Differences

This shows you the differences between two versions of the page.

--- basic-network [2024/11/06 04:20] – [LAN] -spelling hogwild
+++ basic-network [2025/08/28 03:25] (current) – old revision restored (2025/08/28 03:10) hogwild
@@ Line 1: / Line 1: @@
 ====== Network ======
-This page includes most basic settings needed to configure the network. It's divided into sections including MultiWAN, WAN Settings, Ethernet Ports Configuration, LAN and Wireless setttings.
+This page includes most basic settings needed to configure a network. Its sections include MultiWAN, WAN Settings, Ethernet Ports Configuration, LAN and Wireless settings.
+Default settings are denoted with an asterisk (" * ")
+ \\
 ===== MultiWAN =====
@@ Line 17: / Line 22: @@
 **Tune route cache**: is used for MultiWAN configurations with load balancing.
-Recommended when 2 or more WANs have weight larger than "0". It uses kernel tweaks to improve workload sharing.
+Recommended when 2 or more WANs have weight > "0". It uses kernel tweaks to improve workload sharing.
-For details, see the [[basic-network#network_notes_and_troubleshooting|Notes]] section below.\\  \\
+For details, see the [[basic-network#network_notes_and_troubleshooting|Notes and Troubleshooting]] section below.\\  \\
 **Check Connections Every: **makes FreshTomato automatically test WAN link reliability.
-It sets how often the router tests its Internet connection. Any option but Disabled runs the Watchdog script.
+This sets how often the router tests a WAN connection. Any option but Disabled runs the Watchdog script. \\ and reveals the "Target 1" / "Target 2" fields.
-Watchdog uses ping/traceroute to test WAN connection status. (Default: Disabled).
+ \\
-Any option but Disabled makes "Target 1" and "Target 2" fields appear.
+  * Target 1 -** **the address of the first host to ping \\ Google.com *
+  * Target 2 - the address of the second host to ping \\ Microsoft.com *
  \\
-  * Target 1 -** **the address of the first host to ping \\ (Default: Google.com)
+(Default: Disabled).
-  * Target 2 - the address of the second host to ping \\ (Default: Microsoft.com)\\   \\
+ \\
 ==== WAN(x) Settings ====
-Settings here are used to configure the WAN interface. These settings depend on your ISP.
+Settings here are used to configure the WAN interface. These depend on your ISP.
 Depending on the selected type, specific connection settings will be shown or hidden.
@@ Line 43: / Line 50: @@
  \\
-**Type:  **sets the connection mode the WAN interface uses to connect to your ISP. (Default: DHCP).
+**Type:  **sets the connection mode the WAN interface uses to connect to your ISP. (Default: DHCP).  \\   \\ {{::basic-network-wan0_settings-type-2025.3-default_theme.png?300}}
  \\
-  * **DHCP **- Your ISP's DHCP server dynamically assigns a WAN IP lease to FreshTomato.
+  * [DHCP]** **- Your ISP's DHCP server dynamically assigns a WAN IP lease to FreshTomato.
-    * DHCP doesn't use authentication. \\  \\
+    * DHCP uses no use authentication, so it is not secure. \\  \\
-  * **PPPoE **- The WAN port responds to authentication requests from the ISP's PPPoE server.
+  * [PPPoE]** **- The WAN port responds to authentication from the ISP PPPoE server.
     * Usually used on DSL networks.
-    * FreshTomato stores the PPPoE username/password assigned by your ISP.
+    * User Name, Password, Service Name, and Options fields appear.
-    * If authentication succeeds, the PPPoE server allows logon to the ISP network, \\ and a DHCP server assigns you a WAN IP lease.
+    * Freshtomato stores the User Name / Password you enter.
-    * Leave the //Service Name// field blank.
+    * If authentication succeeds, the PPPoE server allows logon to the ISP.
-    * Starting with release 2021.3, support for Baby Jumbo Frames (RFC 4638) \\ was added to the [[advanced-misc|Miscellaneous]] menu.
+    * Since r2021.3, support for Baby Jumbo Frames (RFC 4638) \\ was added to the [[advanced-misc|Miscellaneous]] menu.
-    * When using Baby Jumbo Frames, set MTU to 1500, to be consistent with the \\ Baby Jumbo Frames change. (See [[basic-network#network_notes_and_troubleshooting|Notes]]).\\  \\
+    * When using Baby Jumbo Frames, set MTU to 1500, to match \\ the Baby Jumbo Frames change. (See: [[basic-network#network_notes_and_troubleshooting|Notes and Troubleshooting]]).\\  \\
-  * **Static **- will configure your WAN port with a static IP.
+  * [Static]** **- will configure your WAN port with a static IP.
-    * You must manually enter these settings in FreshTomato, from your ISP:
+    * You must enter these settings from your ISP here:
       * Static IP address
       * Subnet mask
       * Gateway address
-      * DNS server addresses
+      * DNS server addresses \\ \\
-    * This mode is usually used for business, when an IP address mustn't change. \\  \\
-  * **PPTP **- configures the WAN port to use Microsoft's PPTP protocol to connect.
+  * [PPTP]** **- configures the WAN port to connect using PPTP protocol.
-    * This section requires you to enter:
+    * User Name, Password, Gateway, PPTP Gateway, Options fields appear.
-      * a username
+      * After you enter the User Name / Password, FreshTomato stores them.
-      * password
+      * Other settings required must be obtained from your ISP.\\  \\
-      * gateway server settings (given by your ISP). \\  \\
-  * **L2TP **- configures the WAN port to connect using Layer Two Tunneling Protocol.
+  * [L2TP]** **- configures the WAN port to connect using Layer Two Tunneling Protocol.
-    * FreshTomato requires you enter the following, provided by your ISP:
+    * FreshTomato requires you to enter these L2TP settings (from your ISP):
-      * L2TP username
+      * Uusername, password, server static IP/mask, gateway address. \\  \\
-      * Password
-      * L2TP server static IP address
-      * Subnet mask
-      * Gateway setting \\  \\
-  * **3G modem - **enables support for 3G cellular USB modems.
+  * [3G modem]** **- enables support for 3G cellular USB modems.
     * To detect modems, enable USB and 3G/4G/5G modem support in [[nas-usb|USB Support]].\\  \\
-  * **4G/LTE - **enables support for 4th generation cellular/LTE USB modems.
+  * [4G/LTE]** **- enables support for 4th generation cellular USB modems.
-    * When using 4G, PIN code and APN fields appear. You must enter these settings.
+    * PIN code and APN fields appear in which you must enter settings.
-    * To detect modems, enable USB and 3G/4G/5G modem support in [[nas-usb|USB Support]]. \\  \\
+    * To detect modems, enable USB and 3G/4G/5G modem support in [[nas-usb|USB Support]]. \\  (The latter applies to releases before r2025.3).\\
-  * **Disabled - **disables the physical WAN port on the router.
+  * [Disabled]** **- disables the physical WAN port on the router.
-    * This makes your device function only as a switch (if it has that function) and/or;
+    * This makes your device function only as a switch (if capable) and/or;
-    * It may effectively make your device function as a WiFi A/P (if capable). \\  \\
+    * It may effectively make your device function as a WiFi AP (if capable). \\  \\
  \\ **Wireless Client Mode:  **enables FreshTomato's Wireless Client mode.
-This lets the router act as a client (WiFi adapter) to connect to another router/AP.\\ (For details, see Wireless Mode tables below).
+This lets the router act as a client WiFi adapter to connect to another router/AP.
  \\
-  * Disabled - wireless Client mode will be disabled.
+  * [Disabled] - disables the wireless Client mode.
-  * 2.4 GHz - wireless Client mode will be enabled on the 2.4 GHz band.
+  * [2.4 GHz] - enables Wireless Client mode on the 2.4 GHz band.
-  * 5 GHz - wireless Client mode will enabled on the 5 GHz band.
+  * [5 GHz] - enables Wireless Client mode on the 5 GHz band.
- \\
-{{::basic-network-wan_settings-2024.1.png?627}}
- \\   \\
-**Load Balance Weight:**   appears only when number of WANs > 1. Valid settings are (0 - 256).\\
-{{:pasted:20240219-103900.png?476}}\\  \\
+ \\   \\ **Load Balance Weight:**   appears only when number of WANs > 1. Valid settings are: (0 - 256).\\
-When FreshTomato is in a MultiWAN configuration, it performs load sharing on the link traffic.
+{{:pasted:20240219-103900.png?550}}\\  \\
-Giving each interface a Load Balance Weight adjusts how it participates in MultiWAN activities.
+In MultiWAN configuration, FreshTomato performs load sharing on link traffic. Giving each interface a Load Balance Weight adjusts how it participates in MultiWAN activities.
-Load sharing is done on a per-session basis to avoid issues with interactive traffic like:
+Load sharing is done on a per-session basis to avoid issues with interactive traffic such as:
  \\
@@ Line 121: / Line 114: @@
   - Real-time voice
   - Video
-  - RDP.
+  - Remote Desktop / RDP
  \\
-Using per-packet loadsharing isn't recommended in cases where link speeds vary. It would generate out-of-order packets, and in doing so, could make interactive traffic unusable.
+Per-packet loadsharing isn't recommended when link speeds vary. It can generate out-of-order packets, making interactive traffic unusable.
 \\  \\ //**Example: Load Balance Weight: 0  (Failover)**//
- \\ \\ If "0" is used, FreshTomato won't route traffic when other WAN interfaces are functioning. However, if all other WAN interfaces with weight "1" or higher fail, a WAN connection with weight "0" will automatically enable. Then, when the interface with weight "0" is automatically enabled, it is assigned a weight of "1". Such functionality is commonly used as a failover configuration.
+ \\ \\ If "0" is used, FreshTomato won't route traffic when other WAN interfaces are functioning. However, if all other WAN interfaces with weight  ≥ "1" fail, a WAN connection with weight "0" will automatically enable. Then, when an interface with weight "0" is automatically enabled, it is assigned weight "1," enabling failover functionality.
  \\
-For example, let's say:
+For example, say:
  \\
@@ Line 164: / Line 157: @@
   * "1=100%
   * "0=0%"
-  * Thus, if WAN0=“weight 0” and WAN1=“weight 1”, WAN1 would handle 100% of the traffic.
+  * Thus, if: \\ WAN0=“weight 0” and \\ WAN1=“weight 1”, then\\ WAN1 would handle 100% of the traffic.
  \\ \\ //**Example: Load Balance Weight: 5**//
@@ Line 182: / Line 175: @@
   - WAN2 is set to handle the second, third, fourth, fifth and sixth sessions.
   - The seventh new session would be treated as another, first new LAN client, \\  so would start again from WAN1.
-  - WAN2 would then handle the next five new sessions, (eighth through twelfth).\\  \\
+  - WAN2 would then handle the next five new sessions, (eighth through twelfth).
- \\ **These settings affect only outbound traffic.** Return traffic tries to return via the WAN interface it came from.
+ \\ \\ **These settings affect only outbound traffic.** Return traffic tries to return via the WAN interface it came from.
-Allocation of a new session to a WAN is dynamic. You can set which traffic gets allocated to which Interface ("sticky connection") in [[advanced-pbr|MultiWAN routing]].
+Allocation of new sessions to a WAN is dynamic. You can set which traffic is allocated to each Interface ("sticky connection") in [[advanced-pbr|MultiWAN routing]].
  \\
@@ Line 192: / Line 185: @@
 **Modem device: **here, specify the 3G/4G/5G modem's Linux device path/filename.
- \\
+ \\ {{::basic-network-wan0_settings-modem_device_to_apn-default_theme-2025.png?475}}\\  \\
-  * If unsure, check the modem is listed in [[dongle_compatibility|3G/4G/5G Dongle compatibility]].
+  * Check your modem is listed in [[dongle_compatibility|3G/4G/5G Dongle compatibility]]. \\ \\
-  * If it isn't detected, enable 3G/4G/5G modem and USB support in [[nas-usb|USB Support]].
+  * If it isn't detected, enable //3G/4G/5G modem// and //USB support// in [[nas-usb|USB Support]]. \\ \\
-  * If WAN type is 3G or 4G/LTE, fields appear asking for more information.
+  * If WAN type is 3G or 4G/LTE, fields appear asking for more input. \\ \\
-  * The Default device filename is the first serial device on the first USB port: (/dev/ttyUSB0).
+  * The default device filename is the first serial device on the first USB port:
-    * The “tty” part of the filename represents a serial device.
+    * For example, (in "/dev/ttyUSB0"), the “tty” represents a serial device.
     * “USB0” in the filename means the device is connected to the first USB port.
-    * Devices listed as "/ttyUSB" use the newer Serial→USB device driver framework.
+    * Devices listed as "/ttyUSB" use the Serial→USB device driver framework. \\ \\
-  * “ACM” in the device name type means the device type is: “Abstract Control Model”
+  * “ACM” in the device name type means a device type of: “Abstract Control Model” \\ \\
+  * To get modem details, log on via Telnet/SSH and use "lsusb" or "dmesg".
  \\
-To get modem details, log on to FreshTomato via Telnet/SSH and use the "lsusb" or "dmesg" commands .
+**PIN Code: **the 3-digit PIN code for the SIM card associated with your cell account.
+  * Leave this blank if your SIM card code was deactivated. \\
  \\
-**PIN Code: **the 3-digit PIN code for the SIM card associated with your cell account.
-  * Leave this blank if your SIM card code was deactivated. \\  \\
 **Modem init string: **enter the modem's default initialization string.
-  * Your cellular provider or modem manufacturer gives you this. (Default: *99#).\\  \\
+  * This is obtained from your cellular provider or modem manufacturer. (Default: *99#).
+ \\
 **APN: **the access point name (provided by your cell carrier).
-  * Sets a gateway to route data between the carrier and the Internet. (Default: internet).\\  \\
+  * Sets a gateway to route data between the carrier and the Internet.
+  * (Default: "internet").
+ \\
 **Username: **the (carrier-provided) username to access your cell carrier's APN gateway.
-  * Some carriers don't require this. \\  \\
+  * This field appears only when PPPoE, PPTP, or L2TP is selected in the //Type// menu.
-**Password: **the (carrier-provided) password to authenticate to your cell carrier's APN gateway.
+ \\
-  * Some carriers do not require this. \\  \\
+{{::basic-network-wan0_settings-username_to_options-default_theme-2025.3.png?375}}
-**Network Type: **appears when WAN type is set to 4G/LTE. (Default: 4G/3G/2G).
+ \\
-  * The default makes FreshTomato start negotiating with a 4G connection. \\ If that fails, it falls back to negotiating 3G. Finally, it tries a 2G connection. \\  \\
+**Password: **the (carrier-provided) password to authenticate to your carrier's APN gateway.
-**DNS Server:**
+  * This field appears only when PPPoE, PPTP, or L2TP is selected in the //Type// menu.
  \\
-  * AUTO - FreshTomato uses DNS server addresses in your ISP's\\  DHCP lease.
+**Service Name:** the service name of the connection with your ISP.
-  * Manual - enables DNS server functions in dnsmasq. "DNS 1" \\ and "DNS 2" fields appear.
-    * DNS 1 - enter DNS server 1 address here.
-    * DNS 2 - enter DNS server 2 address here.
- \\ Manually-set DNS servers can be helfpul if your ISP's DNS servers are slow/unreliable. \\  \\
+  * Most ISPs don't require a value here, so a blank entry is usually fine. \\ Very few small DSL or Fibre providers will require it. With those \\ providers, you must include it, you won't be able to log on to their network.
