yesterday i did some misconfiguration with my DD-WRT (dev-NET erte-erwe), ipact I cannot access trough web or LAN port or event wireless client.

- cannot ping (both wireless/LAN)

- cannot access ssh

- cannot access webadmin

- internet is OK (i can surfing)

unfortunately the AP was paced in tower, its dificult to reach again. finaly i googing and found this article. howto reset by ssh.luckily i can access it from remote machine over Internet, so by SSH to this dd-wrt i run this command

laptop ~~~X~~~>AP (wds dev-NET erte-erwe) -----OK---->AP1

laptop -------X--------> LAN (dev-NET erte-erwe)-----OK--------->AP1

reset procedure

Laptop ---------> {internet }------> router (dev-NET internet)------> Proxy ------> AP1 -OK---->AP (wds dev-NET erte-erwe)

DD-WRT v24 std (c) 2007 NewMedia-NET GmbHRelease: 12/26/07 (SVN revision: 8687)
root@192.168.1.1's password:
==========================================================

____ ___ __ ______ _____ ____ _ _
| _ \| _ \ \ \ / / _ \_ _| __ _|___ \| || |
|| | || ||____\ \ /\ / /| |_) || | \ \ / / __) | || |_
||_| ||_||_____\ V V / | _ < | | \ V / / __/|__ _|
|___/|___/ \_/\_/ |_| \_\|_| \_/ |_____| |_|

DD-WRT v24
http://www.dd-wrt.com

==========================================================

BusyBox v1.4.2 (2007-12-26 01:05:19 CET) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

root@erte-erwe:~# mtd erase nvram;reboot
Unlocking nvram ...
Erasing nvram ...

have a nice experinece with dd-WRT

Suwidi

Factory Defaults

From DD-WRT Wiki

Jump to: navigation, search

Every router comes from the factory with certain options set on it. These options determine operating characterstics of the router under the factory firmware. See also Reset And Reboot for additional info on this topic (merge needed).

[hide]

[edit] NVRAM

Merge needed with Hardware#NVRAM.

Every router has a memory chip inside that stores persistent settings between reboots. The NVRAM is also retained between flashes of different firmware versions or even different firmwares!

It is necessary to reset the NVRAM between flashes so that the new firmware encounters known values in the NVRAM.

For example, let's say that Firmware A sets the imaginary variable run_masq to "/usr/bin/masqrun", and this command is run at startup. Now, let's flash the router with Firmware B, which reads the run_masq variable determine whether the router does masquerading. Firmware B expects a boolean value here, such as "1" or "0". In the best case scenario, Firmware B will just throw an error and gracefully continue booting, but there could be cases where it errors out so badly that it bricks the router or makes it unbootable.

[edit] Configuration Save/Load

When you use the DD-WRT Web GUI to save your settings to a file, you are dumping the NVRAM settings to a binary file. Because of this, you should only use this feature to restore settings on the same router with the same firmware version. Again, do not restore setting backups from previous versions as mentioned in the forum.

[edit] Resetting to Factory Defaults

NOTE: This will not restore firmware to a previous state, it only clears the settings. Here are the ways that you can Reset to Factory Defaults.

[edit] Via the DD-WRT Web GUI

Under Administration -> Factory Defaults

[edit] Via the reset button on the router

Press and hold the button while the router is on, and keep holding it about 30 seconds. On different models you may see rapid flashing of a LED, or a red error or diagnostic LED. Wait for it to return to normal operation (typically power-LED on solid). Normal behavior here is for it to not actually clear the NVRAM. Many people think of it and phrase it that way. What it is supposed to do is return all settings to factory state. If you added new non-factory variables, they should still be there after this type of reset.

Holding down the reset-button while plugging in the router achieves a different goal. Here the bootloader is in charge, so getting it to clear the memory for you may have different results. Some platforms will completely empty the NVRAM and depend on another stage of the bootloader or firmware to repopulate it. On some less-supported hardware this may have unpleasant results.

[edit] From the Command Line (Telnet or SSH or Web GUI)

Log into the router over SSH and run the command:

mtd erase nvram;reboot

Note that some versions of DD-WRT may be missing the reboot command.

