Orbi LBR20 How-To / Megathread
Posted: Fri Oct 02, 2020 10:44 am
October 2022 Update
I loathe boilerplate legalese but it was brought to my attention that someone had copied this tutorial wholesale on another site with only a passing reference to a pseudonym of mine at the very end and no link to this page as the source. Thus, I feel I have to give notice at the beginning of this tutorial to say that if you want to share the info below verbatim I would respectfully ask that you simply provide the hyperlink to this page and leave it at that. With that said, I reserve the right to deny copy/paste republication of this tutorial in whole or in part without my prior written consent. Frankly I feel gross for having to say that as its simply the respectful and moral thing to do, but here we are.
Regarding my reasons for making this statement:
The body of this tutorial is updated periodically to make corrections or provide additional info so I would hate for someone to be working from an deprecated version. I also have a strong personal distaste for others who plagiarize content with mere lip-service to the original author allowing others to assume they created the content themselves. While most of the underlying technical methods published here are not my original creations, it has taken many hours of work to compile and deliver them in a comprehensive, instructional form so to have it all copied and passed off as the work of someone else feels pretty awful. With all that out of the way, please use and enjoy the content provided below. I hope it is helpful to the community.
Introduction
Most likely you've purchased or are considering purchasing an Netgear LBR20 as your primary or secondary source of Internet connectivity and found your way here through an Amazon review, Wireless Haven, or the 5G LTE Hacks Facebook group. Welcome! Here you will find what you are looking for in terms of working with the unit and getting it to run with your provider and plan of choice. This thread will cover:
What is Voxel and How Do I install It?
Voxel is custom firmware built from open source parts of Netgear firmware but is wholly separate and not iterative when compared to latest OEM firmware versions. We need it in order to perform things like "magic", TTL modification, and band/cell locking. The latest Voxel can be downloaded here:
https://www.voxel-firmware.com/Download ... 8SF-HW.zip
DISCLAIMER
This guide is provided as a reference only without any warranty expressed or implied. If you brick your device, the author is not responsible. You understand that by flashing your device with third-party firmware you will have voided any warranty or support which you would normally be entitled to from Netgear during their advertised warranty period. Proceed at your own risk!
To install Voxel, first check what firmware you are starting from. If you are on Netgear firmware 2.5.2.20 you can proceed directly to flashing Voxel firmware. If you are on a higher firmware first download 2.5.2.20 from the link below and downgrade to that prior to flashing Voxel:
https://www.downloads.netgear.com/files ... 5.2.20.zip
To install the Netgear 2.5.2.20 firmware, simply extract the .img file from the .zip, then login to the web GUI (usually by browsing to 'http://192.168.1.1') and go to 'Advanced > Administration > Firmware Update > Manual Update > Browse' to select the extracted .img file; click Upload and confirm the update allowing time for the upload/flash/reboot to complete. After the unit comes back online, you need to reset it to factory defaults ('Advanced > Administration > Backup Settings > Erase'). Be aware that you will have to go through the initial setup in the web browser again when performing this step. You can now proceed to install Voxel firmware using the same steps you just used to flash the Netgear firmware.
Unbricking After a Bad Firmware Flash
If you have accidentally bricked your device during firmware flash and it will no longer boot up completely, please refer to the following Netear KBA for recovery instructions. When performing a recovery flash it is recommended to flash back to Netgear stock v2.5.2.20:
https://kb.netgear.com/000059634/How-do ... =000059634
The Netgear KBA requires TFTP. If you don't have TFTP installed on your PC, refer to the following:
https://teckangaroo.com/enable-tftp-windows-10/
NOTE
Be aware there is LTE modem firmware separate from the LBR20 router firmware. As of this writing the current LTE firmware for the LBR20 modem is version A06 which seems to work perfectly stable for me across all US carriers and MVNOs that I have tested. Specifically, older firmware seemed to have some issues with "magic" reverting after being set and not prioritizing B41 on T-Mobile both of which A06 seems to have fixed. The A06 firmware upgrade can be found here (can be flashed from the web gui under 'Advanced > Administration > Firmware Update > LTE Update > Browse'):
https://www.downloads.netgear.com/files ... ge(US).zip
Some LBR20 owners that indicate A06 is not stable for their specific setup and carrier in which case they say that the older A05 firmware works better for them. I have not found this to be the case personally but if you wish to downgrade, Netgear provides the older firmware below for this purpose:
https://www.downloads.netgear.com/files ... ge(US).zip
How to Get Command Line Access
Once Voxel is installed cleanly and you've performed the required factory reset, you will have SSH access. For issuing AT commands in Voxel you simply need to connect to the modem's IP address (192.168.1.1 by default) using Putty or another SSH client and login using user 'root' and the password of the user you have set in the initial configuration (typically the same as the 'admin' password unless you have selected a different username during setup).
How to disable bloatware (Armor/Circle/ReadyCLOUD/AWS IoT)
Even on Voxel by default we still have Netgear bloatware like Armor, Circle, ReadyCLOUD, and AWS IoT. Fortunately, we can disabled these resource hogging features (assuming you don't use them) via the following commands:
Note that AWS IoT is required for using the Netgear mobile app with the device so disabling that would require you to use the web interface only.
Change TTL to Not Use Hotspot
While at the command line via SSH, issue the following command to create the necessary overlay filesystem directories:
Then create two files under it (using the text editor of your choice like 'nano' or 'vi'): 'firewall-start.sh' and 'firewall6-start.sh' with the contents as follows:
firewall-start.sh
firewall6-start.sh
The above assumes T-Mobile or their MVNOs usage. Due to the network hops specific to your network configuration and/or carrier, you may need to adjust '65' up or down slightly (some say setting '64' directly in the rule is setup/carrier agnostic but that is not my experience). I have found that '66' works best with Visible in most cases. If you've never used nano or vi before then I suggest going through one of the following guides so that you can understand how to use the editor before trying to create files with it:
https://www.howtogeek.com/howto/42980/t ... xt-editor/
https://www.howtogeek.com/102468/a-begi ... s-with-vi/
DISCLAIMER
TTL modification may violate your carrier's ToS. The author of this guide is not responsible if your carrier terminates your service due to TTL modification.
Sending AT Commands to the Modem
Once logged into SSH via Putty you can echo your desired AT commands and pipe to the inbuilt 'microcom' function of BusyBox like so:
(If you want to perform "magic" on your modem the above example is exactly what you would execute; just swap the digits with a valid IMEI. This particular command should be issued only without a SIM inserted.)
DISCLAIMER
"Magic" (aka IMEI repair) may violate your carrier's ToS or country's regulatory laws. The author of this guide is not responsible if your carrier terminates your service and/or if you suffer any legal repercussions which may result from the modification of your device's factory-issued IMEI.
There is a specific syntax for echoing commands to microcom:
If you want to send commands interactively to the modem you can do so by opening a connection with microcom directly to the secondary AT port:
You can exit the prompt by pressing 'Ctrl+X'.
Not all AT commands are published but all the ones that are can be found the source modem documentation for the EG18NA (the Quectel modem inside the LBR20): https://auroraevernet.ru/upload/iblock/ ... 88bda3.pdf
Band Locking
First, ask yourself why you need to band lock. In most cases you don't need to do this and will really just kneecap yourself from higher speeds. This is because when you band lock you must create a collection of bands to lock and any bands not included will not be used at all. So, if you create a collection (band index) of only one or two bands you will lose carrier aggregation (CA) abilities on any bands not included (assuming the tower allows CA on such bands). If you still believe band locking is what you want to do you can use the spreadsheet provided here to calculate the AT command required to lock your desired bands:
download/file.php?id=1514
Then you can lock the band index you created with the following command (where you replace the X's with the appropriate value from the spreadsheet output):
Band locks should persist even after a reboot so no real reason to add them in any script to run at startup.
If you messed when defining your band mask or otherwise wish to revert to the original band index that shipped with the unit, you can issue the following command to return to the factory default:
Cell Locking
As an alternative to band locking, you can lock to a specific cell which, IMHO, is a much more straightforward approach than band locking and will allow you to retain CA abilities without having to guess at the bands. Cell locking requires physical cell ID (PCI) and E-UTRA Absolute Radio Frequency Channel Number (EARFCN) as input values. These can be obtained with LTE info apps on android, field test mode on iOS, on CellMapper, or issuing "servingcell" and "neighbourcell" commands to the modem. For the latter the commands with example output would be:
Explanation of example output above:
Serving cell is the primary carrier the modem is already connect to so if you’re already connected to a cell you wish to lock, this will help you obtain the PCI and EARFCN (PCI is “222” and EARFCN is “1125” in sevingcell example above). Neighbour cell can show neighboring cells which can be locked as the primary carrier. The output is a bit different as EARFCN is the first number output by this command and PCI is the second (opposite of how serving cell shows the output). Once you know the EARFCN and PCI you can lock to a cell using the example command below; just replace “1125” with the actual EARFCN and “222” with the actual PCI:
Unfortunately cell locks are not reboot persistent so in order for you to automatically lock a cell after a restart you would need to add the command to a script file using nano or vi text editor which is called on startup:
File content:
(This script waits 2 minutes for the unit to finish startup sequence, then issues the cell lock command.)
To have the script called on startup we create /etc/rc.local in the overlay filesystem and populate it with our script call:
File content:
If after locking a cell you wish to unlock it without rebooting you can issue the following command:
There is a risk that locking to a cell could cause connectivity issues if the cell is unstable or otherwise offline for some reason (failure, maintenance, etc.). In that case you would need to unlock the cell so that the modem could connect to another. This can be cumbersome to have to do manually. At your own risk you may wish to use a cell locking failsafe script I have created for my own use which I use instead of the 'cellock_mod' script above. The more advanced failsafe script will check internet connectivity four times an hour and lock the desired cell. If the internet is not accessible during a check while the cell is locked it will unlock from the cell in an attempt to restore connectivity. If internet connectivity continues to be impacted, the script will not retry locking the cell until after midnight the next day:
https://github.com/hazarjast/circle_jer ... ailsafe.sh
How To Receive and Send SMS
In Voxel we have 'sms-tool' for receiving text messages (SMS). The usage is quite simple.
To receive SMS:
To send SMS:
Since I am the USA the number has country code prefix of "1". This would be different depending on the destination number's country. An alternative way to read available SMS is via the web gui under Connection Info (http://<router IP>/lte_info.htm).
How to split wifi SSIDs (separate 2.4Ghz and 5Ghz SSIDs)
Refer to the following and read it entirely all the way until the end of the page:
https://digiex.net/threads/step-by-step ... ter.15648/
To simplify the main CLI commands:
The commands below check the values have been set as required and apply a reboot when ready:
Of course the above does not include the tweaks performed in the GUI which should be done as well per the OP's instructions.
How to setup DNSCrypt/stubby/OpenVPN/WireGuard or Something Else
For this you can refer to what documentation Voxel provides in the QuickStart.txt included with the firmware .zip:
Using the LBR20 as WAN on another router (DMZ mode and disabling wifi radios)
If you only intend to use the LBR20 for the modem and wish to use it as WAN on another router you should disable routing functions like the LAN DHCP server, change the LBR20 IP to use an address that does not conflict with the address range your other router is already using, and utilize the DMZ functionality.
To disable the DHCP server in the web gui go to "Advanced > Setup > LAN Setup" and un-check the option for "Use Router as DHCP Server". Click Apply.
To change the IP address of the LBR20 so that it does not conflict with the IP range of your other router, in the web gui go to "Advanced > Setup > LAN Setup" and change the IP address from the default (usually '192.168.1.1') to another range such as '192.168.115.1'. Click Apply.
To set the DMZ address (the static address which will be set for the WAN on your other router) in the web gui go to 'Advanced > Setup > WAN Setup' and select the "Default DMZ Server" option then enter the desired IP address (ex. 192.168.115.2). Click Apply.
NOTE
Once you disabled DHCP and change the IP address of the LBR20 you will no longer be able to connect to it automatically from your PC. In order to connect to it directly you would need to set your PC's IP address manually (statically) to an address within the new IP range of the router. Example: If the LBR20's IP address is set to '192.168.115.1' you would set your PC's IP address to something like '192.168.115.5' in order to access the LBR20 web gui or SSH to it directly. If you are unfamiliar with how to statically assign your PC's IP address you can refer to a guide like the one below:
https://pureinfotech.com/set-static-ip- ... indows-10/
Once your LBR20 has been set to use an IP outside of the range of your other router, has had DHCP disabled, and the DMZ IP configured, you can go to your other router's WAN configuration page and select the 'Static' address option and enter the DMZ IP you designated in the DMZ page of the LBR20. If need to access the LBR20 web gui from a PC connected to the LAN of the other router, you would use the DMZ IP you configured for it (ex. 'http://192.168.115.2'). Some routers' firewall may block access between the LAN and WAN by default so be aware you may need to create a firewall rule to allow LAN clients on the other router to access the WAN IP address of your LBR20.
If you wish to disable wifi completely on the LBR20 when using it with another router you can simply issue 'wifi down' interactively at the SSH prompt. Conversely, if you wanted to create a script that disables wifi after every reboot, you could do so by creating a script file such as '/mnt/circle/overlay/opt/scripts/wifi_down.sh' with the following content:
The above waits for 2 minutes to make sure all services on the LBR20 have loaded after reboot then issues 'wifi down' in background (redirecting output to 'null' so it doesn't echo to the console for any logged in root user who may have connected via SSH) which deactivates the wifi radios. Once the script is created do not forget to make it executable (chmod +x /mnt/circle/overlay/opt/scripts/wifi_down.sh) and make it execute at startup by adding a call to it in '/mnt/circle/overlay/etc/rc.local'.
--------------------------------------------------------------------------------------------------------------------------------------------------------
Looking for the original, rambling OP with all its associated errata? That can be found here (just don't actually use it for anything beyond your general knowledge): viewtopic.php?p=24108#p24108
I loathe boilerplate legalese but it was brought to my attention that someone had copied this tutorial wholesale on another site with only a passing reference to a pseudonym of mine at the very end and no link to this page as the source. Thus, I feel I have to give notice at the beginning of this tutorial to say that if you want to share the info below verbatim I would respectfully ask that you simply provide the hyperlink to this page and leave it at that. With that said, I reserve the right to deny copy/paste republication of this tutorial in whole or in part without my prior written consent. Frankly I feel gross for having to say that as its simply the respectful and moral thing to do, but here we are.
Regarding my reasons for making this statement:
The body of this tutorial is updated periodically to make corrections or provide additional info so I would hate for someone to be working from an deprecated version. I also have a strong personal distaste for others who plagiarize content with mere lip-service to the original author allowing others to assume they created the content themselves. While most of the underlying technical methods published here are not my original creations, it has taken many hours of work to compile and deliver them in a comprehensive, instructional form so to have it all copied and passed off as the work of someone else feels pretty awful. With all that out of the way, please use and enjoy the content provided below. I hope it is helpful to the community.
Introduction
Most likely you've purchased or are considering purchasing an Netgear LBR20 as your primary or secondary source of Internet connectivity and found your way here through an Amazon review, Wireless Haven, or the 5G LTE Hacks Facebook group. Welcome! Here you will find what you are looking for in terms of working with the unit and getting it to run with your provider and plan of choice. This thread will cover:
- How to flash Voxel custom firmware
- Unbricking After a Bad Firmware Flash
- How to get Command Line Access
- How to disable bloatware (Armor/Circle/ReadyCLOUD)
- How to set TTL to keep data use "on-device"
- How to execute AT commands for "magic" etc.
- How to band or cell lock your modem
- How to receive and send SMS
- How to split wifi SSIDs (separate 2.4Ghz and 5Ghz SSIDs)
- How to setup DNSCrypt/stubby/OpenVPN/WireGuard or Something Else
- Using the LBR20 as WAN on another router (DMZ mode and disabling wifi radios)
What is Voxel and How Do I install It?
Voxel is custom firmware built from open source parts of Netgear firmware but is wholly separate and not iterative when compared to latest OEM firmware versions. We need it in order to perform things like "magic", TTL modification, and band/cell locking. The latest Voxel can be downloaded here:
https://www.voxel-firmware.com/Download ... 8SF-HW.zip
DISCLAIMER
This guide is provided as a reference only without any warranty expressed or implied. If you brick your device, the author is not responsible. You understand that by flashing your device with third-party firmware you will have voided any warranty or support which you would normally be entitled to from Netgear during their advertised warranty period. Proceed at your own risk!
To install Voxel, first check what firmware you are starting from. If you are on Netgear firmware 2.5.2.20 you can proceed directly to flashing Voxel firmware. If you are on a higher firmware first download 2.5.2.20 from the link below and downgrade to that prior to flashing Voxel:
https://www.downloads.netgear.com/files ... 5.2.20.zip
To install the Netgear 2.5.2.20 firmware, simply extract the .img file from the .zip, then login to the web GUI (usually by browsing to 'http://192.168.1.1') and go to 'Advanced > Administration > Firmware Update > Manual Update > Browse' to select the extracted .img file; click Upload and confirm the update allowing time for the upload/flash/reboot to complete. After the unit comes back online, you need to reset it to factory defaults ('Advanced > Administration > Backup Settings > Erase'). Be aware that you will have to go through the initial setup in the web browser again when performing this step. You can now proceed to install Voxel firmware using the same steps you just used to flash the Netgear firmware.
