I have bought a TP-LINK WR842ND a couple of months ago.
TP-LINK TL WR842ND
First I was happy with its performance, and it had some nice features. The wireless range and throughput was also okay. For a half a year I used it without any problems.
But when I updated the firmware to the newest because of security reasons, it started to become unstable, and really slow. Sometimes you wasn’t able to reach the web interface, only if you restart it. A lot of times there was this random traffic drops, when everything died, and a couple of seconds later it worked again.
First I’ve tried to implement my c851 Project.
IP-Address table and DHCP settings
I’ve managed to set it up successfully, everything was working fine (DHCP, NAT, CBAC, NTP, PPPoE etc.)
The internet access was working, I’ve connected my PC, and I’ve got IP via DHCP, it was running perfectly. But when I checked the speed test I got disappointed… I couldn’t get more than 10Mb/s even if I turned off the CBAC.
After some searching, I’ve soon found out, that the ASIC of this Cisco 851 Router was only able to handle around 10Mb/s of traffic. It was a shame, because I have a 60Mb/s connection…
I went back to the TL842ND and decided to change the factory firmware to an open source. I chose OpenWRT by vargalex.
I’m using it for 10 days now, and I’m very pleased with it. It’s stable, far more tunable and you get a lot more information about whats going on.
The factory TP-LINK web interface was just disgusting, bugged a lot of times and it doesn’t used the true potential of the router.
Here are some example shoot about the difference between the factory and the OpenWRT’s LUCI web interface. (The TP-LINK shoots are from a TL WR1043ND, it basically the same)
This is just lame, if you ask me…
Now, lets see the OpenWRT
With OpenWRT you have a lot more options to do whatever you want and with the packet system you can tune the sh*t out of your router. You can have Bittorrent, WebServer, Print server, FileServer, FTP Server, Media Server, WebCamera Server, basically anything. You get a bash prompt, which you can access from the Internet. You get a lot more statistics, Realtime counters, graphs, logs.
The only caveat I could find is the user management. You have only one user, the root and you are using this account even if you have SSH or Web access enabled via the Internet. This is a huge security risk, with brute force or with Dictionary attack is easily crackable even if you have a secure password. By default there is no fail login attempt blocker, so they can try as many as they want.
To avoid being hacked you can block the incoming SSH and Web access, and allow only yourself, but for that you need to know the source IP (which must be static) in order to write the policy correctly. There is a pretty good Firewall Traffic Rule system, so I’ve add entries to deny SSH and Web traffic from the WAN interface.
If you want a tunable, stable firmware on your router, well, you can start from here. Enjoy :)