Get the Flash Player to see the slideshow.

Mar 27 2009

Configuring Linksys WRT54GL/G Wireless G Broadband Router as a plain Wireless LAN Access Point

Published by at 4:19 pm under IT

Today wireless is everywhere. In any point of your city you’ll find a dozen wireless access points with your laptop/PDA, more or less secured. In office buildings, on the streets, in the parc, in your neighborhood (no matter if you live in a residence or an apartment building).

Adding wireless to your home is cool since you can connect devices to your home LAN without drilling holes in your walls and fill them with wires to enable internet access from your bedroom or connect your HTPC to your wireless NAS.

Choosing an access point is easy since the technology itself is already matured enough and usually you cannot go wrong with products from Asus, Acer, MSI, Netgear, D-link, Zyxel and others. My pick however is Linksys. Mostly because is a Cisco Systems OEM (I feel a bit nostalgic for my network administration period). Secondly is price (more expensive in his class, but still very affordable). The third reason is signal strength: 2 layers of concrete walls are not a problem for a Linksys (I can pick up my network from across the street actually, or browse the internet from my toilet – well, I’m not actually doing this, but the potential is there and ready to be leveraged… :-) ).

But why should you get a wireless access point when you can get a wireless router for the same money, while having increased functionality of the equipment? A wireless router can be setup as a plain a wireless access point as well as directly connect your home network to your ADSL modem, PPPoE ISP, just plain WAN ethernet interface. Wireless router can also be used to connect 2 or more wireless networks. In need of a DMZ? Can be done.

Majority of wireless broadband routers as the case with my Linksys WRT54GL, besides the standard WAN Ethernet interface and Wireless LAN, offers the possibility to connect to the LAN via additional wired RJ-45 Ethernet interfaces. Those additional wired RJ-45 interfaces for the LAN network will allow the configuration of the wireless router as a plain access point. Here is how:

Linksys WRT54G connected and configured as plain Wireless Access Point

Linksys WRT54GL connected and configured in Wireless Access Point mode

  1. Completely ignore the wireless router’ WAN port (do not connect any cables to it). If anything is configured or attached there, the router will try to perform his best job: route, but we don’t want that.
  2. Connect the router to your LAN switch via one of the 4 available RJ-45 LAN ports.
  3. Access the management interface of the router via HTTP. For the Linksys WRT54GL default management address assigned is 192. 168.1.1 (check in the manual which is yours). If your network is not in subnet or already one of your important network infrastructure is using the same IP, have one of your computers or laptop directly connected to the router (no cross-over needed) by setting a random IP from the same class.
  4. Setup the desired management IP address (I’ve put on mine).
  5. Re-enter the management interface with the new address.
  6. Double-check that wireless router’ WAN interface is in default DHCP mode.
  7. Setup the wireless network type.
  8. You’re done.

About the IP address assignment for the wireless clients there are 2 options. The most simple is to assign a DHCP scope on the router that is in the same subnet as your the rest of your LAN. The drawback here is that your wireless clients cannot connect to the internet because the default gateway as assigned via DHCP lease will be the IP address of your router. Therefore, your clients can access without problems resources from your LAN, but not the internet, since no route is configured between your internet default gateway ( in my case – see above picture) and Linksys WRT54GL.

The second and smartest option is to disable DHCP server of the Linksys and build a DHCP scope on one of your servers from your LAN. You do not need here a full blown DHCP server authorized in the Active Directory. Any Open Source DHCP server will do (even installed on your Windows or Linux workstation). The scope must include address range, subnet mask, DNS server (if you do not rely on “hosts” file anymore) and default gateway. This way, after physical link has been established on 802.11b/g the client will broadcast a DHCP request package to; the request will be passed to all devices on your LAN and your DHCP server will respond with a valid IP address. Your wireless clients can now access both your LAN internal and external resources (as the correct default gateway has been correctly configures in the DHCP scope).

A few more words about securing your wireless network, since you do not want to provide internet services to your whole neighborhood.

  1. Setup a strong administrative password for Wireless Router Management interface (disable HTTP and enable HTTPS only access). By default, the administrative password for Linksys WRT54GL is “admin”, as I remember.
  2. Enable Media Access Code (MAC) address filtering. This way only the MAC addresses from the access list are allowed to communicate with the wireless router. “getmac” command will help you determine the mac address of your laptops’ wireless NIC. If this does not help, usually the MAC address is written on the back of each wireless enabled device (PDAs, HTPCs, MediaBox, Wireless SAN, etc). So, make a list of all of them, and write them down in the MAC filtering table of your router.
  3. Enable only WPA2 (Wi-Fi Protected Access) authentication and 128-bit AES encryption. Disable plain WPA + TKIP & WEP (Wired Equivalent Privacy) as both plain WPA & WEP are legacy authentication algorithms with serious security flaws. If you are forced to choose between WEP and WPA/TKIP due to legacy wireless client’ comptibility, go for the least of the worse: WPA/TKIP.
  4. And finally, from “Security through obscurity” series disable SSiD broadcast. What this is doing is very simple: the wireless network name will not be shown to someone who is searching for a wireless network. The whole network will either not be shown at all or it will show as “Unknown Network”. This requires for someone trying to connect to your network to know by hand your SSiD (Service Set Identifier) name. This is not a security measure that should substitute the other 3 above as a determined hacker can easily find out your SSiD by sniffing your wireless network traffic (SSiDs are send via clear text during 802.11 handshake).

If you want an additional layer of security in your network, on your DHCP machine, make a scope allowing only a number of DHCP leases that equals with your number of wireless devices (which preliminary have been MAC filtered on your wireless router). Assign for the scope IP address reservations which links the MAC addresses of your wireless clients to unique IP addresses from your subnet. That is: if I have 3 wireless devices, I filter the MACs on the wireless router and I create a DHCP scope with only 3 addresses for lease; in the same scope I create then 3 IP reservations assigned to the same MACs.

This is how you can setup a Linksys WRT54GL (and not only) Wireless Broadband router  as a plain Wireless access point and secure your newly created wireless network.

BTW: If confused about the differences between WRT54GL & WRT54G, the GL model is newer and the L stands for Linux, as the WRT54GL firmware comes packed with a mini Linux kernel.


No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

37 responses so far

37 Responses to “Configuring Linksys WRT54GL/G Wireless G Broadband Router as a plain Wireless LAN Access Point”

  1. NETWORKING-THE.INFO |on 27 Mar 2009 at 5:30 pm

    [...] Originally posted here:Â Configuring Linksys WRT54G/GL Wireless G Broadband Router as a solid Wireless LAN Access Point [...]

  2. florinon 13 Apr 2009 at 4:21 pm

    ce header frumos!

  3. Zeton 14 Apr 2009 at 1:38 pm

    Care din ele?

  4. h.on 04 May 2009 at 6:43 pm

    Hiding the SSID may be a good measure, but if you have WPA2/AES you may leave it unhidden. If you have a good key, you’re safe. It’s less typing if you’re connecting with a mobile phone or other device without a comfortable keyboard.

    Another good security measure is good to disallow administrative access
    from the WLAN.

    I also have the WRT54GL model. I set the SSID to D-Link. No reason.

  5. Zeton 06 May 2009 at 1:05 pm

    You type only once. The settings are saved.

    As for the SSID name, why not “Vodafone_Public”?

  6. h.on 31 May 2009 at 11:00 am

    There’s a fine line between ergonomic and lazy. However, I manage not to cross it… and remain in the lazy zone.

    It’s D-Link for the fun of letting hacker-wannabe-dumb-ass-neighbors trying to get free internet.

  7. [...] Configuring Linksys WRT54GL/G Wireless G Broadband Router as a plain Wireless LAN Access Point Configuring Linksys WRT54GL/G Wireless G Broadband Router as a plain Wireless LAN Access Point;nLinksys WRT54GL access point mode… Related Websites [...]

  8. crison 30 Aug 2009 at 2:14 pm

    Sorry for a dumb question but what do you mean “Wireless router can also be used to connect 2 or more wireless networks”
    Can I use my Linksys WRT54GL to connect to a wireless network and forward the signal further, acting like a wireless amplifier?

  9. Zeton 31 Aug 2009 at 9:56 am

    Hi Cris,

    First of all, no questions are dumb.

    Secondly, if you only want to extend the range of your wireless, opt for a Wireless Extender. Cheaper and easier to setup. No need for a second router.

    In theory, you can connect another wireless network to your Linksys WRT54G router (via wireless) by installing 3rd party firmwares such as DD-WRT which enables the “Wireless Distribution System” or WDS within your Linksys WRT54GL. Make sure you do understand the performance and security limitations before going this path.

    If you want your 2 networks (meaning different subnets) to be connected, the easiest way is to connect each WAN interface of the WRT54GL to a 3rd wired router (also a Linux server with multiple NICs will do) and setup the routing accordingly.

  10. Sorinon 09 Sep 2009 at 9:56 pm

    Am de 2 ani acest router, am pus dd-wrt si merge super in configuratia de AP. Singura problema a aparut recent cind am vrut sa il accesez remote din afara LANului. Router este disabled evident (ai uitat sa mentionezi pentru cei mai incepatori), valoarea portului ptr webgui a fost schimbata de la 8080, noua valoare a fost introdusa in server la iptables ptr port forwarding si totusi nu reusesc sa-l accesez.
    Teoretic ar trebui sa fie asa cum spune si la help, http://adresa.ip.server:port, unde adresa.ip.server e IPul dat de provider iar port este valoarea schimbata de mine. In LAN il pot accesa fara probleme (cu adresa lui interna) dar din internet nu merge. Si ma roade pentru ca stiu ca am facut totul bine in server si in WRT54, e posibil doar sa fi uitat sa pun sau sa scot niste bife pe undeva.
    Sfaturile pentru securitate sint foarte bune doar ca eu il folosesc pentru clientii terasei si securitatea e 0 (decit sa stau sa explic la blonde cum se face conectarea cu pass mai bine las secu jos).
    Ce-a zis Cris voi incerca si eu sa fac si exact asta m-am gindit ca face, un extender la reteaua mea.

  11. Arion 14 Sep 2009 at 11:26 pm

    I have a WRT54GL router in my one ethernet-socket-student apartment. The internet connection is provided by the student union, and I have no access to the main router, it’s just like a black box, and all I have is a single ethernet socket in my apartment.

    To try to make things a little better for me and my roommate I wanted to setup my Linksys router so that it works as both ethernet switch (because we have an ethernet connected IP-phone) and as a wireless access point for our two laptops. So now you know what I want to be able to do (get both wired and wireless to the internet through my WRT54GL).

    The wired network works fine, I can connect both laptops and the IP-phone to that one, by turning off the WRT54GL’s DHCP server, but I don’t want the only wired network.

    According to your article (and, now, my bitter experience) it doesn’t work to let the WRT54GL’s DHCP server manage the wireless since it broadcasts it’s own IP address as the default gateway (which is not the student union router’s default gateway, so that doesn’t get me to the internet), and I don’t have the option of having a server in my tiny apartment, running a dedicated DHCP server, so my most important question is:

    Isn’t there a third way of getting DHCP assignments to the wireless network with broadcasting an arbitrary default gateway??

    I have looked at third-party firmwares for the WRT54GL, looking for clues to whether these firmwares can do what I need, but by my (admittedly rather short) inspection it seems that either it’s too trivial to mention in the “Capabilities”-section or they just can’t.

    Can you verify or debunk my theory that this is in fact possible with DD-WRT or Tomato or some other third-party firmware??

  12. Zeton 22 Sep 2009 at 3:26 pm


    The quickest think to try is to set your IP/mask/DNS/Gateway manually for your wireless connection. See if that does it.

  13. Chuckon 30 Sep 2010 at 7:20 pm

    What if you have a wired router and 2 wireless ones? I have an 8-port wired router (linksys!), as well as 2 wireless routers. I’d like to connect the WAN to the wired router, then 2 wireless routers to that for wireless APs. I’m thinking disable the DHCP in the APs and have all DHCP come from the wired router. Would that work? I do not want to have a server running 24/7 just to supply DHCP.

  14. Laparoscopic Surgery :on 31 Oct 2010 at 4:21 pm

    my wireless router at home overheated when i used p2p heavily for 24 hours for the next 25 days _

  15. Mariuson 08 Nov 2010 at 3:07 am

    Thanks for these very thorough and helpful instructions. I live in a duplex in Brooklyn. Downstairs I have a modem with a built-in wi-fi router from Time Warner Cable (up to 50mbps/wideband). From this router a cat5 cable extends to the second floor, where there is an outlet attached to a patch cable, which in turn is attached to a WRT54GL router. Currently the WRT54GL router is set up with its own wireless network (separate username/password/MAX address). I’d like to seamlessly combine the downstairs and upstairs network so devices don’t notice a difference (it’s complicated – I need to set it up this way to make my wireless Logitech Squeezebox system work). Would it be possible to explain if this can be done and how?

  16. Zeton 08 Nov 2010 at 1:37 pm

    To all: it’s not necessary to keep a computer up just for the sake of having DHCP running. DHCP can be setup on any router (like the Time Warner cable, Marius or that wired Linksys router Chuck).

    The point is: to use this router WRT54GL as a plain AP, do not connect / configure the WAN port / use whatever equipment for DHCP provisioning, but make sure to configure the DHCP range (scope) within the same subnet.


  17. Carrieon 25 May 2013 at 3:47 pm

    Does your site have a contact page? I’m having a tough time locating it but, I’d like to send you an email.
    I’ve got some creative ideas for your blog you might be interested in hearing. Either way, great website and I look forward to seeing it develop over time.

  18. a readable feaston 10 Jul 2013 at 9:27 am

    Greetings! Very useful advice in this particular post!
    It is the little changes which will make the most important changes.
    Thanks for sharing!

  19. ascenton 24 Jul 2013 at 3:30 pm

    Sorry to ask, maybe dumb, but this means that the router #2 would still needed to be connected by ethernet cable to router #1 ?
    What’s the point then, you’d still have cables along your home walls.

  20. rochii de mireasaon 26 Jul 2013 at 11:45 am

    If you want to obtain much from this post then you have to apply
    such strategies to your won web site.

    My blog :: rochii de mireasa

  21. rochii de ocazieon 26 Jul 2013 at 6:52 pm

    Hello, Neat post. There is a problem along with your site in internet explorer, may test this?
    IE nonetheless is the marketplace leader and a big portion of
    folks will miss your wonderful writing because of this problem.

    Here is my site :: rochii de ocazie

  22. haine onlineon 26 Jul 2013 at 7:44 pm

    Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point.
    You definitely know what youre talking about, why waste your intelligence on
    just posting videos to your weblog when you could be giving
    us something informative to read?

    Here is my weblog – haine online

  23. clash of clans hack toolon 01 Aug 2013 at 8:48 pm

    I’m truly enjoying the design and layout of your website. It’s a very easy on the eyes which makes it much more pleasant for me to come here and visit more often.
    Did you hire out a designer to create your theme? Exceptional

    Feel free to visit my webpage – clash of clans hack tool

  24. chiropractor St Petersburg flon 03 Nov 2013 at 5:58 pm

    When someone writes an piece of writing he/she retains the thought of a user in his/her mind
    that how a user can be aware of it. Therefore that’s why this article is perfect.

  25. 12 Nov 2013 at 12:04 am

    It’s remarkable to go to see this web page and reading the views of all friends concerning this piece of writing, while I am also zealous of getting knowledge.

    Check out my website; Hungry shark evolution hack (

  26. Sophieon 19 Nov 2013 at 3:34 am

    An interesting discussion is worth comment.

    I think that you ought to write more about this issue, it might not be a
    taboo matter but usually people do not speak about these issues.

    To the next! Best wishes!!

    Also visit my web blog: Grand Theft Auto 5 Walkthrough (Sophie)

  27. NINJA SAGA HACKon 19 Nov 2013 at 5:02 pm

    Helpful information. Fortunate me I found your site by accident, and I am stunned why
    this coincidence didn’t took place in advance! I bookmarked it.

    Also visit my site :: NINJA SAGA HACK

  28. Dungeon Rampage Hackon 20 Nov 2013 at 5:09 pm

    Good article. I am facing a few of these issues as well..

    Feel free to surf to my website Dungeon Rampage Hack

  29. UberStrike HACKon 21 Nov 2013 at 6:05 pm

    Oh my goodness! Impressive article dude! Thank you, However I am going
    through troubles with your RSS. I don’t understand
    why I am unable to subscribe to it. Is there anyone else getting identical RSS problems?
    Anybody who knows the answer can you kindly respond? Thanx!!

    Also visit my homepage UberStrike HACK

  30. 27 Nov 2013 at 3:37 pm

    Wow, this post is fastidious, my younger sister
    is analyzing these kinds of things, so I am going to tell her.

    Also visit my web page – xbox live gold gratuit (

  31. Frontline Commando D-Day Hackon 30 Dec 2013 at 1:02 pm

    Keep on writing, great job!

    Also visit my web blog – Frontline Commando D-Day Hack

  32. Dragonvale Hack Downloadon 11 Jan 2014 at 1:26 pm

    I constantly spent my half an hour to read this weblog’s posts all the time along with a cup of coffee.

    Here is my blog post: Dragonvale Hack Download

  33. xbox hackon 25 Feb 2014 at 10:26 am

    There are very few software’s that can break through the game consoles security
    breach. while tough to take down is pretty stupid
    once you figure them out. The solutions
    to privacy and security issues are technically straightforward.

  34. film horor terseramon 25 Feb 2014 at 10:56 am

    This post will help the internet viewers for creating new website or even a blog from start to

    My web site – film horor terseram

  35. luminaire de cuisineon 04 Mar 2014 at 5:31 pm

    Very nice post. I just stumbled upon your weblog and wanted to say
    that I have really enjoyed surfing around your blog posts.
    In any case I’ll be subscribing to your rss feed and I
    hope you write again soon!

    my web blog: luminaire de cuisine

  36. achat litecoinon 05 Mar 2014 at 12:52 pm

    Hey there! This is kind of off topic but I need some advice from an established blog.

    Is it very difficult to set up your own blog?
    I’m not very techincal but I can figure things out pretty fast.
    I’m thinking about setting up my own but I’m not sure where to begin.
    Do you have any tips or suggestions? Thank you

    Feel free to visit my page :: achat litecoin

  37. acheter bitcoinon 14 Apr 2014 at 10:15 am

    Ici : commander litecoin sans trace sur des sites internet instantanement

    my web site; acheter bitcoin

Trackback URI | Comments RSS

Leave a Reply