Unbricking After a Bad Firmware Flash
If you have accidentally bricked your device during firmware flash and it will no longer boot up completely, please refer to the following Netear KBA for recovery instructions. When performing a recovery flash it is recommended to flash back to Netgear stock v2.5.2.20:
https://kb.netgear.com/000059634/How-do ... =000059634
The Netgear KBA requires TFTP. If you don't have TFTP installed on your PC, refer to the following:
https://teckangaroo.com/enable-tftp-windows-10/
NOTE
Be aware there is LTE modem firmware separate from the LBR20 router firmware. As of this writing the current LTE firmware for the LBR20 modem is version A06 which seems to work perfectly stable for me across all US carriers and MVNOs that I have tested. Specifically, older firmware seemed to have some issues with "magic" reverting after being set and not prioritizing B41 on T-Mobile both of which A06 seems to have fixed. The A06 firmware upgrade can be found here (can be flashed from the web gui under 'Advanced > Administration > Firmware Update > LTE Update > Browse'):
https://www.downloads.netgear.com/files ... ge(US).zip
Some LBR20 owners that indicate A06 is not stable for their specific setup and carrier in which case they say that the older A05 firmware works better for them. I have not found this to be the case personally but if you wish to downgrade, Netgear provides the older firmware below for this purpose:
https://www.downloads.netgear.com/files ... ge(US).zip
How to Get Command Line Access
Once Voxel is installed cleanly and you've performed the required factory reset, you will have SSH access. For issuing AT commands in Voxel you simply need to connect to the modem's IP address (192.168.1.1 by default) using Putty or another SSH client and login using user 'root' and the password of the user you have set in the initial configuration (typically the same as the 'admin' password unless you have selected a different username during setup).
How to disable bloatware (Armor/Circle/ReadyCLOUD/AWS IoT)
Even on Voxel by default we still have Netgear bloatware like Armor, Circle, ReadyCLOUD, and AWS IoT. Fortunately, we can disabled these resource hogging features (assuming you don't use them) via the following commands:
Code: Select all
nvram set noarmor=1
nvram set nocircle=1
nvram set nocloud=1
nvram set noaws=1
nvram commit
reboot
Change TTL to Not Use Hotspot
While at the command line via SSH, issue the following command to create the necessary overlay filesystem directories:
Code: Select all
mkdir -p /mnt/circle/overlay/opt/scripts
touch /mnt/circle/overlay/opt/scripts/firewall-start.sh
chmod +x /mnt/circle/overlay/opt/scripts/firewall-start.sh
touch /mnt/circle/overlay/opt/scripts/firewall6-start.sh
chmod +x /mnt/circle/overlay/opt/scripts/firewall6-start.sh
firewall-start.sh
Code: Select all
# IPv4 TTL mod
iptables -w -t mangle -C POSTROUTING -o wwan0 -j TTL --ttl-set 65 > /dev/null 2>&1 || \
iptables -w -t mangle -I POSTROUTING 1 -o wwan0 -j TTL --ttl-set 65
Code: Select all
# IPv6 TTL mod (prevents leaks not covered by IPv4 rules)
# Sleep added for good measure
sleep 10
ip6tables -w -t mangle -C POSTROUTING -o wwan0 -j HL --hl-set 65 > /dev/null 2>&1 || \
ip6tables -w -t mangle -I POSTROUTING 1 -o wwan0 -j HL --hl-set 65
https://www.howtogeek.com/howto/42980/t ... xt-editor/
https://www.howtogeek.com/102468/a-begi ... s-with-vi/
DISCLAIMER
TTL modification may violate your carrier's ToS. The author of this guide is not responsible if your carrier terminates your service due to TTL modification.
Sending AT Commands to the Modem
Once logged into SSH via Putty you can echo your desired AT commands and pipe to the inbuilt 'microcom' function of BusyBox like so:
Code: Select all
echo -ne "AT+EGMR=1,7,\"010101010101010\"\r\n" | microcom -X -t 1000 /dev/ttyUSB2
DISCLAIMER
"Magic" (aka IMEI repair) may violate your carrier's ToS or country's regulatory laws. The author of this guide is not responsible if your carrier terminates your service and/or if you suffer any legal repercussions which may result from the modification of your device's factory-issued IMEI.
There is a specific syntax for echoing commands to microcom:
- The complete command should be enclosed in double quotes.
- The command must be appended with \r\n to allow it to execute.
- Commands which include double quotes must have each double quote commented out using a backslash (\).
