This article describes how I set up a wireless access point at my summer house. It uses a 3G/UMTS card to connect to the Internet. The hardware is the Linksys WRT54G3G v1.1 router and a Huawei E600 3G-card. The Linksys original software doesn’t support the Huawei E600 card. The software I chose is OpenWRT Kamikaze 7.09. The 3G/UMTS provider is the Swedish Tele2/Comviq.

If you don’t care about the 3G setup, and care more about WDS or PSK2 encryption, you may find my home wireless network writeup more relevant. If you have a more modern USB 3G dongle, you may find my wireless router with 3G dongle writeup more relevant.

If you want to comment on this, please go to the blog entry.

Created by Simon Josefsson on 2007-07-21 for Kamikaze 7.06. Updated for Kamikaze 7.07 on 2007-07-27, again for 7.09 on 2007-10-04. As of 2009-12-16 the system is still running in production use with great results.

Installing OpenWRT

I chose the brcm-2.4 variant of OpenWRT for this device. The plain brcm variant will work, and uses the newer 2.6 kernel, but wireless will not work. For more information, see the Kamikaze 7.09 release notes and the Installation section in the manual.

I downloaded from http://downloads.openwrt.org/kamikaze/7.09/brcm-2.4/ the following image.

d5171f9699534ac9cc0321122158ba37e24b6d37  openwrt-wrt54g3g-2.4-squashfs.bin

You flash the file using Linksys' web interface, under "Firmware upgrade".

If you ever want to re-start from scratch from within OpenWRT (which I did when writing this page) you’ll have to use the mtd tool and download the TRX file. There is only one TRX file for all models. (Actually, the BIN files just contain the TRX file plus a header to make the Linksys web interface happy.)

root@OpenWrt:~# wget http://downloads.openwrt.org/kamikaze/7.09/brcm-2.4/openwrt-brcm-2.4-squashfs.trx
Connecting to downloads.openwrt.org [195.56.146.238:80]
openwrt-brcm-2.4-squ 100% |*****************************|  1796 KB 00:00:00 ETA
root@OpenWrt:~# mtd -r write openwrt-brcm-2.4-squashfs.trx linux
Unlocking linux ...
Writing from openwrt-brcm-2.4-squashfs.trx to linux ...  [w]
Rebooting ...

You’ll have to use a ethernet cable at this point. Connect it to LAN1-LAN4, not WAN. Use DHCP to get an IP address, or use 192.168.1.42. The router will use 192.168.1.1. Telnet to the host and add a SSH key to be able to login as root using SSH. Naturally, you’ll have to use your own SSH key (~/.ssh/id*.pub).

jas@mocca:~$ telnet 192.168.1.1
Trying 192.168.1.1...
Automatic decryption of input is enabled
Automatic encryption of output is enabled
Will send login name and/or authentication information.
Connected to 192.168.1.1.
Escape character is '^]'.
 === IMPORTANT ============================
  Use 'passwd' to set your login password
  this will disable telnet and enable SSH
 ------------------------------------------


BusyBox v1.4.2 (2007-09-29 09:01:24 CEST) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 KAMIKAZE (7.09) -----------------------------------
  * 10 oz Vodka       Shake well with ice and strain
  * 10 oz Triple sec  mixture into 10 shot glasses.
  * 10 oz lime juice  Salute!
 ---------------------------------------------------
root@OpenWrt:/# echo 'ssh-rsa AAAA... foo@bar'  > /etc/dropbear/authorized_keys
root@OpenWrt:/# cat /etc/config/dropbear | sed -e "s/'on'/'off'/"  > /etc/config/dropbear
root@OpenWrt:~# rm /etc/rc.d/S50telnet /etc/rc.d/S50httpd
root@OpenWrt:~# dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key
Public key portion is:
ssh-rsa AAAA... root@OpenWrt
Fingerprint: md5 ae:c5:ab:58:bf:d5:09:47:63:e6:a0:5f:3a:49:af:a4
root@OpenWrt:~#

Telnet should now be disabled, and you should be able to login as root using SSH with your SSH key will be available. Try it from your machine. The SSH key should match what was printed by dropbearkey. Reboot the machine once you have confirmed that SSH works, to disable telnet.

jas@mocca:~$ ssh -l root 192.168.1.1
The authenticity of host '192.168.1.1 (192.168.1.1)' can't be established.
RSA key fingerprint is ae:c5:ab:58:bf:d5:09:47:63:e6:a0:5f:3a:49:af:a4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.1' (RSA) to the list of known hosts.