-**MTU:**  sets the Maximum Transmission Unit, (Ethernet frame size) for WAN<-->LAN traffic.
+ \\
-This is for the WAN interface only and won't affect LAN traffic.
+**Options:  **here, you can enter optional settings/parameters for certain connection types.
-  * (Default: 1500) - good for most Ethernet devices. \\ Choosing it \\ greys out the Manual field.
+  * This field appears only when PPPoE, PPTP or L2TP is chosen as the Connection Type.
-  * Manual - Enter a custom value. Jumbo Frames \\ start at 2000 bytes.
+\\
+**Network Type: **appears when 4G/LTE WAN type is selected. (Default: 4G/3G/2G).
+  * The default makes FreshTomato start negotiating with a 4G connection. \\ If that fails, it falls back to negotiating 3G. Finally, it tries a 2G connection. FIXME
  \\
-Different MTU sizes across devices may cause issues.\\
+**DNS Server: ** here, you configure the DNS servers to use for name resolution.
  \\
+{{::basic-network-wan0_settings-dns_server-default_theme-2025.3.png?400}}\\  \\
+  * [AUTO] * - FreshTomato uses DNS server addresses offered \\ to your router in your ISP's  DHCP lease. \\ \\
+  * [Manual] - enables DNS the server functions in dnsmasq. \\ This makes the "DNS 1" and "DNS 2" fields appear.
+    * DNS 1 - enter the IP address of your first DNS server here.
+    * DNS 2 - enter the IP address of your second DNS server here.
+ \\
+Manually-set DNS servers can be useful if your ISP DNS servers are slow/unreliable.\\
+ \\
+**MTU:**  sets the Maximum Transmission Unit/Ethernet frame size for WAN<-->WAN traffic.\\   \\   \\ {{::basic-network-wan0_settings-mtu_to_query_hilink_modem_ip-default-theme-2025.3.png?400}}\\   \\
+  * [Default: 1500] * - fine for most Ethernet devices. \\ Choosing it greys out the Manual field.
+  * [Manual] - Enter a custom value. Jumbo Frames \\ start at 2000 bytes.
+ \\ Different MTU sizes across devices may cause issues.
+This applies only to the WAN interface and won't affect LAN traffic.
+\\
 **Use DHCP:**  is rarely used. Usually, you should leave it disabled.
-  * A few Internet providers separate addressing from PPPoE functions.\\  \\
+  * Very few Internet providers separate addressing from PPPoE functions.
-**Single Line MLPPP:** is outdated, and rarely used now.
+ \\
-This Multilink PPP version lets a modem bond the bandwidth of multiple PPPoE sessions.
+**Single Line MLPPP:** is outdated, and rarely used now.
-A side effect of it was that it bypassed some ISPs' bandwidth throttling.\\ \\  \\
+This Multilink PPP version lets a modem bond the bandwidth of multiple PPPoE sessions.\\  \\
-**Route Modem IP: **lets you access a modem "behind a router" with a quick setting change.
+**Route Modem IP: **allows quick access to a modem/device "behind a router" with a setting change.
  \\
-  * When using separate modem and router, usually the modem is in bridge mode or \\ PPPoE passthrough mode. This makes it hard to access the modem's LAN interface, \\ as it's "behind" the router.
+{{::basic-network-wan0_settings-route_modem_ip_to_call_custom_status_script-default_theme-2025.3.png?400}}\\  \\
-  * The router's WAN interface has a public address, but the modem is reachable \\ only via a private LAN address.
-  * Private addresses aren't routable, so by default, FreshTomato blocks any traffic\\ on a path of: LAN ---> WAN ---> (MODEM with PRIVATE IP).
+  * When using separate modem and router, usually the modem is in bridge mode or \\ passthrough mode. This makes it hard to access the modem's LAN interface, \\ as it's "behind" the router. \\ \\
-  * Route Modem IP adds a static route to the routing table, giving the modem a\\ private address on a /32 subnet. This makes the private address reachable via \\ the WAN interface, and thus via the LAN.
+  * The router's WAN interface has a public address, but the modem is reachable \\ only via a private LAN address. \\ \\
+  * Private addresses aren't routable, so by default, FreshTomato blocks any traffic\\ travelling from LAN --> WAN --> (MODEM with PRIVATE IP). \\ \\
+  * Route Modem IP adds a static route to the routing table, giving the modem a\\ private address on a /32 subnet. This makes the private address reachable via \\ the WAN interface, and thus via the LAN. \\ \\
   * The mask allows only one host, so only the modem is reachable on that subnet.
- \\ .
+ \\
-(Default: Off)\\  \\
+Default: blank/off.
+\\
-**Query Hilink Modem IP:**  is for Huawei USB modems with Hilink mode.
+**Query Hilink Modem IP:** is for Huawei USB modems with Hilink mode.
-It lets you communicate with a modem in Hilink mode connected to a LAN device other than the router.
+This lets you communicate with a modem in Hilink mode connected to a LAN device other than the router.
-It can be used to monitor modem statistics/signal strength. (Default: Disabled).\\  \\
+This can be useful for monitoring modem statistics/signal strength.
-**Call Custom Status Script: ** TBD.
+(Default: 0.0.0.0/Disabled).
  \\
-**Connect Mode: **chooses the method to keep the router connected to the Internet provider.
+**Call Custom Status Script: ** allows you to define and execute a custom shell script.
+This can be useful for monitoring or to report router status.
  \\
-  * Connect on Demand - makes the router disconnect from the ISP after \\ the //Max Idle Time//. FreshTomato reconnects to the Internet as soon as \\ a LAN client requests Internet access.
+**Connect Mode: **here, select the method to keep the router connected to the Internet provider.
-  * Some ISPs drop a connection if their router detects no Internet activity.
-    * Keepalive * - makes FreshTomato send [[https://en.wikipedia.org/wiki/Keepalive#TCP_keepalive|keepalive]] packets at brief, \\ specified intervals. This makes the ISP "see" intermittent activity \\ when no clients request \\ Internet access.
+ \\ {{::basic-network-wan0_settings-connect_mode_to_lcp_echo_liink_fail_limit-2025.3.png?500}}
-  * Redial Interval - how often the router checks the Internet connection. \\ (Default: 10 seconds). This minimizes Internet connection response time, \\ since usually the connection will be up.
  \\
-(Default: Keepalive).\\
+  * [Connect on Demand] - makes the router disconnect from the ISP after \\ the //Max Idle Time//. FreshTomato reconnects to the Internet as soon as \\ a LAN client requests Internet access. \\
+    * IP to trigger connect - the IP address whose activity will \\ trigger FreshTomato to reconnect to the Internet.
+    * Max idle time - the maximum period of inactivity after which \\ the router disconnects from the internet if no LAN client \\ is requesting access.\\ \\
+  * [Keepalive] * - makes FreshTomato send keepalive packets at specified intervals. \\ Some ISPs drop the connection if they detect no Internet activity. \\ This option makes FreshTomato send [[https://en.wikipedia.org/wiki/Keepalive#TCP_keepalive|keepalive]] packets at brief, \\ specified intervals. The ISP "sees" this intermittent activity \\ when no clients request Internet and maintains the connection.  \\
+    * Redial Interval - how often FreshTomato checks the WAN connection. \\ This minimizes Internet connection response time, as usually \\ the connection will be up. (Default: 10 seconds).
  \\
@@ Line 308: / Line 340: @@
 **Redial Interval: **if PPPoE dialing fails, this delays attempts for a defined number of seconds.
-This allows more time for the PPPoE server/network equipment to restart properly before re-establishing a PPPoE link. \\ (Default: 10 seconds).\\  \\
+This allows the PPPoE server/network gear more time to restart before re-establishing a PPPoE link. \\ (Default: 10 seconds). FIXME-Same explanation as under Keepalive?
+ \\
 **LCP Echo Interval: **Link Control Protocol exchanges frames between 2 peers to check they're connected.  \\
-  * LCP Echo Interval is the time between these signals.
+  * LCP Echo Interval is the time, in seconds between these signals.
-  * Usually used to check a DSL modem's PPPoE is still connected to the ISP.
+  * Usually used to check a DSL modem's PPPoE connection to the ISP.
-  * (Default: 10 seconds).
+  * (Default: 10).
  \\
-**LCP Echo Link fail limit: **how many failed LCP echo requests between peers before link is deemed down.
+**LCP Echo Link fail limit:** number of failed echo requests between peers before a link is deemed down.
+  * The client modem will then drop the PPPoE link.
+  * LCP will then try to renegotiate a new PPPoE session.
  \\
-  * The client DSL modem will then drop the PPPoE link.
+{{::basic-network-disable_watchdog_to_watchdog_mode-2025.3.png?400}}
-  * LCP will then try to renegotiate a new PPPoE session.
  \\
-**Disable Watchdog: **disables the Watchdog function, for only the WAN connection in the menu. \\ (Default: Enabled/Tracert).
+**Disable Watchdog: **disables the Watchdog function, only for the WAN connection in the menu.
+Default: unchecked.
  \\
@@ Line 333: / Line 371: @@
 **Watchdog Mode: **regularly checks a given WAN connection is up.
-This chooses the method used to test the connection.
+This setting allows you to choose the method used to test the connection.
  \\
@@ Line 342: / Line 380: @@
  \\
-The Watchdog function supports connection types:
+Watchdog supports the following connection types:
  \\
@@ Line 356: / Line 394: @@
 ===== LAN =====
-The LAN section includes information and settings to configure FreshTomato's LAN interface functions.\\
- \\
+The LAN section includes information and settings to configure FreshTomato's LAN interface functions.\\   \\ {{::basic-network-lan.png?799}}
-{{::basic-network-lan.png?799}}
  \\
@@ Line 378: / Line 415: @@
 **IP Address:** the IP Address to assign to the specified LAN interface.
+ \\
 FreshTomato supports Class A/B/C networks. (Default: 192.168.1.1).\\ \\
@@ Line 393: / Line 430: @@
 **Lease Time (//mins.//)**: the DHCP lease time, in minutes. (Default: 1440). \\ \\
-**Automatic IP**: lets FreshTomato obtain a LAN IP via DHCP.
+**Automatic IP**: lets FreshTomato obtain a LAN IP via DHCP.  \\  Since release 2022.6, this option is supported in: \\   \\   \\
-Since release 2022.6, this option is supported in: \\
- \\
   - AP Mode
-  - Wireless Ethernet Bridge (WEB) Mode
+  - Wireless Ethernet Bridge Mode
   - Media Bridge Mode.\\ \\
 After saving settings, the router's new default address is 192.168.1.1 until it obtains DHCP data.\\
 ===== Ethernet Ports State - Configuration =====
-These settings are for the Ethernet Ports State graphic in the [[status-overview|Overview]] menu. Link status, Link speed and Diagnostic information are shown for each port, .
+Settings here are for the Ethernet Ports State graphic in the [[status-overview|Overview]] menu. Link status, Link speed and Diagnostic information are shown for each port, .
  \\
@@ Line 414: / Line 448: @@
  \\
-**Enable Ports State:**  Checking this enables the Ethernet Ports State graphic. (Default: On). \\ \\
+**Enable Ports State:** enables the Ethernet Ports State graphic. (Default: On). \\ \\
-**Show Speed Info:**  Checking this displays the link speed of each port, (1GB/100MB/10MB).
+**Show Speed Info:** checking this displays the link speed of each port, (1GB/100MB/10MB).
 (Default: On). \\ \\
-**Invert ports order:**  Displays port icons in in the opposite order from where they are on the hardware.
+**Invert ports order:** displays port icons in the opposite order from where they are on the hardware.
-This is useful when the sequence of display icons doesn't match the actual locations on the router. (Default: Off).
+This is useful when the order of display icons doesn't match the physical locations on the router. (Default: Off).
 ===== Wireless Band Steering =====
-This feature makes FreshTomato assess on which band a client device should connect, and then "nudges" the client towards that band.
+This feature makes FreshTomato assess on which band a client should connect, then "nudge" it towards that band.
 \\
@@ Line 435: / Line 468: @@
  \\
-When enabled, these settings are saved to NVRAM, then replicated from the first wireless radio to all other radios:
+When enabled, these settings are saved to NVRAM, then replicated from the first WiFi radio to all other radios:
  \\
@@ Line 452: / Line 485: @@
 (Visibility depends on the wireless security selected)
-Among the wireless settings that will NOT be replicated are:
+ \\
+Among the settings that will NOT be replicated are:
  \\
@@ Line 464: / Line 499: @@
  \\
+This feature is available since r2020.8 (for ARM hardware only). See the [[https://wiki.freshtomato.org/doku.php/basic-network#network_notes_and_troubleshooting|Notes]] section for more details.
 Client devices also may try to switch bands on their own, without the influence of Wireless Band Steering.
-This feature is available since release 2020.8 (for ARM hardware only). See the [[https://wiki.freshtomato.org/doku.php/basic-network#network_notes_and_troubleshooting|Notes]] section for more details.
+\\
- \\
-==== Wireless (2.4 GHz / interface eth1) ====
+===== Wireless (2.4 GHz / interface eth1) =====
 The Wireless (2.4 GHz) section displays information and settings for the 2.4 GHz wireless interface.
@@ Line 482: / Line 516: @@
  \\
-**Enable Wireless:** When checked, enables the 2.4 GHz WiFi interface. When unchecked disables that interface. \\ \\
+**Enable Wireless:** enables the 2.4 GHz WiFi interface. When unchecked disables that interface. \\ \\
-**MAC Address:** Displays the MAC address of the 2.4 GHz WiFi interface.
+**MAC Address:** displays the MAC address of the 2.4 GHz WiFi interface.