If you want to send commands interactively to the modem you can do so by opening a connection with microcom directly to the secondary AT port:
Code: Select all
microcom /dev/ttyUSB3
Not all AT commands are published but all the ones that are can be found the source modem documentation for the EG18NA (the Quectel modem inside the LBR20): https://auroraevernet.ru/upload/iblock/ ... 88bda3.pdf
Band Locking
First, ask yourself why you need to band lock. In most cases you don't need to do this and will really just kneecap yourself from higher speeds. This is because when you band lock you must create a collection of bands to lock and any bands not included will not be used at all. So, if you create a collection (band index) of only one or two bands you will lose carrier aggregation (CA) abilities on any bands not included (assuming the tower allows CA on such bands). If you still believe band locking is what you want to do you can use the spreadsheet provided here to calculate the AT command required to lock your desired bands:
download/file.php?id=1514
Then you can lock the band index you created with the following command (where you replace the X's with the appropriate value from the spreadsheet output):
Code: Select all
echo -ne "AT+QCFG=\"band\",0,XXXXXXXXXX\r\n" | microcom -X -t 1000 /dev/ttyUSB2
If you messed when defining your band mask or otherwise wish to revert to the original band index that shipped with the unit, you can issue the following command to return to the factory default:
Code: Select all
echo -ne "AT+QCFG=\"band\",0,42000001003300385a\r\n" | microcom -X -t 1000 /dev/ttyUSB2
Cell Locking
As an alternative to band locking, you can lock to a specific cell which, IMHO, is a much more straightforward approach than band locking and will allow you to retain CA abilities without having to guess at the bands. Cell locking requires physical cell ID (PCI) and E-UTRA Absolute Radio Frequency Channel Number (EARFCN) as input values. These can be obtained with LTE info apps on android, field test mode on iOS, on CellMapper, or issuing "servingcell" and "neighbourcell" commands to the modem. For the latter the commands with example output would be:
Code: Select all
echo -ne "AT+QENG=\"servingcell\"\r\n" | microcom -X -t 1000 /dev/ttyUSB2
AT+QENG="servingcell"
+QENG: "servingcell","NOCONN","LTE","FDD",310,260,6C150D,222,1125,2,4,4,A6F7,-81,-8,-54,21,0,90,-
OK
echo -ne "AT+QENG=\"neighbourcell\"\r\n" | microcom -X -t 1000 /dev/ttyUSB2
AT+QENG="servingcell"
+QENG: "neighbourcell intra”,”LTE","FDD",1125,222,-6,-92,-66,0,-,-,-,-,-,-
+QENG: "neighbourcell inter”,”LTE","FDD",39874,312,-6,-92,-66,0,-,-,-,-,-,-
OK
Serving cell is the primary carrier the modem is already connect to so if you’re already connected to a cell you wish to lock, this will help you obtain the PCI and EARFCN (PCI is “222” and EARFCN is “1125” in sevingcell example above). Neighbour cell can show neighboring cells which can be locked as the primary carrier. The output is a bit different as EARFCN is the first number output by this command and PCI is the second (opposite of how serving cell shows the output). Once you know the EARFCN and PCI you can lock to a cell using the example command below; just replace “1125” with the actual EARFCN and “222” with the actual PCI:
Code: Select all
echo -ne "AT+QNWLOCK=\"common/4g\",1,1125,222\r\n" | microcom -X -t 1000 /dev/ttyUSB2
AT+QNWLOCK="common/4g"
+QNWLOCK: "common/4g",1,1125,222
OK
Code: Select all
touch /mnt/circle/overlay/opt/scripts/celllock_mod
chmod +x /mnt/circle/overlay/opt/scripts/celllock_mod
Code: Select all
#!/bin/sh
sleep 120
echo -ne "AT+QNWLOCK=\"common/4g\",1,1125,222\r\n" | microcom -X -t 1000 /dev/ttyUSB2 >/dev/null 2>/dev/null
To have the script called on startup we create /etc/rc.local in the overlay filesystem and populate it with our script call:
Code: Select all
mkdir /mnt/circle/overlay/etc
touch /mnt/circle/overlay/etc/rc.local
Code: Select all
/opt/scripts/celllock_mod
exit 0
Code: Select all
echo -ne "AT+QNWLOCK=\"common/4g\",0
https://github.com/hazarjast/circle_jer ... ailsafe.sh
How To Receive and Send SMS
In Voxel we have 'sms-tool' for receiving text messages (SMS). The usage is quite simple.
To receive SMS:
Code: Select all
root@LBR20:~# sms-tool recv
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
MSG: 0
From: XXXXXXXXXXX
Date/Time: 03/23/22 09:05:47
Test
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
root@LBR20:~#
Code: Select all
root@LBR20:~# sms-tool send 1XXXXXXXXXX howdy
sms sent sucessfully: 20
root@LBR20:~#
How to split wifi SSIDs (separate 2.4Ghz and 5Ghz SSIDs)
Refer to the following and read it entirely all the way until the end of the page:
https://digiex.net/threads/step-by-step ... ter.15648/
To simplify the main CLI commands:
Code: Select all
config set wifison-monitor_stop=1
config set wl_ssid="YOUR SSID 2.4Ghz NAME"
config set wla_ssid="YOUR SSID 5Ghz NAME"
config commit
Code: Select all
config get wifison-monitor_stop
config get wl_ssid
config get wla_ssid
reboot
How to setup DNSCrypt/stubby/OpenVPN/WireGuard or Something Else
For this you can refer to what documentation Voxel provides in the QuickStart.txt included with the firmware .zip:
Code: Select all
Quick Start Guide
(!) IMPORTANT NOTE: it is strongly advised to update to the stock firmware 2.5.2.20
before flashing this version if you are using stock firmware. If you are using Voxel
firmware already no any intermediate flashing is needed.
https://www.downloads.netgear.com/files/GDC/LBR20/LBR20_V2.5.2.20.zip
Warning:
I am not responsible for any damage of your router if you decide to try this custom
firmware. You should do all under your own risk and responsibility. Your router is
your router and you should understand the risk to brick it.
