Repeater Bridge

From Swallow-Wifi-dashboard
Jump to: navigation, search

Template:Languages You are here: DD-WRT wiki mainpage / Linking Routers / Repeater Bridge

A wireless bridge connects two LAN segments with a wireless link. The two segments are in the same subnet and look like two ethernet switches connected by a cable to all computers on the subnet. Since the computers are on the same subnet, broadcasts reach all machines. DHCP clients in one segment can get their addresses from a DHCP server in the other segment.

Use a wireless bridge to transparently connect computers in one room to computers in a different room when you cannot—or don't want to—run an ethernet cable between the two rooms.

A standard wireless bridge (client bridge) connects wired clients to a secondary router as if they were connected to your main router with a cable. Secondary clients share the bandwidth of a wireless connection back to your main router. Of course, you can still connect clients to your main router using either a cable connection or a wireless connection.

The limitation with standard bridging is that it only allows wired clients to connect to your secondary router. Wireless clients cannot connect to your secondary router configured as a standard bridge.

New in DD-WRT v24 is Repeater Bridge mode. This extends your primary LAN via secondary router (bridge router) and also allows wireless clients to connect to your secondary router. This extends the range of your wireless network while simultaneously allowing wired clients to connect to your secondary router.

Reference Image

In the case in which we are interested, a secondary router running DD-WRT v24 is configured as a Repeater Bridge between a Primary wireless router (of any make/brand/FW) allowing the above configuration.


Primary router is configured in a 192.168.1.X subnet and leases DHCP address in the same pool. Secondary router is running DD-WRT v24

No security setup will be covered in this Wiki. It will be up to the user to setup security between the Primary and Secondary routers

Note: If you are unsure of what you are doing, is advisable to practice by setting up the router first in client bridge mode and get it working correctly. Client bridge mode is simpler but most of the settings are the same. Once you understand how to set up a client bridge and have it working, then proceed to setting up repeater bridge




A very simple step-by-step description to connect a Router running selected DD-WRTV24 firmware in Repeater Bridge Mode. (This will work for almost everything, but do check notes on individual routers below clock).

If you are using a G router, use 12548 builds to create a wireless bridge. DO NOT USE SP1 OR THE MAY 24 08 BUILD.

To enable bridge mode between two routers, the primary router must be in AP mode (default) with DHCP Server enabled. The secondary router running DD-WRT v24 will be configured as the Repeater Bridge.

  1. Restore Factory Defaults on Secondary (DD-WRT) Router
  2. Do a proper HARD 30-30-30 Reset on the router.
  3. Set your computer to a static IP of
  4. Connect to the secondary router via wired or wireless client keeping in mind the dd-wrt default settings for dhcp pool and ssid
  5. Open the Wireless -> Basic Settings tab
    • Physical Interface Section
      • Wireless Mode : Repeater Bridge
      • Wireless Network Mode : Must Match Primary Router
      • Wireless Network Name(SSID) : Must Match Primary Router - Make sure you spell this correctly
      • Wireless Channel : Must Match Primary Router (This will disappear once you put it in RB mode, and isn't needed)
      • Wireless SSID Broadcast : Enable
      • Network Configuration : Bridged
      • Save
    • Virtual Interfaces Section
      • Add
      • Wireless Network Name(SSID) : Different from Primary Router
        • [NOTE] - You CAN try using the same SSID but many have had random disconnects and/or no connection if the SSID's are the same. If using the same ssid doesn't work for you, use a different ssid from the primary router
      • Wireless SSID Broadcast : Enable
      • AP Isolation : Disable
      • Network Configuration : Bridged
      • Save
  6. Open the Wireless -> Wireless Security tab
    • Physical Interface Section
      • Security Mode : Must Match Primary Router
      • WPA Algorithms : Must Match Primary Router
      • WPA Shared Key : Must Match Primary Router
      • Key Renewal Interval (in seconds) : Leave default
    • Virtual Interfaces Section (note if you don't see this section your firmware should be atleast v24-sp1)
      • Security Mode : Must Match Physical Interface
      • WPA Algorithms : Must Match Physical Interface
      • WPA Shared Key : Must Match Physical Interface
      • Key Renewal Interval (in seconds) : Leave default
      • Save
  7. Open the Setup -> Basic Setup tab
    • Connection Type will be: Disabled
    • Set STP for Disabled (Enabled sometimes can cause connection problems) redhawk
    • IP Address : (Assuming Primary Router IP is
    • Mask :
    • Gateway: (again assuming Primary Router IP is
    • DHCP Server: Disable
    • Local DNS: (if IP of Primary Router is
    • Assign WAN Port to Switch : Optionally enable this to use the WAN port as another LAN port.
    • Save
  8. Open Setup -> Advanced Routing tab
    • Set Operating mode to "Router"
    • Save
  9. Open Services
    • Disable Dnsmasq
    • Save
  10. Open the Security -> Firewall tab
    • Uncheck all boxes...except Filter Multicast
    • Disable SPI firewall
    • APPLY Settings
  11. Reboot the router.
  12. Once you have it working, go to the wireless security tab, and set the same type of security AND key for both the primary and the repeater ssids and hit apply.

You should now be able to connect wired clients and wireless clients to the newly configured Secondary router. They will receive IP Addresses from the Primary Router and will be able to use the Internet connection supplied by the Primary Router.

Also take note of the fact that all repeaters, including this Repeater Bridge mode, will sacrifice half of the bandwidth available from the primary router for clients wirelessly connected to the repeater. This is a result of the repeater taking turns talking to not just one partner, but to two, and having to relay the traffic between them. As long as your internet bandwidth requirements are within this halved bandwidth amount there will be little or no reduction in "speed".


Encryption type and key must be the same on both the primary and secondary router.

Edited by Agux: In fact, you must use a 63 characters passphrase instead of using the 64 digits one. At least using the Broadcom as a Repeater Bridge and an SMC with its own firmware as the main AP. If you see that your repeater bridge is connected but, using telnet on it, you can't ping to the main AP, try this. (Other issue could be having lots of error paquets on TX, but the other ones are on 0).

Wireless Clients cannot connect to Repeater

Disable security and try again. Delete and re-create your profile on the wireless computer. Check to make sure you have set security properly and that the key you used matches the key in the primary router. If one security type doesn't work try another on all routers. eg. try WEP, WPA, and WPA2-AES

At Point 7 I didn't find the possibilty to disable DHCP-Server so I ignored this setting. After this I resetted the linksys-router and started setup again and inserted a Point 4a)

4a) Open the Setup -> Basic Setup tab DHCP-Server: Disable

Then I continued with point 5 After this I didn't have any problems to connect wireless client to the repeater --Haidi 15:20, 4 May 2010 (CEST)

Atleas i couldn't connect my dd-wrt (server) router when security mode was "wpa2 personal mixed" in both "client" and the "server" (server = router with direct internet access). I had to change client protection mode to "wpa2 personal" to get it working (Wireless->Wireless Security). Someone please correct me if im wrong but i think wpa2 personal mixed means that it uses both wpa(1) and wpa2 and attempt to connect with both doesn't work. Before i changed client to wpa2 personal i got only TX errors from status->systeminfo and no RX packeges at all. ---compvter dd-wrt v24-sp2(10.10.09)


Open the Set-up -> Advanced Routing tab and change the mode to "router" instead of "gateway".

Wireless Clients have no Internet

Make sure you have a gateway specified in the repeater bridge router, and that the address there is the primary router.

No packets making it accross the bridge - "Auto" channel setting

Pulling your hair out? Sporadic documentation got you down? Are you using the "auto" setting under Wireless -> Basic Settings - Wireless Channel? Try setting this to a fixed channel. Two days worth of battling with v24-sp2 on a d-link 615 d, with nary a mention of this setting in any walkthroughs. If this still dosn't fix it, try setting up the bridge with security disabled, then re-enable it once its working.Fonz 05:01, 9 September 2010 (CEST)


(tested on WRT54G v3 on v24 sp2 10/10/09 standard build)

The instructions are the same as for the broadcom above except for a couple of changes:

1. For this router you will want to do the basic settings tab first (setting IP address of router, subnet, etc...)

2. Make sure to check "assign WAN port to switch" and apply settings or internet may not work off the repeater.

After this make sure your new subnet/ip address settings are working well on your router. If you try to do the wireless bridging first without making sure that your router isn't on the same ip address as the primary and is on the same subnet your router may become unresponsive. A 30-30-30 reset will fix this problem.