 Clicking this takes you to the [[:mac_address|MAC Address]] page, to specify a custom address for this interface. \\ \\
-**Wireless Mode:** Here, choose the wireless mode (function) of the 2.4 GHz WiFi interface.  \\   \\
+**Wireless Mode:** here, choose the wireless mode (function) of the 2.4 GHz WiFi interface.  \\   \\
  \\
@@ Line 494: / Line 528: @@
 ^   ^  **Table: 2.4 GHZ Interface Wireless Modes**  ^
 |  **Wireless Mode**  |  **Description**  |
-|  \\ Access Point  | \\ The (default) setting, which allows clients to connect to FreshTomato's wireless networks. \\ \\ -  IPv4 & IPv6 communication work for both MIPS and ARM. \\ |
+|  \\ Access Point*  | \\ The (default) setting, that allows clients to connect to FreshTomato WiFi networks. \\ \\ -  IPv4 & IPv6 communication work for both MIPS and ARM. \\ |
-|  \\ Access Point WDS  | \\ Sets the router in "repeater mode", allowing clients to connect via wireless while simultaneously acting as a \\ WDS [[https://en.wikipedia.org/wiki/Wireless_Distribution_System|Wireless Distribution System]] base station. \\ \\ |
+|  \\ Access Point WDS  | \\ Sets the router in "repeater mode". Clients can connect via WiFi while \\ the router also acts as a [[https://en.wikipedia.org/wiki/Wireless_Distribution_System|Wireless Distribution System]] base station. \\ \\ |
-|  \\ Wireless Client  | \\ The router connects to another router/access point as any other wireless client device would. \\ \\ -  Wireless Client mode works for:\\    MIPS devices (SDK5: RT and RT-N images)\\    ARM devices (SDK6 & SDK7 & SDK714) starting with release 2021.5\\ -  This mode does not work yet on SDK6 MIPS RT-AC builds. \\   (The option will be removed from the GUI starting with Release 2024.3)\\ -  Only one wireless radio can be used in this mode. Other radio modules, (if present), can be used in Access Point mode. \\ -  Disable band steering if using this mode (at least for the initial setup. Advanced users may adjust NVRAM values for band steering).\\ -  The recommended security setup for WiFi connections is WPA2 Personal with AES. \\ -  If no connection is possible using the above, try WPA / WPA2 Personal + AES.\\ -  This is the recommended security setup for MIPS SDK5 (RT and RT-N) wireless client mode). \\ \\ |
+|  \\  \\  \\  \\  \\   \\ \\ \\ Wireless Client  | \\ The router connects to another router/AP as any other WiFi client would. \\ \\ -  Wireless Client mode works for:\\    -  MIPS devices (SDK5: RT and RT-N images)\\    -  ARM devices (SDK6 & SDK7 & SDK714) starting with r2021.5\\ -  This mode does not yet work on SDK6 MIPS RT-AC builds. \\     (The option was removed from the GUI starting with r2024.3) \\ \\ -  Only one WiFi radio can be used in this mode. \\    -  Other radio modules present can be used in AP mode. \\ \\ -  Disable band steering when in this mode, (at least for initial setup). \\   -  Advanced users may adjust NVRAM values for band steering. \\ \\ -  The recommended WiFi security for this mode is WPA2 Personal/AES. \\    -  If no connection is possible using the above, try those settings.\\    -  This is especially true for MIPS SDK5 (RT and RT-N) wireless client mode). \\ \\ |
-|  \\ Wireless Ethernet Bridge  | \\ Configures FreshTomato to connect to another router. \\ All clients connected to both routers remain in the same subnet. \\ \\ -  Since Wireless Ethernet Bridge 1.19, this mode must have security set to WPA2 to work properly. \\ -  IPv4 communication works for MIPS and ARM builds. \\ -  IPv6 communication will be blocked (Bug within wl driver ==> router may crash; Use Media Bridge Mode for IPv6 support)\\ -  ARM SDK7 not working/possible (Option will be removed from the GUI starting with Release 2024.3)\\ -  ARM SDK6 & SDK714 working correctly\\ -  MIPS SDK5: RT and RT-N working correctly\\ -  MIPS SDK6 RT-AC not working/possible (Option will be removed from the GUI starting with Release 2024.3)\\ -  Do not enable wireless band steering (BSD) while this mode is enabled.\\ \\ Recommendation: Use this interface only to connect to your main AP (no virtual interfaces). Other radio modules present can be used, for example, in A/P mode.\\ \\ |
+|  \\  \\  \\  \\  \\   \\  \\  \\ \\ Wireless Ethernet Bridge  | \\ Configures FreshTomato to connect to another router. \\ All clients connected to both routers remain in the same subnet. \\ \\ -  Since WEB v1.19, this mode must have security set to WPA2 to work. \\ \\ -  IPv4 communication works for MIPS and ARM builds. \\ -  IPv6 communication will be blocked. \\    -  A bug in the Linux wl driver may cause crashes. \\    -  For IPv6 support, use Media Bridge Mode. \\ \\ -  ARM SDK7 is not working/will never be possible. \\    - The option was removed from the GUI since r2024.3.\\ -  ARM SDK6 & SDK714 work correctly\\ -  MIPS SDK5: RT and RT-N work correctly\\ -  MIPS SDK6 RT-AC not working/will never be possible \\    -  (The option was removed from the GUI starting with r2024.3) \\ \\ -  Do not enable wireless band steering (BSD) when using this mode.\\ \\ -  Use this interface to connect only to your main AP (no virtual interfaces). \\   -  Other radio modules present can be used, for example, in A/P mode.\\ \\ |
-|  \\ Media Bridge Mode  | \\ Configures FreshTomato to connect to another router/access point. \\\\ All clients connected to both routers remain in the same subnet.  \\ \\ -  Support for this mode is available starting with release 2021.6 .\\ -  This mode is similar to Wireless Ethernet Bridge mode for SDK6 and up (only for MIPS RT-AC images and all ARM images). \\ -  Recommendations: Use Wireless Ethernet Bridge mode for MIPS RT and RT-N builds (like the RT-N16, E4200v1).\\ -  This Mode is not supported in SDK5 (RT / RT-N) builds.\\ -  ARM SDK6 & SDK7 & SDK714 working correctly\\ -  MIPS SDK6 RT-AC working correctly\\ -  Both IPv4 and IPv6 communication function well.  You don't need to enable IPv6 via the web interface. IPv6 traffic will work. \\ -  Do not enable wireless band steering (BSD) if this mode is enabled.\\  \\ Reccomendation: use this interface only to connect to your main A/P (not to virtual interfaces). Other present radio modules can be used, for example, in A/P mode.\\ \\ |
+|  \\  \\  \\  \\  \\  \\  \\  \\ Media Bridge Mode  | \\ Configures FreshTomato to connect to another router/access point.\\ All clients connected to both routers remain in the same subnet.  \\ \\ -  Support for this mode started with r2021.6.\\ -  Similar to Wireless Ethernet Bridge mode for SDK6 and up \\ -  (only for MIPS RT-AC images + ARM images). \\ \\ -  Use Wireless Ethernet Bridge mode for MIPS RT / RT-N builds, \\    like the RT-N16, E4200v1.\\ -  This Mode isn't supported in SDK5 (RT / RT-N) builds.\\ -  ARM SDK6 & SDK7 & SDK714 work properly.\\ -  MIPS SDK6 RT-AC work properly. \\ \\ -  Both IPv4 and IPv6 function well. \\   -  You don't need to enable IPv6 via the GUI. IPv6 traffic just works. \\ \\ -  Don't enable wireless band steering (BSD) with this mode enabled.\\    Use this interface only to connect to your main A/P (not to virtual interfaces). \\    -  Other radio modules can be used, for example, in A/P mode.\\ \\ |
 |  \\ WDS  | \\ Serve as a [[https://en.wikipedia.org/wiki/Wireless_Distribution_System|Wireless Distribution System (WDS)]] base station only. \\ \\ |
 | //Table derived from (Creative Commons) Wikibooks - “Tomato Firmware/Menu Reference” Wireless Mode Selections//  ||
@@ Line 504: / Line 538: @@
 \\  \\
-**Wireless Network Mode: **select which 802.11 WiFi protocols to make available to clients.
+**Wireless Network Mode: **selects which 802.11 WiFi protocols to make available to clients.
 The network modes available here will depend on your hardware.
@@ Line 510: / Line 544: @@
  \\
-  * Auto: * - router/WiFi clients automatically negotiate the best protocol.
+  * Auto * - WiFi clients automatically negotiate the best protocol.
-    * Recommended, unless you have advanced networking skills.
+    * Recommended, unless you have advanced knowledge.
-    * Incompatibilities may exist.
+    * Incompatibilities may occur.
-    * The best settings may not be obvious.
+    * The best settings may not be obvious. \\ \\
-  * B Only - allows WiFi clients to connect using only 802.11b.
+  * B Only - allows clients to connect using only 802.11b. \\ \\
-  * G Only - allows WiFi clients to connect using only 802.11n.
+  * G Only - allows clients to connect using only 802.11n. \\ \\
-  * B/G Mixed - allows clients to connect using 802.11b/802.11g.
+  * B/G Mixed - allows clients to connect using 802.11b/802.11g. \\ \\
-  * N only - allows clients to connect using only the 802.11n.
+  * N only - allows clients to connect using only the 802.11n. \\ \\
  \\
@@ Line 525: / Line 559: @@
  \\
-**SSID:**  the network name (Service Set IDentifier) for the 2.4 GHz WiFi interface.
+**SSID:** the network name (Service Set IDentifier) for the 2.4 GHz WiFi interface.