BusyBox v1.4.2 (2007-09-29 09:01:24 CEST) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 KAMIKAZE (7.09) -----------------------------------
  * 10 oz Vodka       Shake well with ice and strain
  * 10 oz Triple sec  mixture into 10 shot glasses.
  * 10 oz lime juice  Salute!
 ---------------------------------------------------
root@OpenWrt:~# reboot
root@OpenWrt:~# Connection closed by foreign host.

Enabling Wireless

Wireless is disabled by default, you’ll have to modify “/etc/config/wireless” and comment out the “disabled” option. The line containing the “disabled” option should look like:

#       option disabled 1

If you want to change the name of the wireless network (the ESSID) from “OpenWRT”, you can do so in the same file.

I’m running an Open AP. If you want higher security, you should set that up now. See the Kamkikaze Configuration manual.

After you have made your changes, try the new configuration by rebooting the device.

root@OpenWrt:/etc/config# reboot

Enabling 3G/UMTS

The PCMCIA drivers are not loaded by default, and not even installed. You’ll have to copy some packages onto the device somehow.

I needed the following packages: kmod-pcmcia-core, pcmcia-cs. Install the PCMCIA drivers and test that it works:

root@OpenWrt:~# ipkg install pcmcia-cs_3.2.8-1_mipsel.ipk
Installing pcmcia-cs (3.2.8-1) to root...
Configuring pcmcia-cs
Done.
root@OpenWrt:~# ipkg install kmod-pcmcia-core_2.4.34-brcm-1_mipsel.ipk
Installing kmod-pcmcia-core (2.4.34-brcm-1) to root...
Configuring kmod-pcmcia-core
Done.
root@OpenWrt:~# cardctl status
Socket 0:
  3.3V CardBus card
  function 0: [ready]
  function 1: [ready]
root@OpenWrt:~#

The Huawei E600 is actually a USB OHCI controller, with three serial ports behind it. So we’ll need to install USB support as well. I needed the following packages: kmod-usb-core, kmod-usb-serial, kmod-usb-ohci.

root@OpenWrt:~# ipkg install kmod-usb-core_2.4.34-brcm-1_mipsel.ipk
Installing kmod-usb-core (2.4.34-brcm-1) to root...
Configuring kmod-usb-core
Done.
root@OpenWrt:~# ipkg install kmod-usb-serial_2.4.34-brcm-1_mipsel.ipk
Installing kmod-usb-serial (2.4.34-brcm-1) to root...
Configuring kmod-usb-serial
Done.
root@OpenWrt:~# ipkg install kmod-usb-ohci_2.4.34-brcm-1_mipsel.ipk
Installing kmod-usb-ohci (2.4.34-brcm-1) to root...
Configuring kmod-usb-ohci
Done.
root@OpenWrt:~#

With Kamikaze 7.06, you may get an error in the kernel log since the Huawei USB ID is not recognized. Note that this has been fixed in both 7.07 and 7.09.

usb.c: USB device 2 (vend/prod 0x12d1/0x1001) is not claimed by any active driver.

To fix this in 7.06 (although I suggest upgrading to 7.07 or 7.09 instead), you’ll need to load the ‘`usbserial'' kernel module with the ``vendor=0x12d1 product=0x1001'' parameters. To make this be loaded automatically every time the box starts, modify ``/etc/modules.d/60-usb-serial’' into:

usbserial vendor=0x12d1 product=0x1001 # Huawei E600

Reboot the box, and you’ll see something like this in the kernel log:

Linux Kernel Card Services 3.1.22
  options:  [pci] [cardbus]
PCI: Enabling device 01:01.0 (0000 -> 0002)
Yenta ISA IRQ mask 0x06f8, PCI irq 2
Socket status: 30000820
cs: cb_alloc(bus 2): vendor 0x1033, device 0x0035
PCI: Enabling device 02:00.0 (0000 -> 0002)
PCI: Enabling device 02:00.1 (0000 -> 0002)
PCI: Setting latency timer of device 00:04.0 to 64
usb-ohci.c: USB OHCI at membase 0xb8004000, IRQ 2
usb-ohci.c: usb-00:04.0, PCI device 14e4:4716
usb.c: new USB bus registered, assigned bus number 1
hub.c: USB hub found
hub.c: 2 ports detected
PCI: Setting latency timer of device 02:00.0 to 64
usb-ohci.c: USB OHCI at membase 0xc01b5000, IRQ 2
usb-ohci.c: usb-02:00.0, PCI device 1033:0035
usb.c: new USB bus registered, assigned bus number 2
hub.c: USB hub found
hub.c: 1 port detected
PCI: Setting latency timer of device 02:00.1 to 64
usb-ohci.c: USB OHCI at membase 0xc01b7000, IRQ 2
usb-ohci.c: usb-02:00.1, PCI device 1033:0035
usb.c: new USB bus registered, assigned bus number 3
hub.c: USB hub found
hub.c: 1 port detected
usb.c: registered new driver serial
usbserial.c: USB Serial support registered for Generic
usbserial.c: USB Serial Driver core v1.4
hub.c: Cannot enable port 1 of hub 1, disabling port.
hub.c: Maybe the USB cable is bad?
hub.c: new USB device 02:00.0-1, assigned address 2
usbserial.c: Generic converter detected
usbserial.c: Generic converter now attached to ttyUSB0 (or usb/tts/0 for devfs)
usbserial.c: Generic converter detected
usbserial.c: Generic converter now attached to ttyUSB1 (or usb/tts/1 for devfs)
usbserial.c: Generic converter detected
usbserial.c: Generic converter now attached to ttyUSB2 (or usb/tts/2 for devfs)

The next step is to get dial-up PPP working. The “comgt” package contains several 3G/UMTS scripts that appear to be intended for the WRT54G3G or similar devices. I needed the following packages: chat, comgt.

root@OpenWrt:~# ipkg install chat_2.4.3-8_mipsel.ipk
Installing chat (2.4.3-8) to root...
Configuring chat
Done.
root@OpenWrt:~# ipkg install comgt_0.32-1_mipsel.ipk
Installing comgt (0.32-1) to root...
Configuring comgt
Done.
root@OpenWrt:~#

Configure OpenWRT to enable the 3G/UMTS connection was the step that took the most time to figure out how to do. There doesn’t seem to be much documentation related to the Kamikazu network configuration files. To figure out how it worked, I had to read several scripts on the box. I learned a lot from that process, but I’d prefer if I hadn’t needed to.

I ended up modifying the WAN section of “/etc/config/network” to read as follows:

#### WAN configuration
config interface wan
        option ifname   'ppp0'
        option proto    '3g'
        option device   '/dev/usb/tts/0'
        option apn      'internet.tele2.se'

If you for some reason wish to keep the WAN port on the box as the "real" Internet connection (maybe to use the 3G part only as a backup Internet connection in case the other one goes down?), instead of replacing the existing WAN section in the file, add a new section:

#### 3G/UMTS configuration
config interface ppp0
        option ifname   'ppp0'
        option proto    '3g'
        option device   '/dev/usb/tts/0'
        option apn      'internet.tele2.se'

After adding that, pressing the 3G button on the box (or invoking ifup wan or ifup ppp0 respectively) does the right thing for me.

You may have noticed that I didn’t set the PIN-code anywhere. That’s right, I disabled PIN-code question on the SIM card using either the Huawei Windows software or my cell phone (cannot recall which, either will work). If you do not want to do this, add the following to the network stanza:

        option pincode      '1234'

You may also have noticed that I didn’t provide a PPP username or password. My provider, the Swedish GSM/3G operator Comviq/Tele2, doesn’t seem to require one. Should you need one, I believe you could add something like the following to “/etc/ppp/chap-secrets”:

#USERNAME  PROVIDER  PASSWORD  IPADDRESS
46708123456 * 46708123456

But I haven’t tested this. Naturally, replace the username/password with the appropriate values.