You can also run this command under Administration -> Diagnostics in the DD-WRT Web GUI.

[edit] Messing with the Router Insides

There are ways to physically short certain pins/traces inside the router in order to reset the NVRAM. VERY DANGEROUS! You can physically damage the flash memory chip and TRULY "brick" an otherwise working piece of hardware this way. Every other avenue of unbricking should be tried multiple times before resorting to this.

[edit]

here my tutorial base on,

dev-NET interet now server dev-NET(erte-erwe). this solution base on RT/RW network. previously RT/RW net is invent by Mr Ono W Purbo the expert IT system in Indonesia

RT/RW net is the solution for neighborhood internet connection. to reduce internet payment. each neighborhood is shared internet by others
dev-NET erte-erwe was tried to serve internet to neighborhood. this servise maintenance by Suwidi (suwidi.or.id) as owner of dev-NET.

dev-NET has SLOGAN "internet sehat dengan paket SEPUASNYA"

1.2. Decide On Your Configuration
Prev	Chapter 1. Preparing to install	Next

1.2. Decide On Your Configuration

1.2.1. Network Interfaces

IPCop defines up to four network interfaces, RED, GREEN, BLUE and ORANGE.

1.2.1.1. RED Network Interface

This network is the Internet or other untrusted network. IPCop's primary purpose is to protect the GREEN, BLUE and ORANGE networks and their computers from traffic originating on the RED network. Your current connection method and hardware are used to connect to this network.

1.2.1.2. GREEN Network Interface

This interface only connects to the computer(s) that IPCop is protecting. It is presumed to be local. Traffic to it is routed though an Ethernet NIC on the IPCop computer firewall.

1.2.1.3. BLUE Network Interface

This optional network allows you to place wireless devices on a separate network. Computers on this network cannot get to the GREEN network except tightly controlled "pinholes", or via a VPN. Traffic to this network is routed through an Ethernet NIC.

1.2.1.4. ORANGE Network Interface

This optional network allows you to place publicly accessible servers on a separate network. Computers on this network cannot get to the GREEN or BLUE networks, except through tightly controlled "DMZ pinholes". Traffic to this network is routed through an Ethernet NIC.

1.2.1.5. Network Interfaces

Your firewall will need at least 1 Ethernet cable and network interface card (NIC). It may need up to 4 NICs, depending on the network configuration you choose and your connection to the Internet.

All NICs must be different physical cards (or their equivalent if you have multport cards).

Ignoring for a moment the RED network, you will have to plug a separate Ethernet NIC and cable into your firewall for each of the GREEN, BLUE and/or ORANGE network. The GREEN and RED networks are required. The ORANGE and BLUE networks are optional. The interface requirements for your RED network will vary depending on your connection to the Internet. The RED network may require an additional Ethernet card and cable.

RED, ORANGE, BLUE, GREEN Configuration

The RED, ORANGE, BLUE, GREEN diagram shows that, other than the RED net, each of the networks needs an Ethernet card. If you are currently using an Ethernet connection to the Internet, you will need a card for it, too. The networks must have different network addresses.

Note

Remember, the BLUE and ORANGE networks are optional.

Table 1.1. NIC Requirements

Connection	Modem	ISDN	USB ADSL	Ethernet
RED, GREEN	1 NIC (G)	1 NIC (G)	1 NIC (G)	2 NICs (G,R)
RED, BLUE, GREEN	2 NICs (B,G)	2 NICs (B,G)	2 NICs (B,G)	3 NICs (B,G,R)
RED, ORANGE, GREEN	2 NICs (O,G)	2 NICs (O,G)	2 NICs (O,G)	3 NICs (O,G,R)
RED, ORANGE, BLUE, GREEN	3 NICs (O,B,G)	3 NICs (O,B,G)	3 NICs (O,B,G)	4 NICs (O,B,G,R)

1.2.1.6. Relative Security of IPCop Network Interfaces

The security model of IPCop is that the GREEN network is fully trusted and any requests from this network, whether initiated by a user or by a machine infected with a virus, Trojan horse or other "malware" is legitimate and allowed by IPCop.

A new feature of IPCop 1.4.0, allows for the Intrusion Detection System to be enabled for each network interface. It is always a good idea to glance at the IDS logs for your internal networks to see if a machine on your network is behaving strangely. This may indicate a virus infection.

The order of trustworthiness of networks in order of increasing trust is:

RED→ORANGE→BLUE→GREEN

1.2.2. Network Configurations

The base configuration is RED/GREEN where IPCop protects a single internal network from the Internet. If you have a wireless access point then you can attach it to the BLUE NIC and configure IPCop to restrict the access of machines on your wireless LAN. If you have some servers that need to be accessible to the Internet you can place them in an untrusted DMZ attached to the ORANGE NIC. You should decide which combination you want for your site.

1.2.3. Network Configuration Types

Since the RED interface can connect either by modem or by Ethernet, there are eight Network Configuration Types:

GREEN (RED is modem/ISDN)
GREEN + RED (RED is Ethernet)
GREEN + ORANGE + RED (RED is Ethernet)
GREEN + ORANGE (RED is modem/ISDN)
GREEN + BLUE + RED (RED is Ethernet)
GREEN + BLUE (RED is modem/ISDN)
GREEN + BLUE + ORANGE + RED (RED is Ethernet)
GREEN + BLUE + ORANGE (RED is modem/ISDN)

1.2.4. Connecting to the Internet or External Network

How are you currently connecting to the Internet, today?

If you are connected through an external broadband modem or router, you probably will be connected via an Ethernet network interface card or NIC. In any case, a similar card must be in your IPCop PC. If you are connected via an internal analog modem, ISDN modem, or ADSL USB modem, this must be moved to the IPCop PC. If you are connected via an external dial up modem, you will have to connect it to your IPCop PC.

This hardware will be used for your RED network interface.

Write down some key parameters from your current interface.

Check how you are currently obtaining your IP address: static, DHCP, PPPOE or PPTP.
If you obtain your IP address via DHCP, check to see if your system has a hostname it is providing to your ISP's DHCP server, see Checking Your DHCP Host Name, below.
Check what your name servers' addresses are. Your ISP's DHCP server may provide the addresses automatically or you may need to enter them manually.
Note any default sub domain addresses specified. These allow you to specify hosts like mail or news without entering the full host name, see the discussion in DHCP setup, below.

1.2.4.1. Checking Your DHCP Host Name

If you don't know if your ISP requires a host name, or you don't know what it is, check the paperwork that came with your ISP's installation kit or call their support center for help. If that fails, enter:

$ ifconfig -a

on a *nix platform, and look at your eth0 IP address. On Windows 95, 98, ME, etc. the command is

C:\winipcfg

entered from the command prompt. On Windows NT and Windows 2000, the command is

C:\ipconfig /all

In any case, write down your IP address and then issue an

$ nslookup nnn.nnn.nnn.nnn

command, where nnn.nnn.nnn.nnn is your IP address. If you get a response, write down the full host name you receive. The first part may be your DHCP hostname, the last part may be used to configure IPCop's DHCP server.

1.2.5. Decide On Your Local Network Address(es)

Decide what your GREEN or local network address range will be. This is not the IP address provided by your ISP. Addresses on this interface will never appear on the Internet. IPCop uses a technique called Port Address Translation, PAT, to hide your GREEN machines from outside eyes. To make sure there are no IP address conflicts, it is suggested that you choose one of the address ranges defined in RFC1918 as private (non-routable) addresses. There are over 65,000 of these network address ranges you can choose from. For a list of available network address ranges, please see Appendix A . The easiest network to pick is the 192.168.1.xxx network. This will allow IPCop to handle over 250 computers. Typically routers and firewalls are placed at the top or bottom of the address range, so we suggest that you pick 192.168.1.1 for your GREEN network interface. IPCop will automatically set your network mask based on your IP address, but you can modify it, if you need to.

If you will be using BLUE and/or ORANGE networks pick different network addresses for each of them. For example, BLUE might be 192.168.2.xxx and ORANGE might be 192.168.3.xxx. This will allow over 250 computers on each network.

Katakan say[@]suwidi.or.id

Monday, January 14, 2008

WRTG 54GL - DD-WRT - Reset Factory Default by SSH