Open source firmware for your router can be a great way to add extra features to your existing piece of kit. Many cheaper routers may not have access to advanced features even though the hardware supports it. With an open source firmware, you can easily gain access to these features and gain some extra value from your existing hardware. One of the most important additions found in the main three Open source router firmware’s is VPN. What DD-WRT, OpenWRT and Tomato allow you to do is to use your router as either a client or server depending on the VPN protocol.
Having your router act as either the server or client is a really efficient method for setting up a VPN for a network mainly due to the fact that everything that goes through the router will be encrypted. Setting a router up as a client if you have a dedicated VPN server is an especially good idea, this means that as long as you are connected to that router everything will be encrypted with no need to set up individual connections.
The one caveat to open source router firmware is that you have to make sure that your router is supported, trying to flash firmware for a different model can easily brick your router, rendering it useless. Each open source firmware has its own compatibility list, so it is easy to check if your router is supported or not.
OpenWRT was one of the original open source router firmwares to hit the scene. It was initially released all the way back at the start of 2004. Unlike most modern Web UIs, OpenWRT initially was command line only, making it a bit difficult for new users but as time went on various different UIs were created that could be installed based on user preference. This is useful as it gives the ability to have user interfaces tailored to the user’s knowledge level, meaning that everyone gets as much as they want out of their router without being overwhelmed or underwhelmed.
OpenWRT is supported on variety of different platforms, fifty to be exact, these include the likes of ARM, x86, PowerPC. There is official support for 666 routers according to their website, including many of the most popular brands such as Netgear, ASUS, TP-Link and Linksys. You can find the full compatibility list here.
OpenWRT supports IPsec, OpenVPN, PPTP and OpenConnect. OpenConnect is something that I doubt many will be using in a home environment though it is nice for the support to be there. Similarly, PPTP has been ineffective since 1997 and should really not be used at all, but the support is there. IPsec support is recommended to be used with one of three IPsec implementations, StrongSwan, OpenSwan and Racoon. OpenVPN on OpenWRT works as either a server or client and there are plenty of tutorials detailing how to set either up, though OpenVPN server setup is definitely not for the faint hearted. There is also support for VPNC, a client that is compatible with Cisco’s proprietary EasyVPN hardware.
Overall the VPN support on OpenWRT is really comprehensive and impressive. There is support for all of the most common protocols with some lesser known and enterprise solutions thrown in as well. In terms of choice, OpenWRT really is a great choice for those that are experienced in networking and want the maximum number of features possible with little hand holding.
DD-WRT is originally based on code from OpenWRT, so they share some similarities. DD-WRT was initially released back in 2005 and was specifically designed for the popular Linksys WRT54G series of routers though it now supports a whole range of makes and models. Linksys as of last year now officially ship their routers with DD-WRT firmware such was the popularity of it. You can search here to see if your router is supported.
DD-WRT comes in a number of flavours and sizes, there is the Micro build with some missing features that comes in at just 2mb for specific use cases, ones for VOIP, VPN and a mega one that includes all DD-WRT features.
DD-WRT adds a tonne of useful services to your router, things like Dynamic DNS, Samba client capability and even the ability to overclock your router. DD-WRT’s interface is designed really well, a simple two rowed tabbed design makes it really easy to navigate for both experienced and inexperienced users alike. You can even change the colour scheme if you aren’t a fan of the black and blue.
VPN support is not quite as comprehensive as OpenWRT. There is support PPTP as a client or server, OpenVPN as a server/daemon and a client. Where DD-WRT differs from OpenWRT is the community modified versions of the firmware. One of the most popular is the Kong Mod. In the DD-WRT Kong Mod you gain support for L2TP/IPsec through the use of SoftEther. You can set it up as either a server, bridge or client. The Kong Mod adds a lot more than extra VPN support too, things like Privoxy ad blocking, FreeRadius and other useful services make an appearance.
You just have to make sure that the Kong Mod is supported on your router before you can use it. There are a few other third party builds from the likes of BrainSlayer, Eko and Fractal, though Kong is updated the most often. If your router is not supported though, the names mentioned earlier may help you get a little extra from DD-WRT.
In its default form, DD-WRT is lacking in some aspects over its predecessor OpenWRT but with the right third party build DD-WRT really adds some fantastically useful features. If your hardware supports these third party builds it is definitely a worthy choice. DD-WRT is definitely more welcoming to those that aren’t hugely confident in navigating their routers interface, a lot of the features are explained in a side panel making it quite newbie friendly.
Unlike the other two on this list, Tomato was based on the HyperWRT project that was start back in 2004. HyperWRT stopped receiving updates in 2006 but Tomato took the baton in 2008 and has since become the most popular HyperWRT based third party router firmware.
GUI wise, Tomato is probably the most aesthetically pleasing of the three, with some impressive and professional themes available. Support isn’t as wide as the other two choices on this list, you can find the full support list here.
Tomato, like DD-WRT, has some really fantastic community mods that bring the firmware above and beyond its default state. The default Tomato firmware only has support for OpenVPN but in some of the better Tomato mods add the ability to use PPTP, L2TP and even Tinc. Firmwares to take special notice of are the Shibby and AdvancedTomatoGUI mods. With these mods, you can use OpenVPN, PPTP and L2TP on your router as clients and OpenVPN, PPTP and Tinc protocols as servers.
Though there aren’t as many features available as you can get in the mods for DD-WRT, even in the Tomato mods, Tomato is a great choice for someone that isn’t looking for advanced features and just a simple to navigate GUI with the essentials.
These three are just a small selection of third party router firmwares, they are the most popular and for good reason. They each offer something useful for everyone, OpenWRT is geared more towards people that know what they are doing, DD-WRT is a good middle ground but with a huge abundance of features and Tomato is great for new users that just want the bare essentials.