1. Flashing Voxel’s custom firmware build and rolling back to the stock.
Nothing special. The procedure is similar to flashing downloaded official stock
firmware. In general all your current settings (used in the stock firmware) should be
kept. But it is recommended to make the backup of your current settings before flashing.
Identically you can revert to the stock firmware.
2. Overlay partition on Circle partition.
Original stock firmware uses tmpfs overlay partition (in RAM). So all you changes in
the files/dirs are kept only until next reboot of router/satellite. If you need to keep
your changed/added files you should use /mnt/circle/overlay directory where you should
add your new or modified files keeping the dirtree of Orbi. For example, if you wish to
use your own /etc/dnscrypt-proxy-2.toml just place it into:
/mnt/circle/overlay/etc/dnscrypt-proxy-2.toml
3. Setting up ssh access to the router and satellite.
After flashing and your settings you may need to have SSH access to router. SSH daemon
dropbear in Orbi uses port 22 and accepts root login with your WebGUI password.
4. Open your own firewall ports.
If you need to make several ports accessible from WAN then create the text file
/mnt/circle/overlay/etc/netwall.conf with ports you need to open. Example of this file:
------------------------------------------------------------------------
ACCEPT net fw tcp 22,8443
ACCEPT net fw udp 1194
------------------------------------------------------------------------
(to open TCP ports 22 and 8443 and UDP port 1194).
NOTE: this file should contain LF symbol at the end of last line (press ENTER key in
your text editor).
Additionally you can use your own custom scripts to add your own iptables rules. These
scripts should be named firewall-start.sh (IPv4), /opt/scripts/firewall6-start.sh (IPv6)
and be placed in the:
/mnt/circle/overlay/opt/scripts/
directory, i.e.
/mnt/circle/overlay/opt/scripts/firewall-start.sh
/mnt/circle/overlay/opt/scripts/firewall6-start.sh
with 755 permission attributes (i.e. executable).
5. Enable DNSCtypt Proxy-2 or stubby.
To enable DNSCrypt Proxy-2 run from telnet console the commands:
nvram set dnscrypt2=1
nvram commit
reboot
To enable stubby run from telnet console the commands:
nvram set stubby=1
nvram commit
reboot
If both DNSCrypt Proxy-2 and stubby are enabled, only stubby will be used.
To disable DNSCrypt Proxy-2 or/and stubby set them to "0" by nvram.
6. Disable Armor (BitDefender) and Circle update startup.
To disable Armor update daemon run from telnet console the command:
nvram set noarmor=1
nvram commit
reboot
To disable Circle update daemon run from telnet console the command:
nvram set nocircle=1
nvram commit
reboot
7. Disable ReadyCLOUD (XAgent/XCloud).
To disable ReadyCLOUD update daemon run from telnet console the command:
nvram set nocloud=1
nvram commit
reboot
8. Disable Amazon Alexa (AWS-IoT).
To disable AWS-IoT daemon run from telnet console the command:
nvram set noaws=1
nvram commit
reboot
9. WireGuard client.
To start its using you should
(1). Prepare the text file in Unix format (https://en.wikipedia.org/wiki/Text_file#Unix_text_files)
with name wireguard.conf defining the following values: EndPoint, LocalIP, PrivateKey,
PublicKey and Port of you WireGuard client config from WG provider.
Example:
------------------------- cut here ---------------------------------------
EndPoint="wireguard.5july.net"
LocalIP="10.0.xxx.xxx/24"
PrivateKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="
PublicKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="
Port="48574"
------------------------- cut here ---------------------------------------
NOTE: no spaces before/after "=" symbol in example above.
NOTE: the name of the file wireguard.conf is lowercase.
NOTE: optional line could be added if your providers requires that:
PresharedKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="
(2) Place this wireguard.conf file to /mnt/circle/overlay/etc/ directory. I.e.
/mnt/circle/overlay/etc/wireguard.conf
(3) Enter by ssh/telnet to your router (LBR20) and set the nvram variable wg-client
to 1
nvram set wg-client=1
nvram commit
(4) Reboot your router.
