Joined: 07 May 2007 Posts: 1 Location: KS/Hessen/Germany
Posted: Wed Feb 27, 2008 10:52 Post subject:
Hi all,
as I was the one, who has bricked the AG108, I have now, by the help of Tornado, fully recovered the AG108.
So, what was the issue:
1) I have installed RC6.2 via the web-interface. The issue is well known, so everybody knows, the kind of problems, I got with that.
2) Based on some readings, I found the file:
RedBoot_config_gdb.rom and have tried to upload that via tftp, when the Router starts to boot. AS REPORTED, THIS HAS BRICKED THE DEVICE.
3) Even no serial was available at that time anymore.
4) I have asked Tornado to help in recovering by using JTAG.
What we figured out:
1) There is a 14-pin JTAG header on the board. This 14-pin header has the following layout:
This header is fully MIPS EJTAG 2.6 compatible and described in the EJTAG 2.6 standard. The 14-pin header has the following arrangement of JTAG signals and pins:
The "pins" are not populated, so you have either to solder pins in there, or find another way to connect to it.
2) Personally I have built a DLC5 JTAG cable, as described on different pages.
3) You NEED to put pin-1 of the JTAG header to logic-high (by putting a resistor of about 100 Ohm between pin-1 and pin-14). This ENABLES the EJTAG bus on the Atheros processor.
4) BEFORE starting to reflash the device, put proper grounding. For me it worked out, to put a cable between the PC-chassis (of the PC running the tjtag sofware) and the ground of the router. Without this grounding the DLC5 was highly unstable and loosing data. I guess, that a wiggler connection would be more stable, but DLC5 was much more easy to build for me.
5) Reflashing can now be done by JTAG. There are different possibilities. But there are TWO things, that we need in the flash as a MINIMUM:
a) The redboot boot-loader
b) The board configuration data
If you DON'T erase the whole flash, maybe it's enough to reflash the redboot part (first 320K).
NOTE: If you go this way, you need a serial cable, to get in again.
If you flash after the redboot part also a redboot.config (Tornado is working on such a recovery-kit) you can get in via telnet much more easily, and you won't need a serial cable.
If you have erased the whole flash you need also to put in the board-configuration data, as every kernel is looking for that. This is located at the very end of the flash, even BEYOND the fis list of redboot. Also here Tornado is working on a very smart solution to put that into the flash by tjtag.
6) As soon as this is done, you can get into the router via telnet/serial again. Now you can go for the documented redboot-procedure to put the linux-kernel & rootfs on it, create the fis-table and reboot the device.
Hope that this helps. If there are missing details/issues, please let me know.
Operator your getting the driver timed out error because you are using the old flash locations and it does not have enough space to write the whole file, follow the guide on the wiki and it will work
Tornado,
if you want to revert WHR-HP-AG108 to the original Buffalo firmware, below you will find some instructions which I've received from holgi. Unfortunately I haven't got time to verify them, so use them on your own risk.
Tornado,
if you want to revert WHR-HP-AG108 to the original Buffalo firmware, below you will find some instructions which I've received from holgi. Unfortunately I haven't got time to verify them, so use them on your own risk.
Hi. i got a bricked Buffalo 108 recently but unfortuantly the RedBoot_config_gdb.rom is not online anymore. Can someone please post it maybe on one of the one-click-hosters for example. i can't find it anywhere.
@pug306d: Thanks guy.
@ all involed in the wiki entry: Thank you too. It just worked fine for me.
But know my last question: What dd- version can i put on that thing, because I was looking forward to implement an openvpn connection? Am i just stupid, because i haven't found a single entry for that topic and just one dd-wrt version.
Because it only has a 4mb flash you can't get any of the builds with openvpn installed, you will have to use the PPTP server/client thats standard on all the builds