-30-30 method or the WPS button in place instead of reset button for a 30-30-30. Created a static ip on either address or 1.100 default gateway set to either or 1.1 shutting power for 10 mins to 30 mins trying again. In the begining when I started the firmware update none of the trx files wouldn't run. Then I remember on the dd-wrt had a .bin file to start with then upgrading to a firmware that had vpn and other programs that come with the firmware. I'll check out the posted link and thanks for the response.
  4. lefty

    lefty Networkin' Nut Member

    which is it you want? serial cable and jtag are 2 totally different types of interfaces and cables..
  5. RMerlin

    RMerlin Network Guru Member

    For serial, you need a TTL level adapter anyway, it's not just a straight cable. Might as well hit eBay and get a serial cable with built-in FTDI - I got two of them for under 10$ last year.
  6. txnative

    txnative Networkin' Nut Member

    I found information about a member at dd-wrt had a problem much like mine, I don't know what size firmware he started with dd-wrt and attempted to tomato he has the F7D4301. I have the F7D4302, I flashed with the shibby mini.bin(3.8 mb) from tomato.groov.pl then power shut off on the router no intervention from human nor electrical, no access whats so ever, you can feel it get warm that is it. His member name Cam1878. I will have to duplicate his method, follow the instructions.


    I probably will buy the cable. (My thought was to have the experience in building it?)
  7. txnative

    txnative Networkin' Nut Member

    Read the reply I had sent to Lefty on why I have to do this. Thanks for replying.
  8. koitsu

    koitsu Network Guru Member

    Regarding serial: I wrote such a document many years ago (document is dated July 2004) when the WRT54G v1 and v2 were popular.


    The pinout for your router may be completely different, however. But the overall methodology is the same, assuming that the voltage levels output on the serial port on your router are identical to what's on the WRT54G. This is what the little AD233BK and related chips do, amongst other things.

    It's a hell of a lot easier to just buy a pre-made cable as @RMerlin stated. It's not worth the pain or time, trust me.
  9. Mangix

    Mangix Networkin' Nut Member

    JTAG is not really useful. Unless you've somehow broken the bootloader, serial is easier and cheaper to work with.
  10. mstombs

    mstombs Network Guru Member

    JTAG was essential for some older routers for which even the CFE bootloader would not start due to corrupt/incompatible nvram vars. 2 hours to solder in jtag header, 2 seconds to clear nvram. See the original HairyDairyMaid utility and docs here:-


    The CPU speeds, memory timings, mac addresses and often even the reset_gpio are stored in nvram (so reset button doesn't work). Easiest way to corrupt bootloader nvram now is to load a firmware with wrong nvram size 32/60/64kB.

    The vulnerability is clear in some Broadcom CFE code I have examined - nvram vars are used without validation before checking integrity of whole nvram. Just fixing some of these issues makes later bootloaders more robust and more amenable to serial console recovery.

    If serial console port working it is often possible to interrupt the CFE boot, clear the nvram (if empty it will reset to defaults) and upload new firmware via tftp or CFE miniwebserver if available.

    May take a few attempts to get the CTRL_C at correct time, a fraction of second after power up, especially if router stuck in a boot-loop (crashes and reboots every few seconds).

    Fully agree 3.3V serial console cables more useful tool than JTAG, also useful for developing code, viewing error messages, recovering for routing misconfigs etc, I have both MAX3232 serial port and $2 DKU-5 clone usb ones.
  11. txnative

    txnative Networkin' Nut Member

    A member from dd-wrt had posted a similar problem. He used a jtag and posted his results. My thoughts were, he had posted some of the same problems with his Belkin F7D4301, and I had gone through some of the traditional methods of trying getting a response from the Belkin F7D4302 to get into the CFE mini server, I tried even using the TFTP.exe.(nothing) His information didn't mention using a serial cable with built in FTDI. Maybe the bootloader got screwed a bit like you mentioned. I am just getting information and reading on the jtag for now, unless using the serial cable will get the problem resolved? Maybe read his information on the dd-wrt link I had posted on left's reply on this thread, all this information the forum here is helpful but before I really go out and buy what I need. Maybe one method will be useful than the other or just doesn't apply?
  12. txnative

    txnative Networkin' Nut Member

    I had read that and noticed it on a few sites relating to older models. I am also aware that since I notice the belkin present state is non responsive to any pings, tftp, hard reset holding reset 30-30-30, even using the wps button instead of using reset button gives no response. The light doesn't even come the router during any process that I do while doing what I mentioned above. The only thing I found that was interesting on the web was a member using dd-wrt trying to switch to tomato and went wrong just like my problem, you'll have to read the link I had placed on lefts previous earlier thread. Thanks for responding again mstombs and I had went through much of the link you place earlier also.
  13. Mihai Olimpiu-Cristian

    Mihai Olimpiu-Cristian Networkin' Nut Member

    I really doubt your Belkin router is bricked... You just think it is.... Load the CFE interface by holding reset and plugging in power cord, still holding reset for 5 secons or more.
    The CFE takes adress from nvram, so try all possible combinations,,, or whatever adress you had last time.
    If the router is bricked it won't be possible to reset to the default 2.1 adress Belkin uses so try to remember what adress you had last time (Maybe other CFE's load on default adress, but I accessed mine on something like so... :( )

    I bricked these routers hundreds of times (ok, ok, 10 times)... Everytime the CFE did it's job and saved my ass!
    I also flashed those minis, but it still lives. To load CFE interface just point your browser to those addresses while you are on the same subnet, while using a wired connection. :)
    Oh, I know it's too noobish but I've met even worse... If router is on, your PC should have an adress like subnet
    P.S.: Sorry for first post but Android doesn't get along with this forum... I edited the message so it is readable by a human now :)
    Last edited: Feb 24, 2014
  14. mstombs

    mstombs Network Guru Member

    If the router has a bad firmware load you would expect it to boot-loop and/or stick at the bootloader prompt. You would see boot-loop by leds going through regular sequence, so maybe it just sitting waiting?

    Definitely worth trying just this step from dd-wrt

    The 2.1 IP address is unusual, but seems to be Belkin CFE default, default on other routers is usually 1.1, need compatible IP range set on PC.
  15. txnative

    txnative Networkin' Nut Member

    I've done what you described in earlier parts of this post since this problem began, and I still will in different variations. I know it still there in one way maybe it is taking longer to load or looped? I won't give up and the other with using JTAG or serial methods are just something I would have to resort, but I got to know information about using it on this particular model thats all, even for knowledge sakes. Thanks for relying
  16. Mangix

    Mangix Networkin' Nut Member

    I will say that last time that I bricked a router(where the bootloader broke) none of the lights came on.
  17. txnative

    txnative Networkin' Nut Member

    Unfortunately there is no lights going on even when I plug in the power also letting it sit then using the methods hard resetting, or using wps button during a hard reset 30-30-30. Setting up static ip on pc in different ranges either for a belkin ip gw or gw pc 2.100 or 1.100. I will continue to do that and use the tftp while pinging the router using -t -w 2 settings. Thanks again for your reply.
  18. txnative

    txnative Networkin' Nut Member

    as I observed the intial loading of the firmware all seem to well with the time counting down power light was doing its blinking then it went off so I let it sit 10 mins and came back it was still of no active ip from router so tried to restart, the indicator light didn't on from there setup a static ip on pc gw even with light off it timed out trying to get in. Then I tried static ip gw still timed out. I did the 30-30-30 with reset button, no light had done nothing to indicate that it was working while doing 30-30-30 with reset button or wps button method.

