This is an old revision of the document!
The Netgear DM200 VDSL modem needs to be flashed to use OpenWRT, and some prep work needs to be started before we can take down the AT&T UVerse modem. The reason why we have to use OpenWRT for the DM200 modem is because AT&T uses EAPOL for authentication vs every other DSL provider that uses PPPoE. The stock firmware on the Netgear DM200 does have PPPoE support, but no EAPOL. Additionally, I have tried putting the modem into bridge mode and running wpa_supplicant
on my router, but no EAP packets are forwarded to AT&T's authenticator through the Netgear DM200 modem's bridge. From my tinkering, the Netgear DM200 uses a standard brctl Linux bridge. However, the standard brctl Linux bridge does not forward EAPOL packets due to it's design. It's possible to force the bridge to forward EAPOL packets but in testing this did not work, either with the stock DM200 firmware or OpenWRT firmware.
In this configuration, we are going to be running wpa_supplicant
on the DM200 itself, and bridge the DSL connection to the Ethernet connection. This allows a pure layer 2 bridge between the AT&T DSL network, no MTU shifting, and the DM200 does not use any resources managing or tracking connections besides the layer 2 bridge and running wpa_supplicant
.
eth0
interface to be a DHCP client. wpa-supplicant
ca-certificates
openssh-sftp-server
spTurquoise210-700_1.0.29.bin
tech
, just hit ENTER
. After the last command is executed, the UVerse RG will reboot. curl -k -u tech -H "User-Agent: blah" -H "Connection:Keep-Alive" -d "appid=001&set_data=| echo 28telnet stream tcp nowait root /usr/sbin/telnetd -i -l /bin/nsh > /var/etc/inetd.d/telnet28|" -v --http1.1 https://192.168.1.254:49955/caserver
curl -k -u tech -H "User-Agent: blah" -H "Connection:Keep-Alive" -d "appid=001&set_data=| pfs -a /var/etc/inetd.d/telnet28|" -v --http1.1 https://192.168.1.254:49955/caserver
curl -k -u tech -H "User-Agent: blah" -H "Connection:Keep-Alive" -d "appid=001&set_data=| pfs -s|" -v --http1.1 https://192.168.1.254:49955/caserver
curl -k -u tech -H "User-Agent: blah" -H "Connection:Keep-Alive" -d "appid=001&set_data=| reboot|" -v --http1.1 https://192.168.1.254:49955/caserver
root
file system as writeablemount -o remount,rw /dev/ubi0 /
mfg
partition which contains the certificatesmount mtd:mfg -t jffs2 /mfg
cp /mfg/mfg.dat /www/att/mfg.dat
tar -zcvf /www/att/certs.tar.gz /etc/rootcert/
mfg_dat_decode
utility that was downloaded earliercerts.tar.gz
archive that was downloaded earliermfg.dat
file into the folder with the mfg_dat_decode binary
certs.tar.gz
into the folder with the mfg_dat_decode
binarymfg_dat_decode
binary, which will extract and create a tar.gz containing certificates and a wpa_supplicant.conf
configuration file.root
username and password