Finally, once and ONLY AFTER you are connected to your host AP, as the final step you will want to go to Setup > Advanced routing tab and change the setting from Gateway to Router. Then enable dynamic routing for both Lan & Wlan and apply your settings.

The other steps and procedures listed above for broadcom should work perfectly. I advise using a wired connection as it verifies the connection to the host AP best, then you can test wireless capability. Mine worked beautifully with WPA2 encryption and SSID's being the same.

Make sure that you click save, not apply between each step, as when you click apply, you will activate all changes, which may make accessing the router difficult.



Set you wlan to client_bridge and connect to the to be repeated AP
Add virtual interface and set it as AP


Under "Wireless -> Basic Settings", you must use the primary router's SSID for the physical interface and a new SSID for the virtual interface. Some people argue the physical interface can also be the same in order to support roaming (see Repeating Mode Comparisons)


Keep in mind any security settings will need to be configured including MAC filtering in order for the Secondary Router to connect to the Primary Router and also for clients connecting to the Secondary Router to gain full access to the connectivity of the Primary Router. There are some factors to consider when setting up Security for Client Bridge mode that may or may not be factors when setting up Repeater Bridge mode. I simply have not experimented with this.

[NOTE {Montrealmike}]Also when your adding WEP,WPA,WPA2 etc... between the AP and the repeater bridge you have to start with the AP first; then the repeater bridge.When you enable security on the repeater click save not apply, then click on the administration tab scroll down to the bottom and click apply settings. You will then have to power cycle the repeater twice ( unplug and plug back in twice ) in order for the repeater bridge and AP to synchronize. This has worked for four repeater bridges for me.

Edit - Altair - In my experience the above advice of power cycling the router has been confirmed. I spent 20 minutes trying different things to no avail before I finally gave in and tried power cycling it twice (I honestly didn't believe it would do anything). After the power cycle it has been working flawlessly.

Edit - pmiller - I can also confirm the power cycling to sync the repeater to the AP. You can confirm that the repeater has syncronized with the AP by going to the Status>Wireless tab on the AP and viewing the MAC address of the repeater with some % signal quality value. Before doing 2 power cycles on the repeater, the MAC address would display on the AP's Status>Wireless tab, but with 0% signal quality. After the power cycles the % quality displayed around 30%. I played around with other security settings later on the AP and found the 2 power cycles to be unnecessary after the 2 had originally sync'ed- no idea why this would work, but it did. I had some difficulty at first because I had security enabled on the AP as WPA2-Personal Mixed, which is basically WPA2-AES or WPA-TKIP simultaneously. The repeater is unable to connect with the AP in this mixed mode; rather you must choose between WPA2-AES or WPA-TKIP . I have now switched both my wireless security settings to WPA-TKIP (physical and virtual) just for simplicity, though in theory the virtual need not match the physical. Your security is as good as the weakest link. For those having trouble, I would turn off all security and turn on SSID broadcast first, then once you get a good sync turn on security on the AP first, then the repeater.

Edit - aselvan - I have this setup on identical hardware (i.e. Linksys wrt310n) for AP and repeater running identical DDWRT (v24 standard generic). However, I can't get the WPA2 working between the repeater unit and AP no matter what combination I tried-- the repeater and AP can't connect, however, WEP and WAP works. Anyone have any idea? assignment writing assignment help

Edit - crandler - WPA2 personal mixed with Linksys WAG160N as DSL uplink with original firmware and WRT160N with dd-wrt v24 std in repeater bridge mode does not function. Had do switch both devices to WPA2 personal.

Edit - ytal - Using encryption for the bridged connection only works if I either use the same encryption data (incl. ESSID) on the other (virtual) interface or do not use any encryption on the virtual interface at all. If set differently, the wireless link to the base station fails. Base station is a Speedport W500V / Targa WR 500 VoIP ( with the original Telekom firmware.

Edit - Andy - Running v24-sp1, I am also unable to have different WPA2-Personal (AES) key's between the physical and virtual interface. The security and keys must match. Upon saving and cycling the power, the status page on the AP shows signal to the repeaters, but no ping responses or network traffic exists. Also, the Repeater Bridge function fails if I turn broadcast off on the AP.