    Ok I am able to get to the CFE on ip Static the pc ip gw that was setup as usual did hard reset, holding reset button technique, setup a ping with -t -w 2 before it didn't get a response but this time it was ping the Now when I try to load the F7D4302 mini.bin located in the 116-EN it would say successful rebooting but never really rebooted although the ping in cmd had stopped the router never rebooted the pc connection didn't stop, so i switched the ethernet connection back to obtain ip automatically and failed to connect, pulled the power plug waited 30 seconds plugged back in, no light pc connection failed again to obtain ip automatically. Restart again to with pc static ip gw did a hard reset with reset button and try to get to the web gui and time out. So unplugged power redid pc static ip to gw to cmd ping plugged the power back in and hard reset again reset button, started receiving response from open page to web gui to CFE mini that is were I am at now. One other thing to mention it doesn't like the .trx I read that changing it to .bin worked for another user on dd-wrt. Any thoughts?
    Last edited: Feb 25, 2014
  19. Mihai Olimpiu-Cristian

    Mihai Olimpiu-Cristian Networkin' Nut Member

    Shibby's minis are broken for this router, flash Dd-wrt mini or toastman's.first. Shibby 's firmware only works up to V112 on RT-N branch, use RT or V112.
  20. txnative

    txnative Networkin' Nut Member

    That was my conclusion on the shibby mini.bin, hopefully he'll recongnize the problem on this particular file and the .bin is more suitable then using a .trx or that probably something else? however dd-wrt was successful. From the dd-wrt site install the first mini.bin then the big or mega file. All works outstanding as far as doing testing on bandwidth and wireless connection speed test and configurations for wireless 2.4 and 5ghz. After you posted your input on keep trying its there, I was able to get into the CFE you would have to read that on the previous threads. It seems that when the light is off throughout the ordeal you don't really know if anything is working on a hard reset of any kind, but since i did the cmd prompt pinging the with -t -w 2 it was getting replies. Then I knew I could get to it, just didn't know shibbys file didn't work. After dd-wrt mini was installed the green light came back LIFE again. For those who gave information and the additional posts on the JTAG and Serial is very informative for more indepth issues within a router and other devices another world to look into.
  21. txnative

    txnative Networkin' Nut Member

    I suppose when a update comes for this router by shibby or other supporters that have a good firmware for this model belkin F7D4302 the transformation back to tomato should be a matter of 30-30-30 hard reset then firmware update tab(dd-wrt firmware router)update with tomato firmware? Is that correct?
  22. Mihai Olimpiu-Cristian

    Mihai Olimpiu-Cristian Networkin' Nut Member

    Yes, 30-30-30 reset is correct or you could simply update the firmware and tick the ERASE NVRAM checkmark.
    These routers need a trailed build, I usually use DD-WRT's mini then go to whatever Tomato version I want.
    Sometimes the router just doesn't reboot, leave it as it is for 10 minutes then simply unplug and plug it in again.

    More info if you want to stick to Tomato:
    Use RT-N V112, it's what I use, it's fully working and pretty new, you don't gain anything new from upgrading on Shibby's branch. RT-N V114-115-116 cause a bootloop on almost all Belkin Routers F7d43xx 33xx etc.. except for F7D4301 or F7D8301.
    With Toastman you can use RT-N VPN, it's complete, on Shibby on RT-N v112 you can use BIG-VPN, on later revisions if it will ever work again you have to downgrade to NOCAT or plain VPN because the new driver is pretty big and it doesn't fit in the flash anymore (Damn, bring back the old driver!!!).
    If you only use the router as an access point use the RT branch by shibby it works on every version, but advanced modes like Wireless Ethernet Bridge don't work from my experience!

    P.S.: Told you it's not bricked!
  23. txnative

    txnative Networkin' Nut Member

    Mihai Olimpiu-Cristian Thank you for your input and suggestion on a working shibby build for this belkin F7D4302 also shibby has mentioned that some of the builds are getting to be to big for these smaller 8 mb flash memory I wonder if he'll make some fundamental changes to try to keep under 8 mb for this model type and others too? I'll keep what dd-wrt has for now but I'll look towards Toastman build for future interests along with other mods from shibby, victek etc with more investigations of what works and don't. Have a Great Day
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice