Bridge Install

From DD-WRT Wiki

Jump to: navigation, search


[edit] Bridge Mode Install (Client Bridge)

I was having trouble getting OpenWRT to do any sort of bridging with my Belkin A/G ap, so I'm trying out bridge mode using DD-WRT.

Hardware: Linksys WRT54G V2 / Belkin A+G Dual Mode AP Router F6D3230-4 firmware 1.01.05

[edit] Flashing from OpenWRT and getting to the GUI

I figured I'd give it a go to just use the 'upgrade firmware' link in OpenWRT to flash DD-WRT2.3-voip. It worked, using a laptop and my Belkin A mode WLAN connection. Once the flash was rolling, I did an

ifconfig eth0

to bring up the laptop ethernet connection to the Linksys. Then brought up the GUI. Now to figure out the default username and password. Ok, default username is blank. Default password is admin.

[edit] Configuration

My local network is, my Belkin is at, ssid examplessid, channel 1, WPA-PSK, with a 63 character passphrase. (The Belkin does not allow a 64 hex key to be entered, only a passphrase.)

[edit] Setup

[edit] Basic Setup

First page, Internet is disabled (I use another PC as a gateway connected to my cable modem). DHCP server is also disabled, I use static IPs in my LAN.

  • Assign WAN port to Switch - enabled
[edit] Advanced Routing
  • Advanced Routing
    • Operating Mode - Gateway

[edit] Wireless

[edit] Basic Settings
  • Wireless Mode - Client Bridge
  • Wireless Network Mode - Mixed
  • Wireless Network Name (SSID) - examplessid
[edit] Wireless Security
  • Security Mode - WPA2 Pre-Shared Key (The Belkin calls it WPA but allows me to use AES, so from what I understand that would be WPA2
  • WPA Algorithms - TKIP+AES (I used AES on the Belkin but I'm unsure about the Group Key, so this can't hurt.

There is a problem here. The Belkin only allows a 63 character passphrase. The DD-WRT requires the actual hex key. I've tried to figure out how to deal with this but I got nowhere. I think this is the root of the problem of getting WPA mode to work for me... see below.

I had to change security mode to 128 WEP, on both routers. It should have worked, if WPA works at all in these routers, but as I don't have all week to sit here and figure it out, I fell back to WEP. My suggestion for the DD-WRT interface is that it allows entry of either a passphrase or key, and handles the conversion itself. This would allow use of routers like the Belkin that only allow passphrases.

[edit] Security

[edit] Firewall
  • Firewall Protection - Disabled

[edit] Administration

[edit] Management
  • DNS Masq - Disable
  • Local DNS - Disable
  • 802.1X - Disable
  • NTP Client - Disable
  • Loopback - Disable
[edit] Services
  • SSHD - Enable (This probably should be the default)
  • Telnet - Disable (This probably should be the default)

[edit] Conclusion

I got nowhere further with this than I got with OpenWRT. It was a waste of time. Both OpenWRT and DD-WRT still, as of version 2.3, cannot do a client mode connection to an AP using WPA security, where the AP being connected to is using a passphrase, and the client is using a key. This is my assumption, because others have gotten it to work with other routers, which must have been using a hex key and not a passphrase. Pleas enlighten me if this is not the real problem here.

Note: I am a CQT specialist for a high-security wireless hardware company, as well as a system administrator for Linux systems. If someone either corrects me or confirms my findings, I will be happy to do something to contribute to the effort and fix this problem.