-For security, don't include personal identity, address, location, or equipment type. Single dictionary words are also very poor for security.
+For security, don't include personal identity/address/location/equipment type. Avoid using single dictionary words.
-(Default: FreshTomatoXX, where “XX” is the two band numbers.)  On a 2.4 GHz network, the default SSID is: “FreshTomato24”. \\ \\
+(Default: FreshTomatoXX, where “XX” is the band numbers.)  For example: “FreshTomato24”. \\ \\
-**Broadcast:  **enables SSID broadcasting.
+**Broadcast: **enables SSID broadcasting.
 This “announces” the SSID, so it's easy to find and connect to.
-SSIDs are easily sniffed with common software. Contrary to some claims, disabling Broadcast provides little security increase.\\ \\
+Common software can easily sniff SSIDs, so in reality, disabling Broadcast provides little security increase.\\ \\
-**Channel:  **the channel on which the 2.4 GHz interface operates.
+**Channel: **the channel on which the 2.4 GHz interface operates.
 Generally, choose a different channel than your neighbours'. (Default: Auto).
@@ Line 543: / Line 577: @@
  \\
-  * Auto* - This default is generally safe unless there's too much interference from \\ other, nearby equipment. \\ FreshTomato chooses/uses the channel it senses has the least interference.
+  * [Auto]* - this default is generally safe unless there's too much  \\ interference from other, nearby equipment. \\ FreshTomato uses the channel it senses has the least interference.
-  * Channel - lets you manually choose available channels on the band. \\ Unavailable channels won't appear. \\ \\
+  * [Channel] - lets you manually choose available channels on the band. \\ Unavailable channels won't appear. \\ \\
-**Channel Width:**  lets you choose the (frequency) width of the channel.
+**Channel Width:** lets you choose the (frequency) width of the channel.
  \\
-  * 20 MHz
+  * [20 MHz]
-  * 40 MHz
+  * [40 MHz]
  \\
-.11n can use 40 MHz channel width, but to maintain legacy compatibility, it uses one main 20 MHz channel plus a free adjacent channel 20 MHz above or below the main channel. \\ \\
+.11n uses a 40 MHz channel by combining a main 20 MHz channel with an adjacent 20 MHz channel above/below for compatibility.
-**Control Sideband:**  lets you choose whether the extra sideband channel used is above (Upper) or below (Lower) the main channel used.
+ \\
-(Default: Upper). This is only available If 20 or 40 Channel Width is selected.
+ \\
+**Control Sideband:** this lets you choose whether the sideband channel is above (Upper) or below (Lower) the main channel.
+ \\
   * Upper *
-  * Lower\\ \\
+  * Lower\\
-**Security**: Here, choose the security protocol used on the 2.4 GHz WiFi interface.
+This is only available If 20 or 40 Channel Width is selected. (Default: Upper).
+\\
+**Security**: here, choose the security protocol used on the 2.4 GHz WiFi interface.
  \\
-  * Disabled - disables all security, leaving the network open to anyone. \\ Avoid using this. It is a basically an unlimited security risk.
+  * [Disabled] - disables all security, leaving the network open to anyone. \\ Avoid using this. It is a basically an unlimited security risk. \\
-  * WEP - enables Wired Equivalent Privacy protocol. Avoid this. It's obsolete \\ due to serious vulnerabilities, including weak encryption.
+ \\
-  * WPA Personal - enables WiFi Protected Access Protocol 1.x.
+  * [WEP] - enables Wired Equivalent Privacy protocol. Avoid this. \\ It's obsolete \\ due to serious vulnerabilities, including weak encryption. \\
+ \\
+  * [WPA Personal] - enables WiFi Protected Access Protocol 1.x.
     * Uses the RC4-based TKIP protocol.
     * Lets hosts exchange pre-shared keys, for more security.
-    * More secure than WEP, but has weaknesses like lower encryption standards.
+    * More secure than WEP, but has weaker encryption standards.
-    * WPA2 is strongly encouraged instead.
+    * WPA2 is strongly encouraged instead. \\
+ \\
-  * WPA Enterprise: (AKA: WPA-802.1X) - is similar to WPA Personal, \\ but each user has his/her own username/password.
+  * [WPA Enterprise] - (WPA-802.1X) - is similar to WPA Personal, \\ but each user has his/her own username/password.
     * No common pre-shared key is used.
     * Doesn't require a RADIUS server.
-    * Is more secure against dictionary attacks on short passwords.
+    * Is more secure against short password dictionary attacks.
-    * Is suitable for larger, more formal networks.
+    * Suitable for larger, more formal networks. \\
-  * WPA2 Personal - WiFi Protected Access version 2 uses parts of 802.11i.
+ \\
-    * Supports mandatory AES encryption, so much more secure than old protocols.
-    * Recommended for small- to mid-sized, informal networks.
-  * WPA2 Enterprise - enables the Enterprise version of WPA2.
+  * [WPA2 Personal] - WiFi Protected Access v2 uses parts of 802.11i.
-    * Uses WPA2, but each user has their own WiFi username/passkey.
+    * Makes AES encryption mandatory, so more secure.
+    * Recommended for small- to mid-sized, informal networks. \\
+ \\
+  * [WPA2 Enterprise] - enables the Enterprise version of WPA2.
+    * Uses WPA2, but each user has own username/passkey.
     * Is based on parts of 802.11i.
     * Doesn't require a RADIUS server.
-    * Appropriate for larger, more structured networks.
+    * Suitable for larger, more structured networks. \\
-  * WPA / WPA2 Personal - enables both protocols. \\ The router will communicate \\ via whatever it detects from the client.
+ \\
-  * WPA / WPA2 Enterprise - enables both protocols. \\ The router will communicated \\ via whatever it detects from the client.
+  * [WPA / WPA2 Personal] - enables both protocols. \\ The router communicates via whatever it detects from the client. \\
+ \\
+  * [WPA / WPA2 Enterprise] - enables both protocols. \\ The router communicates via whatever it detects from the client. \\
+ \\
-  * RADIUS - enables Remote Access Dialup User Service.
+  * [RADIUS] - enables Remote Access Dialup User Service.
     * Designed for larger organizations.
     * Uses a separate server to authenticate/permit/track users.
     * Supports authentication via certificates.
-    * Is usually only for advanced users. \\ \\
+    * Is usually only for advanced users.\\ \\
+ \\
 **Shared Key:**  the authentication key for WiFi LAN clients. Asterisks display before inserting the cursor. \\ \\
-**Group Key Renewal:**  sets how often encryption keys used between clients and router are rotated. \\ This is a part of the WPA protocol. (Default: 3600 seconds/1 hour).
+**Group Key Renewal:**  sets how often client-router encryption keys are rotated.
+This is a part of the WPA protocol.
+(Default: 3600 seconds).
  \\
@@ Line 614: / Line 678: @@
  \\
-  * Release 2023.5 and later: From 1 second to 2592000 seconds \\ [for ARM-based and MIPS RT-N / MIPS-RT-AC hardware] \\ Where: 0 = disabled   (not advised).
+  * r2023.5 and later: From 1 second to 2592000 seconds \\ [for ARM-based and MIPS RT-N / MIPS-RT-AC hardware] \\ Where: 0 = disabled   (not advised).
-  * Releases 2023.4 and earlier (for all hardware): 60 - 7200 seconds.
+  * r2023.4 and earlier (for all hardware): 60 - 7200 seconds.
 ===== Wireless (5 GHz / interface eth2) =====
@@ Line 646: / Line 709: @@
 ^   ^  **Table: 5 GHz interface Wireless Mode**  ^
 |  **Wireless Mode**  |  **Description**  |
-|  \\ Access Point  | \\ The (default) setting, which allows clients to connect to FreshTomato's wireless network(s). \\ \\ -  IPv4 & IPv6 communication work for both MIPS and ARM. \\ |
+|  \\ Access Point  | \\ The default setting that allows clients to connect to FreshTomato wireless networks. \\ \\ -   IPv4 & IPv6 communication work for MIPS and ARM. \\ |
-|  \\ Access Point WDS  | \\ Sets the router in "repeater mode", allowing clients to connect via WiFi while acting as a \\ WDS [[https://en.wikipedia.org/wiki/Wireless_Distribution_System|Wireless Distribution System]] base station. \\ \\ |
+|  \\ Access Point WDS  | \\ Sets the router in "repeater mode", letting clients to connect via WiFi while acting as a \\ WDS [[https://en.wikipedia.org/wiki/Wireless_Distribution_System|Wireless Distribution System]] base station. \\ \\ |
-|  \\ Wireless Client  | \\ The router connects to another router/access point as any other wireless client device would. \\ \\ -  Wireless Client mode works for: MIPS devices (SDK5: RT and RT-N images) and\\    ARM devices (SDK6 & SDK7) starting with release 2021.5 \\ -  This mode does not yet work on SDK6 MIPS RT-AC images.\\ -  Only one wireless radio can be used in this mode. Other radio modules present can be used in A/P mode.\\ -  Disable Wireless Band Steering when in this mode during default setup. \\ (Advanced users can adjust band steering NVRAM values).\\ -  [WPA2 Personal with AES] is the recommended security setup for WiFi connections.\\ -  If connection won't establish using the above, try [WPA / WPA2 Personal + AES]. This is the recommended security configuration for MIPS SDK5 (RT and RT-N) wireless client mode. \\ \\ |
+|  \\ \\  \\  \\ \\  \\ Wireless Client  | \\ The router connects to another router/AP like any other wireless client would. \\ \\ -  This mode works for: \\     -  MIPS devices (SDK5: RT and RT-N images) and\\     -  ARM devices (SDK6 & SDK7) starting with r2021.5 \\ -  This mode doesn't yet work on SDK6 MIPS RT-AC images. \\ \\ -  Only one WiFi radio can be used in this mode. \\    -  Other radio modules present can be used in AP mode. \\ \\ -  Disable Wireless Band Steering with mode during initial setup. \\ (Advanced users can adjust band steering NVRAM values). \\ \\ -  WPA2 Personal with AES is the recommended security setup for WiFi connections, \\ especially for MIPS SDK5 (RT + RT-N) \\    -  Try these settings if you cannot establish a connection.\\ \\ |
-|  \\ Wireless Ethernet Bridge  | \\ Configures FreshTomato to connect to another router. \\ All clients connected to both routers remain in the same subnet. \\ \\ -  As of version 1.19, this mode must have security set to WPA2 to work properly. \\ -  IPv4 communication works for MIPS and ARM builds. \\ -  IPv6 communication will only work for FreshTomato 2021.1 SDK6 ARM Dual-Core and newer\\ -  SDK7 not working/possible. \\ -  Do not enable wireless band steering (BSD) while this mode is enabled. \\ -  Recommendation: Use Wireless Ethernet Bridge only to connect to your main AP (no virtual interfaces). Other radio modules can be used, for example, in AP mode. \\ \\ |
+|  \\  \\ \\  \\ Wireless Ethernet Bridge  | \\ Configures FreshTomato to connect to another router. \\ Clients connected to both routers remain in the same subnet. \\ \\ -  As of version 1.19, this mode must have security set to WPA2 \\ to work properly.-  IPv4 communication works for MIPS + ARM builds. \\ -  IPv6 will only work for r2021.1 SDK6 ARM Dual-Core and later. \\ \\ -  SDK7 does not work/will not ever work in this mode. \\ \\ -  Do not enable wireless band steering (BSD) with this mode enabled. \\ \\ -  Use Wireless Ethernet Bridge to connect only to your main AP (no virtual interfaces). \\    -  Other radio modules can be used, for example, in AP mode. \\ \\ |
-|  \\ Media Bridge Mode  | \\ Configures FreshTomato to connect to another router/access point. \\  \\ All clients connected to both routers remain in the same subnet. \\ \\ -  This new mode is similar to Wireless Ethernet Bridge mode for SDK6 and up (for MIPS RT-AC and all ARM images).\\ -  Using Wireless Ethernet Bridge mode is recommended for MIPS RT and RT-N images (like the RT-N16, E4200v1).\\ -  This Mode is not supported with SDK5 (RT / RT-N) builds\\ -  Both IPv4 and IPv6 communication function. IPv6 traffic works without needing to enable IPv6 in the web interface. . \\ -  Support for this mode started with release 2021.6.\\ -  Do not enable wireless band steering with this mode enabled. \\ -  You should use use Media Bridge interface to connect to your main AP only (no virtual interfaces). Other radio modules can be used, for example, in AP mode. \\ \\ |
+|  \\  \\  \\  \\  \\  \\ Media Bridge Mode  | \\ Configures FreshTomato to connect to another router/AP. \\ All clients connected to both routers remain in the same subnet. \\ \\ -  This is similar to Wireless Ethernet Bridge mode for SDK6 \\ and up (for MIPS RT-AC and all ARM images).\\ -  Using Wireless Ethernet Bridge mode is recommended for \\ MIPS RT and RT-N images (like the RT-N16, E4200v1).\\ -  This Mode is not supported with SDK5 (RT / RT-N) builds \\ \\ -  Both IPv4 and IPv6 function properly. IPv6 traffic works without \\ needing to enable IPv6 in the web interface. \\  \\ -  Support for this mode started with r2021.6. \\ \\ -  Do not enable wireless band steering with this mode enabled.\\ -  Use Media Bridge interface to connect only to your main AP (no virtual interfaces). \\      -  Other radio modules can be used, for example, in AP mode. \\ \\ |
 |  \\ WDS  | \\ FreshTomato will act only as a [[https://en.wikipedia.org/wiki/Wireless_Distribution_System|Wireless Distribution System (WDS)]] base station. \\ \\ |
 | //Table derived from (Creative Commons) Wikibooks - “Tomato Firmware/Menu Reference” Wireless Mode Selections//  ||
@@ Line 656: / Line 719: @@
  \\  \\
- **Wireless Network Mode: **Select the 802.11 WiFi protocols available to clients.
+ **Wireless Network Mode: **here, select the 802.11 WiFi protocols available to clients.
  \\
-  * Auto - FreshTomato/WiFi clients automatically negotiate the best WiFi protocol.
+  * [Auto] - WiFi clients automatically negotiate the best protocol.
     * Recommended unless you're highly experienced with WiFi.
-    * Compatibility issues may occur. The “logical” setting isn't always the best.
+    * Compatibility issues may occur. The “logical” setting isn't always best. \\ \\
-  * A Only - allows WiFi clients to connect using only 802.11a.
+  * [A Only] - allows clients to connect using only 802.11a. \\ \\
-  * N Only -  allows WiFi clients to connect using only 802.11n.
+  * [N Only] -  allows clients to connect using only 802.11n. \\ \\
-  * N/AC mixed - allows WiFi clients to connect using only 802.11ac or 802.11n.
+  * [N/AC mixed] - allows clients to connect using only 802.11ac or 802.11n. \\ \\
-  * AC Only - allows WiFi clients to connect using only 802.11ac.
+  * [AC Only] - allows clients to connect using only 802.11ac.
- \\ (Default: Auto)
+ \\ (Default: Auto)  \\  Only r2021.8 and later have have a separate setting for 802.11ac. Any 2.4 GHz band interface will have separate Mode settings.\\ \\
-Only releases 2021.8 and later have have a separate setting for 802.11ac.