Remote logins

I want to be able to access the router remotely and it doesn’t have a static IP address. The first step is to make sure I can find the IP address of the router remotely. Installing and using ez-ipupdate is easy. Now that we have an Internet connection on the router, start by running ipkg update.

root@grisslan:~# ipkg update
Downloading http://downloads.openwrt.org/kamikaze/7.09/brcm-2.4/packages/Packages
Updated list of available packages in /usr/lib/ipkg/lists/release
Downloading http://downloads.openwrt.org/kamikaze/packages/mipsel/Packages
Updated list of available packages in /usr/lib/ipkg/lists/packages
Done.
root@grisslan:~#

I’m using DynDNS which doesn’t cost anything and have been working without problems for me so far. My “/etc/ez-ipupdate.conf” looks like:

service-type=dyndns
user=USERNAME:PASSWORD
host=YOURHOSTNAME
interface=ppp0
#quiet

# Do not change the lines below
cache-file=/tmp/ez-ipupdate.cache
pid-file=/var/run/ez-ipupdate.pid

Replace USERNAME and PASSWORD with your DynDNS account information. Replace YOURHOSTNAME with the hostname you’ve registered.

You also need to open up the firewall to allow incoming connections on port 22 (the ssh port), add the following line to “/etc/config/firewall”:

accept:proto=tcp dport=22

Reboot the router, press the button to connect to the Internet, and then try to login to the router remotely: ssh -l root YOURHOSTNAME.

Various stuff

It can be useful to make pppd output debug information. To do that, change #debug to debug in /etc/ppp/options.

You can change the hostname of the router in /etc/config/system. This can be useful if you have several OpenWRT boxes, since otherwise the bash prompts all look the same on them.

Optimization

There is one final thing to comment. The Huawei E600 doesn’t follow standard AT commands for 3G/UMTS. Thus, here is what happens if I try to get online. Notice the delay!

root@OpenWrt:~# time ifup ppp0
ifconfig: SIOCGIFFLAGS: No such device
SIM ready
PIN set successfully
Trying to set mode
Timeout setting WWAN mode!
real    0m 20.52s
user    0m 0.75s
sys     0m 1.16s
root@OpenWrt:~#

The connection will work anyway, but timeing out setting the 3G/UMTS mode takes about 15 seconds. The OpenWRT scripts try the AT$NWRAT and the AT_OPSYS command, but neither works with the Huawei E600. The code is in “/lib/network/3g.sh”. The steps to check whether the SIM is ready and setting the PIN code (which I don’t need) also take time. In total, it is about 20 seconds when the 3G led is blinking green.

I haven’t found any way to disable this stuff through some configuration file. However, I modified “/lib/network/3g.sh” and commented out the relevant part:

#       if gcom -d "$device" -s /etc/gcom/getcardinfo.gcom | grep Novatel 2>/dev/null >/dev/null; then
#               case "$service" in
#                       umts_only) CODE=2;;
#                       gprs_only) CODE=1;;
#                       *) CODE=0;;
#               esac
#               mode="AT\$NWRAT=${CODE},2"
#       else
#               case "$service" in
#                       umts_only) CODE=1;;
#                       gprs_only) CODE=0;;
#                       *) CODE=3;;
#               esac
#               mode="AT_OPSYS=${CODE}"
#       fi
#
#       PINCODE="$pincode" gcom -d "$device" -s /etc/gcom/setpin.gcom || {
#               echo "$cfg(3g): Failed to set the PIN code."
#               set_3g_led 0 0 0
#               return 1
#       }
#       MODE="$mode" gcom -d "$device" -s /etc/gcom/setmode.gcom

Now running ifup ppp0 is fast:

root@grisslan:~# time ifup ppp0
ifconfig: SIOCGIFFLAGS: No such device
real    0m 1.37s
user    0m 0.76s
sys     0m 0.59s
root@grisslan:~#

The End