Recommended build for WRT54GL (Broadcom)?

Discussion in 'Tomato Firmware' started by kamchatka, May 28, 2018.

  1. kamchatka

    kamchatka New Member Member

    I have a WRT54GL router which is hooked up to my ISP's modem. I'm a standard user: internet via ethernet cable and wifi.
    Other data:
    S/N prefix: CL7B
    HW version: 1.1

    I'm looking for the latest recommended/stable build for my router which includes the KRACK fix.

    Thank you.
  2. Mercjoe

    Mercjoe Network Guru Member

    I am afraid to say that you are probably NOT going to get anything with a KRACK fix. It is simply too old.

    I have one of these old war horses and I used the last Toastman build for it and it was rock solid for years before I replaced it.
  3. eibgrad

    eibgrad Network Guru Member

    I agree w/ Mercjoe. Last person I recall around here who tried to do the same ran into numerous problems, including w/ dd-wrt.

    (got a little heated at the end)

    This is just the classic problem w/ using old hardware. Sooner or later it just can't do the job anymore, if only because no one is keeping the firmware updated anymore, or even checking that it still works properly when they do. Add to that vulnerabilities that keep cropping out, and the best I can recommend is relegating it to lighter internal duties (e.g., bridging, a VPN). Anything but primary router/gateway duties.
  4. kamchatka

    kamchatka New Member Member

    I guess it's my fault for not researching properly. When I bought it 2 years ago, I thought it was actually new.
  5. schnappi

    schnappi Networkin' Nut Member

    This works great (version includes OpenVPN and VLAN options):

    Other choices can be found here:

    The WiFi range isn't great (that being said no worse than some/many brand new routers) and to exploit KRACK one must be in range of the router. Depending on circumstances maybe this is acceptable risk and the above will work for you.
    Last edited: May 29, 2018
  6. maurer

    maurer Network Guru Member

    KRACK is exploitable on the router itself only if you use it as wireless client or repeater.
    Standard AP/gateway AP has no vulnerability.
    Krack will be exploited on devices with older firmware (before 11.2017) like android or IOS < 11.1
  7. schnappi

    schnappi Networkin' Nut Member

    @maurer is 100% correct. Was under impression that KRACK could also be patched at the router/ access point level instead of mitigating at device. This appears to be incorrect. A device vulnerable to KRACK is vulnerable regardless of the access point being patched.
  8. maurer

    maurer Network Guru Member

    There can be some mitigations possible at AP level - openwrt implemented it for OSS drivers - but might affect some devices connection
  9. Monk E. Boy

    Monk E. Boy Network Guru Member

    Yes, the KRACK mitigations on a router level can periodically create problems for clients, even fully patched clients who aren't vulnerable to KRACK. The correct approach to KRACK is to get all your clients patched. In the US this often means completely replacing devices because cellular providers don't believe in providing updates after a year or so, even if they're still actively selling the device. For all the gripes about class action suits, this is a case where companies are going out of their way to create conditions for one.
  10. peyton

    peyton Network Guru Member

    Have a look at freshtomato-mips build
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice