Getting DDWRT to play nice with Zeroshell

So I borked a bridge on my zeroshell router tonight, and I had to re-do it. I figured this guide would be useful for anyone who has a wrt54g (or any other ) that’s crapping out, and want to replace it with something unix based, or just for people who are trying to configure Zeroshell for the first time.

I’ve got ideas to expand this article, so check back in a few days and it should be fully finished :)

This is my network infrastructure.

topology

Click for a bigger picture (small formatting space :( )

So now you see exactly what it is I want to do. I had everything running off of my DDWRT on my WRG54G, but my roommates and I use quite a bit of bandwidth and with 8 mb on onboard memory, needless to say it was the equivalent of a one armed retard trying to take on an army of ninjas, even with overclocking enabled.

I’d been looking for a computer to turn into a router for a while, and I finally found one at work last week :)

So I grabbed a copy of zeroshell, and started it up and I was greeted by the main screen. It sets a static IP on eth00 (their naming convention is a bit wonky) to 192.168.0.75, so I plugged into it with my main ethernet port, and set a static ip to the same subnet (google it if you don’t know how).

When I could finally connect I was greeted by the sign I page (of course after the SCARY self signed cert warning)

login

Default U:P == admin:zeroshell

Time to create a new profile, on the top bar, there is a ‘profiles’ tab. Its a good place to start so we can actually save all our settings :)

In this case, there was a WIN95 formatted drive in there, which zeroshell couldn’t read. What I ended up doing I just plugged it into an ide reader and formatted it, which worked fine.

Either way after creating a new database with all of my info, including hostname, Kerberos, and LDAP stuff.

profile

Now in the ‘Network’ tab we need to set our IP addresses. The dynamic IP won’t stick until theres actually an address to get, so I just set the static IP to 10.0.0.1

It was at this point that I realized that I needed to disable all DHCP/routing functionality on my DDWRT

Logging in I had to change a few things

  • WAN Connection type = disabled
  • Local IP address = 10.0.0.2/24
  • Assign WAN port to swtich
  • DHCP Fowarder (as opposed to server) – followed by the ip of the dhcp server

ddwrtsettings

Since I wasn’t going to be changing anything on my wireless side (I still wanted to use the AP functionality of my DDWRT) there was no need to fiddle with any of those settings.

Finally all we have to do is disable routing. Go to the administration tab and at the bottom hit the Routing button to disable.

routeingdisable

Now we can actually put our machine into place, but you may want to enable the dhcp server first (or you have to assign yourself a static address):

On the left in the ‘network’ subsection theres a DHCP link, after you click it you need to create a new subnet. Choose the proper interface to broadcast on (eth00 in my case) and set the dhcp pool specifications. I did 10.0.0.10-10.0.0.25 and put in OpenDNS for my primary and secondary DNS.

DHCPNow you want to get a dynamic address for your ‘outside’ interface (eth01 in my case)

Dynamic

Now we need to click on the Router section, and click the NAT tab, so we can route between interfaces properly.

NATThats about it as far as what needs to happen to get routing, DHCP, and dns properly set up so you can now do pretty much anything you want.

The important lesson here? Before you start messing with things that could break the world, which in turn causes you to mess up your hard drive containing your configuration, BACKUP YOUR CONFIGURATION. Do it now. Seriously. Although I wouldn’t have written this article if I would’ve done that now would I :)

I apologize for the crappy formatting. I just started this thing, so I’m still trying to find a theme that supports the architecture of my writing, and still looks good.

Like I said, tomorrow I’ll put in my OpenVPN how-to on the end of this article, as it can be a bit complicated if you don’t know anything about certificates.

After that I’ll be putting in how to get NAT working properly, as it can be a bit weird. Took me a while to figure out anyway.

dwight

Identity theft is not a joke, Jim!

EDIT: So instead of putting the VPN & NAT stuff down here, I’m going to just do another post about it, tie them both together and make a page for it.

Hope you enjoy it!

Advertisements

5 Responses to “Getting DDWRT to play nice with Zeroshell”

  1. Thank you for sharing that information. Helps a lot in learning networking. Keep up the good work.
    By the way: I like the theme of your site. You don’t have to change that much :)

  2. Everything is clear. Your writing is fun to read and I have no specific desire in what you should write about next. As I mentioned, i’m pretty much a noob in networking, but i think your site is a source for valuable learning material. My comment was just a way to express my thankfulness for that. So again, thanks for sharing all the infos…
    If I say something terribly dumb, please excuse my bad english, for i am not a native speaker :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: