Installing FreshTomato in Netgear R7000

📁 Network
🏷 FreshTomatos R7000 Netgear

Introduction

The Netgear R7000 Nighthawk AC1900 Router is a great dual band WiFi and gigabit router. I did decommission mine few years ago because it was redundant in my network However, early this year I decide to use it as a WiFi access point and switch for couple of machines in the network. It is a great piece of hardware and will do a good job at this task.

I started by updating the firmware from the Netgear support page and configuring the device as an access point. I placed the R7000 as an access point and switch behind a gateway and firewall. But unfortunately, I did not liked what I found. It all worked, however I was unhappy with Netgear wanting to collect information from me and my home network. Therefore, I decided to install FreshTomato on the device.

Motivation

There are few reasons for the decision, but all of then point to Netgear trying to collect information. Some of my reasons are:

  1. Some of the device functionality requires a Netgear account, which I refuse to do. This is my device and it is inside my home network, so I don’t see any reason for a Netgear account.
  2. I attached a shared USB disk and I was unable to encrypt the disk. But, for the disk to be useful, it need to be encrypted.
  3. The USB disk was too slow, which may had something to do with the protocol being used. But, I did not spend time investigating the reasons.
  4. The last straw was the attempts, of the device, to reach Netgear from inside my home network. Checking my PI-Hole, I noticed a lot of DNS queries to www.netgear.com. Looking at the details, it turns out the R7000 is communicating with Netgear. After I blacklisted www.netgear.com the R7000 keep querying it every 60 seconds. It seems that it was using www.netgear.com as the NTP server, but I did not like it anyway.

Therefore, I need to change the firmware in that device. That should fix most (if not all) of my problems with the device. I decided to use FreshTomato, and I have been very happy with that decision. I did installed it in April 2022 and it has been working perfectly ever since. It is configured as an access point and switch. In addition, I attached a printer and a USB disk. That allows me to print and run backups from any of the WiFi devices in the network. So, I’m happy with the results.

Process

The process that I used is described in here. The goal was to reproduce the R7000 configuration in FreshTomato, so I started by getting a readable copy of the R7000 configuration. Unfortunately, There is no good way to print out the configuration in a readable way, therefore I decided to grab a video of navigating to the whole R7000 user interface in the browser.

Capturing video of the R7000 web application

a) I used ffmpeg to capture a video of the session in the browser. To start the capture, I used ffmpeg with the information about my monitor, as follows:

ffmpeg -f x11grab -s 1280x1024  -r 25 -i :0.0+0,0 out.mp4

Then, I navigated to all the pages showing the configuration of the R7000. When I finish navigating, I terminated the execution of ffmpeg using Ctrl-C.

Saved a copy of the configuration

I also saved a copy of the R7000 configuration. This was not necessary, but it seems like a good idea. In any case, This is what I did:

  1. Login into the router
  2. Go to Advanced => Administration => Backup Settings => Save a copy of the current settings
  3. Unplugged the R7000 Ethernet cable from the switch (from my network). That was necessary, because the R7000 has a fix IP (not 192.168.1.1) and when it reboots it do revert to that IP. This creates problems in the rest of my home network. So, better to get it out of the network.

Installing and configuring FreshTomato

b) I started by downloading all the necessary files from freshtomato.org, and I checked all the files with md5sum, as follows:

cat MD5SUM* | grep R7000 > check.txt
md5sum -c check.txt

c) I read few articles and watched a video in preparation for the installation and configuration as an access point. The following pages were useful:

d) I ended following the instruction in the video, as follows:

  1. In a browser login into the R7000.
  2. Go to Advanced => Administration => Backup Settings => Revert to factory default settings (Erase). It will reboot the router and revert to 192.168.1.1, which is OK because the rest of the network don’t see it. But, it did ask to be connected to the internet, and so I answered few questions in the negative (because internet connection was not necessary and the device was disconnected from the network). After few tries I was able to get into the router. Which asked to set password, etc. which I did.
  3. Go to Advanced => Administration => Router update => browser and selected the initial FreshTomatos file.
  4. I ping the device now executing FreshTomatos: ping 192.168.0.1
  5. In a browser, go to 192.168.0.1, which now it is running FreshTomato. The credentials are: root / admin.
  6. Go to Administration => Upgrade. In here you need to select the right file (AIO or VPN) and do the upgrade.
  7. Reboot the device and get back into FreshTomatos in the browser.
  8. Go to Administration => Configuration => Restore Default Configuration => Erase all data in NVRAM memory.
  9. Reboot the device and get back into FreshTomatos in the browser.
  10. This time it ask for a user and password: admin / admin
  11. Reboot it again (don’t know the reason, but well)
  12. Configure the router, based on your old config.

Conclusion

Any time you play with firmware and flash a device with new and different firmware, you need to be prepared to experiment and try multiple times. I was surprised how well it worked with FreshTomatos, as it worked in the first try. I had more problems with the Netgear software when I reverted to factory settings, as it wanted to connect to the network.

The good news is that FreshTomatos have worked perfectly, and I’m happy with the performance and functionality.