OpenWRT on the TP-Link TL-MR3020(just some notes, not meant to be complete ...)
Date: 2012-Mar-30, I used the files most recent at the time of this writing.
I use the TP-Link TL-MR3020, hardware revision 1.6. Marketed as a WiFi to 3G router, it is a very small internet router, nevertheless featuring everything required to run OpenWRT. See the OpenWRT website (or the "Table of Hardware" on the project's website) for more details on what OpenWRT is and what not. There is also a Wiki page for each supported device, so look here for more information.
Installing OpenWRT on this box is easy. Just fetch the right "trunk" firmware image for the OpenWRT device page and install this using the web configuration tool shipped on the router. So 5 minutes after unwrapping, you're done. Like usually, it is crucial to be connected to the device via a direct LAN cable, don't even try to do this via WiFi!
This first time you connect to your device, you have to use "telnet 192.168.1.1". Then set a root password using the "passwd" command. DON'T USE YOUR REAL root PASSWORD HERE AS telnet CONNECTIONS ARE NOT ENCRYPTED. The next time you log into the box you will use ssh and then it is the time to set your final root password. If you mess something up -- for example you filled up the /overlay volume and want to reset to original config -- you have to use the failsafe mode.
In my network configuration the DSL internet router is 192.168.1.1, it is both the default router AND the DNS server to ask. Let's configure the device to some fixed IP address. Needless to say that the IP address must not lie within the your internet router's DHCP address pool, but has to be within the same subnet.
root@OpenWrt:~# uci set network.lan.ipaddr=192.168.1.2 root@OpenWrt:~# uci set network.lan.dns=192.168.1.1 root@OpenWrt:~# uci set network.lan.gateway=192.168.1.1 root@OpenWrt:~# uci set dhcp.ignore=1 root@OpenWrt:~# uci set dhcp.lan.ignore=1 root@OpenWrt:~# uci commit
The dhcp.ignore=1 line disables OpenWRT's DHCP server. This is obviously very important since two DHCP servers in the same network at the same time can bring chaos into your network! After "uci commit" and the reboot the changes take effect. Reconnect your computer to your local network and connect the OpenWRTed TL-MR3020 to the same network. When you log in, it looks like
cl@clnb:/tmp/x$ ssh email@example.com firstname.lastname@example.org's password: BusyBox v1.19.3 (2012-03-13 08:32:03 MST) built-in shell (ash) Enter 'help' for a list of built-in commands. _______ ________ __ | |.-----.-----.-----.| | | |.----.| |_ | - || _ | -__| || | | || _|| _| |_______|| __|_____|__|__||________||__| |____| |__| W I R E L E S S F R E E D O M ATTITUDE ADJUSTMENT (bleeding edge, r30919) ---------- * 1/4 oz Vodka Pour all ingredients into mixing * 1/4 oz Gin tin with ice, strain into glass. * 1/4 oz Amaretto * 1/4 oz Triple sec * 1/4 oz Peach schnapps * 1/4 oz Sour mix * 1 splash Cranberry juice ----------------------------------------------------- root@OpenWrt:~#
root@OpenWrt:/# opkg update Downloading http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/Packages.gz. Inflating http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/Packages.gz. Updated list of available packages in /var/opkg-lists/snapshots. root@OpenWrt:/# opkg install openvpn
OpenVPN will eat up most of the memory in /overlay. After installing OpenVPN, we have
root@OpenWrt:/# df Filesystem 1K-blocks Used Available Use% Mounted on rootfs 1536 1096 440 71% / /dev/root 1536 1536 0 100% /rom tmpfs 14688 1700 12988 12% /tmp tmpfs 512 0 512 0% /dev /dev/mtdblock3 1536 1096 440 71% /overlay overlayfs:/overlay 1536 1096 440 71% / root@OpenWrt:/#
You see that FLASH storage is _really_ at a premium in these internet routers! In our application it would pay to build a custom ROM image as the ROM filesystem is more efficient than the /overlay FS where the new files go.
For the OpenVPN configuration proceed like if this client where some PC. Then you can start openvpn on the command line entering
root@OpenWrt:/# openvpn --config /etc/openvpn/client.conf
The nice thing about OpenWRT is that you can make use of your Linux network administration skills here. The device runs a Linux kernel 3.2.9 with iptables firewalling.
The wget in busybox is not sufficient for the planned application (no HTTP authentication support), so I installed the 'real' wget tool -- but without SSL support. This saves lots of precious FLASH memory -- but let's check if it has dependicies ...
root@OpenWrt:/tmp# opkg info wget-nossl Package: wget-nossl Version: 1.13.4-1 Provides: Status: install user installed Section: net Architecture: ar71xx Maintainer: OpenWrt Developers Team
No deps. Then let's install it entering opkg install wget-nossl.