Tomato Router Wireless Ethernet Bridge (Repeater Mode)

Tomato is one of the most (if not the most) robust router firmware to date. It extends the functionality of a manufacturer firmware and almost everything possible with Linux can be implemented in Tomato with proper know how in coding and the Linux environment. However, one that is unfamiliar with the firmware will be overwhelmed and have a hard time exploring its capabilities.

How to Connect Two Routers Wirelessly

One of the common question is how to connect two tomato routers (or any other router + tomato) wirelessly. This is basically bridging the routers to extend the coverage of your wireless network in your home or office environment. This bridging is commonly called “Repeater Mode” feature. In this post I am going to explain how to do it with tomato.

This post is a part of the Tomato Tutorial Series.

Wireless Ethernet Bridge Method

Unlike manufacturer’s default firmware like the one with Asus, there is no easy one button to push to activate repeater mode in Tomato. However, there are two ways to do this in Tomato using the two types of wireless modes: Wireless Client and Wireless Ethernet Bridge. This tutorial will mainly focus on the latter. Disadvantages and advantages of the two methods are also discussed in this article.

Preliminary Requirements:

  1. Two wireless routers (Preferably N router) – it is recommended that the two routers are running Tomato firmware but this tutorial will still work even only one router is running Tomato.
  2. Basic knowledge on configuring your router – you need to know at least the IP address/Default Gateway and login credentials of your router. In tomato, the default gateway is 192.168.1.1, username and password: admin.

Test Environment:

Huawei B593-S931 LTE WiFi Router/Modem – primary router (Default Huawei Firmware)

Catch Tech CW-5358U – secondary router (Tomato by Shibby v121 K26 RT-N Nocat-VPN)

Note: The latest version of Tomato by Shibby is version 130. However, I find it unstable in my router when used in this setup. Balancing performance and up-to-date drivers and features, the most stable version I found is version 121. I suspect that the changes done beyond this version have difficulties running an additional wireless interface in my router. However, this is not a general problem and may not exist on a different hardware.

Setting Up the Primary Router

  1. Decide what is the router you are going to use to connect to the internet. This will be your primary router. This may be running Tomato or something else.

2. Access the default gateway of the primary router. The IP will vary depending on the router you have. I have a Huawei B593 LTE router and its default is 192.168.254.254. I presume you already know it by now.

3. Change the default gateway of the router to 192.168.1.1 and subnet mask 255.255.255.0 if these values are not the default.

4. Take note of the Wireless SSID (Name of the WiFi), password and encryption mode (eg. WPA2/Personal TKIP/AES). In other routers, there is an option to set wireless network mode. Choose N (300mbps) or auto (B/G/N). Make sure DHCP is activated since this router will serve as the DHCP server.

Configuring the Second Router

The second router should be running Tomato or else this tutorial might be useless for you. Other possible firmware that may rely on this tutorial is DD-WRT.

  1. Access the Gateway of the Tomato (second router) and navigate to Advanced Settings > Virtual Wireless.

2. Add new interface (wl0.1) and SSID (name) according to your liking. Set the mode to Access Point and bridge to LAN (br0). Click Add then Save. Note: This setup is  crucial as you will not be able to connect to the second router wirelessly when this is not done.

3. Navigate to Basic Settings > Network.

4. Go to the category LAN and edit the values. Set the IP address to 192.168.1.2, subnet mask 255.255.255.0 and disable DHCP.

5. Right beneath the LAN settings, input 192.168.1.1 as the Default Gateway and DNS. Note: The Default Gateway option is somehow tricky and it may not appear until you save the changes. If it is missing, just proceed to Step 6.

6. Go to Wireless (eth1) category. Change the Wireless mode to Wireless Ethernet Bridge.

7. Input the WiFi SSID and password of the primary router.  Configure the correct wireless network and encryption mode the same values you have in the primary router. Hit Save. (The Default Gateway setting should now appear and configure it with the value in Step 5. Hit save again.)

8. Navigate to Advanced Settings > Routing.

9. Go to the Miscellaneous category. Make sure the mode is set to Gateway, RIPv1 & V2 disabled and DHCP routes is checked. Save. The DHCP routes is important as it is the way to send all DHCP requests to the primary router (DHCP server).