Edit -PeterMartin, RFShop - Avoid using the passphrase generator with WEP. You can’t overtype the key codes later. (Or rather you can and they do work but the old ones are the ones that remain visible. Very Difficult to erase.) Instead type in the key codes directly. Or better still copy and paste from a text file, which you need to keep for reference, as they are not visible once typed in. Agree that encryption has to be the same for both secondary and primary network. Same keys too. Same bugs seem to be present on Universal Repeater Mode.

Edit - RamonBuckland - I found that setting the security to off worked first. But WPA2 Personal did not. I then lowered the key refresh to 15 seconds (same Wireless Security settings tab) on both routers and applied. They then found each other. One would figure if I were patient enough (to wait 3600 seconds, 1 hour) then it would have worked. So .. I think the key renewal is what throws them. I have it now working WPA2 Personal (AES) with a key renewal of 15 seconds. Perhaps upping it now to an hour and walking away (from the house) they will work :-) logically. Good work peoples.

Edit - MikeMaven - I'd just like to add my own confirmation. I was having problems with WPA2 at first. I think it was a result of the key refresh not occuring. I set it to 15 seconds, reconnected, and everything seems to be working great! For the record, I'm connecting to a 2wire AP using WPA2-Personal and the same key on both the physical and virtual interface.

Accessing Both Routers?

With this setup, I have full access to both routers — which runs contrary to a lot of the notes concerning Client Bridge mode. One router is, and the other is I can access both from either side of the bridge. There is no need to change any settings or IP addresses or the like with this setup in order to do so!

Unfortunately I had no luck accessing both my WRT54GS routers. One was - gateway the other was - the repeater. As soon as I added the 192.168,1.2 to my network the DD-WRT web mgt interface kept giving me intermitttent page not found errors. These errors did not occur when I added one OR the other to the network. Both were on

Edit - Ottoxgam - When setting up the 2nd router in Repeater Bridge mode, on the Setup tab under the Network Setup in the Router IP section, The Gateway and Local DNS boxes should be left at This provides access to both routers via the web interface. The problem seems to be when something is entered in the Local Dns box.

Edit - Fixitguy - My setup lets me access both routers (surprisingly) with the instructions followed perfectly. I am using a Linksys WRT54G v3 and a Netgear WGR614 v9. I didn't think this would work but it does. When you are instructed to put in any box, just make sure it's the address of the primary router. Also, you want to make sure you have the latest version of DD-WRT on the secondary router. Although, I am going to try to change the password on the secondary and bridge a third to the secondary.

MAC Filtering

For those of you who have enabled MAC filtering on your Primary router, you need to add the WLAN MAC address of your Secondary router to the permitted MAC filter list of the Primary router. This is different than the MAC address printed on the bottom of the case, you can find it by going to Status->Wireless and the top line will list the internal MAC address. Of course, you will want to add the MAC filter list to the Secondary router. This should be setup prior configuring your WPA, WPA2, etc. settings otherwise you will spend some time pondering why the bridge isn't working.

[EDIT - Redhawk] - The wording here was a little confusing. Once I used the Wireless MAC address then all worked correctly....the MAC filter address on the Primary router needs to be the "Wireless MAC" address listed on the Router Status page and not the LAN MAC address . (Use Router MAC +2) - Yes...I know it says WLAN but for an noob doing this procedure it could be confused. microconsole

Special thanks to Griminal for providing a basic graphic which I modified for this Wiki Entry.


offtrack user: RB mode works PERFECT For the recorded: 30/30/30 baseline and... loaded. V24: I followed the 14 steps, and it works so good, I can not believe this code. wow! Thanks for such a brilliant design. This RB now covers the far end of my home. And hits. 2.5mbps easy on to the Wlan (Dsl cloud). END TO END ! my router 1 is DIR-655 , in WPA /WPA2 auto + AES , no issues, sold as a rock. if you get drop outs on WAN side , use a unique MAC, clone your office PC or laptop MAC. many MACs are cloned ( i never use derived Linksys, MACs always use personal MAC or get trouble) Great product !

A key point here is the great quality of wireless performance between the 2 routers.

PCTECHz says and i paraphrase him: step 14 "Open the Status -> Wireless tab and click Site Survey. Join your primary routers wireless network. You need to do this only once." this is mandatory. Running 1 week now perfect, but if you change your WPA AES pw string ,you must RE JOIN the LAN. do not forget step 14, what great upgraded, I made contribution.


See Also

Personal tools