Flashing a Netgear R7000 router with FreshTomato
Initial setupSadly, the R7000 model uses broadcom chips. Looks like OpenWRT cannot save us from OEM hellworld any longer.
This router is entirely new hardware for me. All of these instructions are from a fresh factory image. Factory reset your R7000. It makes things simpler.
Connect the router to a PC using an eth cable. Do not connect the PC to the WAN port, connect the PC to one of the switch ports.
The first step is to configure the router as if you were a clueless user who just uses OEM firmware cluelessly.
Wow, ads in the web UI. Technology was a mistake.
The R7000 is a strange model that requires us to flash two separate files in a 2 stage flash process. You can use a wget commands if you trust me or just browse the FreshTomato website and download them manually.
[user@fedora nmrpflash]$ wget https://freshtomato.org/downloads/freshtomato-arm/2022/2022.5/Netgear%20initial%20files/freshtomato-R7000-2022.5-initial-64K.zip [user@fedora nmrpflash]$ wget https://freshtomato.org/downloads/freshtomato-arm/2022/2022.5/K26ARM/freshtomato-R7000-ARM_NG-2022.5-AIO-64K.zip [user@fedora nmrpflash]$ for i in ./*.zip; do unzip $i; done [user@fedora nmrpflash]$ ifconfig [user@fedora nmrpflash]$ firefox 192.168.1.1
And the rest is webshit. I apologize for inaccessibility.
Stage 1 flash
In the web UI, navigate to
Advanced > Administration > Router Update. Upload the
Verify that you know what you're doing.
Wait for the update to apply
Wait for the router to reboot
Stage 2 flash
Wait for the router to reboot. Repeatedly refresh the page. When the login prompt appears, reset the router using the small reset button on the back. I use a sim card slot ejector key but a paperclip works also. Hold for 10ish seconds then release.
The login prompt looks like this:
After this, repeat the spamming refresh process until a login prompt appears. Now you can log in with:
user = root pass = admin
After logging in, you might have to remove the
/cgi-bin/luci path from the URL.
Your router is now freed from OEM advertisers
Now we need to clean out all of the OEM garbage from the NVRAM. Go to
Administration > Configuration and reset the NVRAM.
[user@fedora netgear]$ sudo killall dhclient && dhclient enp0s31f6
Administration > Upgrade and upload the
Wait for it reboot.
You might have to kill and restart dhclient again to get back to the web interface.
After all is said and done, we now have ssh access to our router like RMS intended.
[user@fedora netgear]$ ssh firstname.lastname@example.org FreshTomato 2022.5 K26ARM USB AIO-64K size: 40314 bytes (25222 left) ======================================================== Welcome to the Netgear R7000 [FreshTomato] Date: Thu Jan 1 1970 Time: 01:21:04 up 21 min Load average: 0.00, 0.01, 0.02 Mem usage: 9.4% (used 23.53 of 249.59 MB) LAN1: 192.168.1.1/24 @ DHCP: - WL0 : 2.4GHz @ FreshTomato24 @ channel: 6 @ XX:XX:XX:XX:XX:XX WL1 : 5GHz @ FreshTomato50 @ channel: 36 @ XX:XX:XX:XX:XX:XX ======================================================== root@unknown:/tmp/home/root#
After installation, I do things like change the theme to something less ugly, disable telnet, set a better root password, set wireless encryption, etc.