NOTE: to disable WireGuard client starting just set wg-client to "0" and reboot
the router.
10. OpenVPN client.
Important: only TUN clients are supported
To install OpenVPN client: just create /mnt/circle/overlay/etc/openvpn/config/client
directory and put your *.ovpn file (and CA/CERT/KEY if any).
See "Overlay partition on Circle partition".
You can start/stop OpenVPN client manually from telnet console for testing:
/etc/init.d/openvpn-client start
or
/etc/init.d/openvpn-client stop
to stop it. Log file for OpenVPN client is /var/log/openvpn-client.log, check it if you
have problems.
NOTE: you can add your own delay for starting OpenVPN client after reboot by the
command from telnet:
nvram set vpn_client_delay=120
nvram commit
(to set 120 sec. delay)
11. Mounting a CIFS Share.
It is possible to mount remote network share using the Common Internet File System (CIFS).
Example how to mount CIFS Share:
mkdir /mnt/share
mount.cifs //192.168.1.100/DiskC /mnt/share -o user=username,iocharset=utf8,vers=3.02
12. SMS Tool utility.
The utility 'sms-tool' is included into firmware. It allows to deal with SMS messages
from the command line (ssh/telnet).
Its usage:
usage: [options] send phoneNumber message
[options] recv
[options] delete msg_index | all
[options] status
[options] ussd code
[options] at command
options:
-b <baudrate> (default: 115200)
-d <tty device> (default: /dev/ttyUSB2)
-D debug (for ussd)
-f <date/time format> (for sms/recv)
-j json output (for sms/recv)
-R use raw input (for ussd)
-r use raw output (for ussd and sms/recv)
-s <preferred storage> (for sms/recv/status)
And see:
http://<router IP>/lte_info.htm
to read your SMS messages in WebGUI.
Voxel
Using the LBR20 as WAN on another router (DMZ mode and disabling wifi radios)
If you only intend to use the LBR20 for the modem and wish to use it as WAN on another router you should disable routing functions like the LAN DHCP server, change the LBR20 IP to use an address that does not conflict with the address range your other router is already using, and utilize the DMZ functionality.
To disable the DHCP server in the web gui go to "Advanced > Setup > LAN Setup" and un-check the option for "Use Router as DHCP Server". Click Apply.
To change the IP address of the LBR20 so that it does not conflict with the IP range of your other router, in the web gui go to "Advanced > Setup > LAN Setup" and change the IP address from the default (usually '192.168.1.1') to another range such as '192.168.115.1'. Click Apply.
To set the DMZ address (the static address which will be set for the WAN on your other router) in the web gui go to 'Advanced > Setup > WAN Setup' and select the "Default DMZ Server" option then enter the desired IP address (ex. 192.168.115.2). Click Apply.
NOTE
Once you disabled DHCP and change the IP address of the LBR20 you will no longer be able to connect to it automatically from your PC. In order to connect to it directly you would need to set your PC's IP address manually (statically) to an address within the new IP range of the router. Example: If the LBR20's IP address is set to '192.168.115.1' you would set your PC's IP address to something like '192.168.115.5' in order to access the LBR20 web gui or SSH to it directly. If you are unfamiliar with how to statically assign your PC's IP address you can refer to a guide like the one below:
https://pureinfotech.com/set-static-ip- ... indows-10/
Once your LBR20 has been set to use an IP outside of the range of your other router, has had DHCP disabled, and the DMZ IP configured, you can go to your other router's WAN configuration page and select the 'Static' address option and enter the DMZ IP you designated in the DMZ page of the LBR20. If need to access the LBR20 web gui from a PC connected to the LAN of the other router, you would use the DMZ IP you configured for it (ex. 'http://192.168.115.2'). Some routers' firewall may block access between the LAN and WAN by default so be aware you may need to create a firewall rule to allow LAN clients on the other router to access the WAN IP address of your LBR20.
If you wish to disable wifi completely on the LBR20 when using it with another router you can simply issue 'wifi down' interactively at the SSH prompt. Conversely, if you wanted to create a script that disables wifi after every reboot, you could do so by creating a script file such as '/mnt/circle/overlay/opt/scripts/wifi_down.sh' with the following content:
Code: Select all
#!/bin/sh
sleep 120
wifi down >/dev/null 2>/dev/null
--------------------------------------------------------------------------------------------------------------------------------------------------------
Looking for the original, rambling OP with all its associated errata? That can be found here (just don't actually use it for anything beyond your general knowledge): viewtopic.php?p=24108#p24108