-Any 2.4 GHz band interface will have separate Mode settings. See the 2.4 GHz section.\\ \\
 **SSID:**  the network name of the 5 GHz WiFi.
-For security, don't include personal words/phrases indicating youir name, identity, address, location, or equipment type. Single dictionary words also make for very poor security.\\ \\ (Default: FreshTomatoXX, where “XX” is the digits in the band.) On a 5 GHz network, the default SSID is “FreshTomato50”. \\ \\
+For security, don't include personal words/phrases indicating your name, identity, address, location, or equipment type. Single dictionary words also make for very poor security.\\ \\ (Default: FreshTomatoXX, where “XX” is the digits in the band.) On a 5 GHz network, the default SSID is “FreshTomato50”. \\ \\
 **Broadcast: **enables SSID broadcasting.
-This “announces” the SSID, so it's easy to find. Contrary to claims, SSIDs are easily sniffed with common software. Disabling SSID Broadcast offers little security improvement. \\ \\
+This “announces” the SSID, so it's easy to find. SSIDs are easily sniffed, so disabling SSID Broadcast offers little security improvement. \\ \\
 **Channel: **selects the channel on which the 5 GHz WiFi interface will operate..
@@ Line 688: / Line 747: @@
  \\
-  * Auto: This default is usually safe unless there's too much interference from nearby equipment.
+  * [Auto]*: This default is usually safe unless there's too much \\ interference from nearby equipment.
-    * FreshTomato selects/uses the channel it believes has the least interference.
+    * FreshTomato selects the channel it thinks has the least interference.
-  * Channel: lets you manually choose from available channels on the band. \\ Unavailable channels won't appear.
+  * [Channel]: lets you manually choose from available channels \\ on the band. Unavailable channels won't appear.
 \\
@@ Line 698: / Line 757: @@
  \\
-  *  20 MHz
+  *  [20 MHz]
-  *  40 MHz
+  *  [40 MHz]
-  *  80 MHz
+  *  [80 MHz]
-  * 160 MHz (not yet supported. May be supported on some SDK714 models)
+  * [160 MHz] (not yet supported, but may eventually be on some SDK714 models)
  \\  \\
@@ Line 709: / Line 768: @@
 The 5GHz band is less prone to interference and noise, because on that band, 20 MHz channels don't overlap. Interference is more common on the 2.4 GHz band.
-Usually, it's fine to choose a larger channel width. However, if you see slow traffic, or clients having trouble authenticating/associating with the router, try a narrower channel width.
+Usually, it's fine to choose a larger channel width. However, if you see slow traffic, or clients having trouble authenticating/associating with the router, try a narrower channel width. 802.11n can use 40 MHz channel width. However, for legacy compatibility, it uses a main 20 MHz channel plus a free adjacent channel 20 MHz above or below the main one. \\ \\
-.11n can use 40 MHz channel width. However, for legacy compatibility, it uses a main 20 MHz channel plus a free adjacent channel 20 MHz above or below the main one. \\ \\
 **Control Sideband:**  select whether the extra channel used is above (Upper) or below (Lower) the main channel.
@@ Line 721: / Line 778: @@
  \\
-  * Disabled - disables all security, leaving the network open to anyone.
+  * [Disabled] - disables all security, leaving the network open to anyone.
-    * Avoid using this. It's basically an unlimited security risk.
+    * Avoid using this. It's basically an unlimited security risk. \\
-  * WEP - enables Wired Equivalent Privacy protocol. Avoid using this.
+ \\
-    * Obsolete due to serious vulnerabilities, such as weak encryption.
-  * WPA Personal - enables WiFi Protected Access 1.x (with RC4-based TKIP protocol).
+  * [WEP] - enables Wired Equivalent Privacy protocol. Avoid using this.
-    * Lets hosts exchange pre-shared keys, for more security.
+    * Obsolete due to serious vulnerabilities like weak encryption. \\
+ \\
+  * [WPA Personal] - enables WiFi Protected Access 1.x (with RC4-based TKIP protocol).
+    * Lets hosts exchange pre-shared keys for more security.
     * More secure than WEP, but problems include low encryption standards.
-    * Strongly encouraged instead of WPA.
+    * Strongly encouraged instead of WPA. \\
-  * WPA Enterprise (or: "WPA-802.1X") - similar to WPA Personal, \\ but each user has\\ their own username/password.
+ \\
+  * [WPA Enterprise] (or: "WPA-802.1X") - similar to WPA Personal, \\ but each user has their own username/password.
     * No common pre-shared key is used.
     * Doesn't require a RADIUS server.
-    * Is more secure against short-password dictionary attacks.
+    * More secure against short-password dictionary attacks.
-    * Is suitable for larger, more formal networks.
+    * Suitable for larger, more formal networks. \\
-  * WPA2 Personal - uses elements of the 802.11i standard.
+ \\
-    * Supports mandatory use of AES encryption. More secure than old protocols.
-    * Is recommended for small/mid-sized informal networks.
+  * [WPA2 Personal] - uses elements of the 802.11i standard.
+    * Supports mandatory use of AES. More secure than old protocols.
+    * Recommended for small/mid-sized informal networks.
+ \\
-  * WPA2 Enterprise - enables the Enterprise version of WPA2.
+  * [WPA2 Enterprise] - enables the Enterprise version of WPA2.
     * Uses WPA2, but each user has their own username/passkey.
     * Is based on parts of 802.11i.
     * Doesn't require a RADIUS server.
-    * Is appropriate for larger, more structured networks.
+    * Is appropriate for larger, more structured networks. \\
-  * WPA / WPA2 Personal - uses WPA2 Personal, and if that fails, WPA security.
+ \\
-  * WPA / WPA2 Enterprise - uses WPA2 Enterprise, and if that fails, WPA .
+  * [WPA / WPA2 Personal] - uses WPA2 Personal, and if that fails, WPA.
-  * RADIUS - enables Remote Access Dialup User Service.
+ \\
-    * Is designed for larger organizations.
+  * [WPA / WPA2 Enterprise] - uses WPA2 Enterprise, and if that fails, WPA .
+ \\
+  * [RADIUS] - enables Remote Access Dialup User Service.
+    * Designed for larger organizations.
     * Uses a separate server to authenticate/permit/track users.
     * Supports authentication via certificates.
@@ Line 762: / Line 835: @@
 **Shared Key:**  the shared authentication key for WiFi LAN clients. Asterisks display until you click your cursor. \\ \\
-**Group Key Renewal:**  sets how often encryption keys used between clients/router are rotated.
+**Group Key Renewal:**  sets how often client-router encryption keys are rotated.
 This is part of the WPA protocol. See the first wireless radio unit for more details.
@@ Line 801: / Line 874: @@
 ==== Baby Jumbo Frames ====
-Support for Baby Jumbo Frames is included since release 2021.3. It works only on gigabit routers. Not all ISPs support Jumbo Frames for PPPoE.
+Support for Baby Jumbo Frames started with r2021.3. It works only on gigabit routers.
+Very few ISPs support Jumbo Frames for PPPoE. To enable Baby Jumbo Frames:
  \\
-To enable Baby Jumbo Frames:
   * Go the [[advanced-misc|Miscellaneous]] menu. Check //Enable jumbo frame support// . \\ The router will reboot.
@@ Line 813: / Line 886: @@
  \\
 ==== Wireless Band Steering ====
@@ Line 853: / Line 925: @@
 </code>
-\\   \\  For more details, see: \\ [[https://www.smallnetbuilder.com/wireless/wireless-howto/32653-asus-rt-ac3200-smart-connect-the-missing-manual?start=0|Smallnetbuilder.com: Asus RT-AC3200 Smart Connect-the Missing Manual]]  \\   \\
+\\   \\  For more details, see: \\ [[https://www.smallnetbuilder.com/wireless/wireless-howto/32653-asus-rt-ac3200-smart-connect-the-missing-manual?start=0|Smallnetbuilder: Asus RT-AC3200 Smart Connect-the Missing Manual]]  \\   \\

FreshTomato Wiki

User Tools

Site Tools

Differences

Page Tools