10. Navigate to Advanced Settings > Firewall.

11. Go to category NAT and set the NAT loopback to Forwarded Only. Checked Enable SYN cookies. Save. (NAT Loopback: This setting is crucial as you may experience connection problems/unstable router when it is set to All.)

Checking the Setup

You should be able to connect to the internet using the second router by this time. Check Status > Overview if you are connected to the primary router. If not, there are errors in your configuration or the routers are too far apart. Also try to restart if it solves the problem.

If you did all right, then Congratulations! You successfully connected the two routers wirelessly using ethernet bridge.

Advantages of Wireless Ethernet Bridge

Through Wireless Ethernet Bridge, all the devices connected to Router 1 and  Router 2 can communicate with each other. Meaning, if you have a network printer in Router 1, you are able to use it even you are connected to Router 2. It is possible because the two routers are connected in a bridge and are in the same subnet. Gateway of both the routers can be access in Router 1 or 2.

Disadvantages of Wireless Ethernet Bridge

Some functions of the second router will be deactivated. Since the WAN is inactive, the DHCP is handled by the primary router and NAT is set to Forwarded only, Bandwidth Monitor will only show values on Realtime and past 24 hours graph. The same scenario with the IP monitor. Also, if you opt to create a  Guest (or separate vlan) network, this is not possible with Wireless Ethernet Bridge setup.

If you need these functions, it is possible to still have them via a different method. It is connecting the two routers via Wireless Client mode. However, you will lose all the advantages of Wireless Ethernet Bridge. If you want to use Wireless Client, the procedure in setting it up is the same. Just change the mode from Wireless Ethernet Bridge to Wireless Client and enable the DHCP for br0 (under Basic > Network).

Additional Information

You can create a hidden SSID dedicated for the bridging setup with no encryption/password. This is only recommended if your second router is low on RAM memory or have a slow processor. This will lessen the load of decrypting data packets each time the two routers communicate. However, this setting may be subject to security issues since the network is barely exposed (even hidden). A trick to handle this security issue is to only allow one device (the 2nd router) to connect to the hidden SSID of the primary. In Tomato, this can be done by limiting the DHCP IP range in Basic>Network>LAN to accommodate only 1 device.

This post is a part of the Tomato Tutorial Series.  Check the main post here: TomatoUSB Powerful WiFi Router at a Cheap Cost.


— RAZ RECOMMENDS —
zalora-bap-15-offBrand Ambassador Promotion: Discount code is for new customers only.


  • dordal

    Thanks for this guide. A couple notes when I did this with Advanced Tomato v137:

    – I did not need to do Step 2 “Add new interface (wl0.1)…” as Tomato now seems to do this for you when you convert to ‘Wireless Ethernet Bridge’ mode.
    – If you have trouble with the link, try rebooting BOTH routers after you think you have everything setup correctly. I was tearing my hair out because computers behind the bridge could see computers behind the primary router, but not vice-versa. I spent hours focused on the bridge router, trying different settings, resetting NVRAM, etc. before I got the bright idea to reboot the primary router. What I think happened was that the ARP tables got screwed up on the primary, so the reboot cleared those out.
    – If you have trouble with AirPlay over the bridge (e.g. sporadic dropouts, etc.), trying disabling WMM on the bridge router. ( Advanced Settings -> Wireless -> WMM ).

    Thanks again for the helpful guide.

    • Raz

      Hi! you’re welcome and thank you so much for the input! 🙂

    • dordal

      Well, further update on problem #2 above. Power outage today, everything rebooted, and I again couldn’t see devices behind the bridge ( but vice-versa was OK). After some experimentation:

      – After a reboot of the primary router, if the first thing to talk to it was the bridge (e.g. a ping request), then I could see everything behind the bridge.
      – However, if the first thing was one of the client devices behind the bridge, then I could ONLY see that client device.

      I suspect that ARP table is somehow getting messed up. I’ve fixed it (hopefully!) by putting a static ARP entry into the DHCP/ARP/BW screen on the primary: 48:5B:39:E8:6B:3F ( MAC address of the wireless LAN on the bridge) -> 192.168.0.2 ( IP address of the bridge ).

      For reasons I’ll confess I don’t fully understand, this seems to fix it.