Setup Wireless Bridge Using DD-WRT

Posted By on Dec 17, 2012 | 0 comments

I personally found all of these instructions confusing, so I’ve compiled an exact list of what I did to get the “Client Bridge” working with the “V23 SP1” version of the firmware.

Instructions update for V24: DHCP does not work between the DHCP server in the “main” AP and the DHCP clients in computers connected to the secondary “client-bridged” WRT54G in this configuration with V24. You will have to assign static IP addresses like to the computers connected to the “client-bridged” WRT54G, a different one for each computer of course. Then it works fine. Annoying!

My motivation: I wanted to get my XBox online (and on-LAN) from another room, without running Ethernet to it. WDS was out of the question unfortunately because one of my routers was a late-model WRT54G and as such wasn’t (at the time) easily modified. I had an extra WRT54G lying around that could run DD-WRT. Alternatively I could have bought a proper Linksys or Microsoft solution to connect the XBox to the existing WiFi, but what’s the fun in that?

My network is as such:

  • Primary Router (Internet Connection): WRT54G V5 — stock Linksys firmware —
  • Secondary Router (For the Bridge): WRT54G V3 — DD-WRT V23 SP1 Firmware — — which I changed to in my setup

(I’m guessing that the Primary Router could be any make and model of wireless router as we’re not doing anything to it!)

Slambert71 adds: I set this up today using a Linksys WRT54G V.3 with DD-WRT V23 SP2 firmware as the secondary, and a D-Link DI-624 with factory firmware as the primary and it works great.

My Primary Router has 128bit WEP Encryption enabled. It does NOT have Wireless MAC Address Filtering enabled. We will assume you want your Secondary Router to become

Mailmanx adds: It worked successful for me with 2 WRT54GL Routers (Router with original firmware, Client Bridge with DD-WRT v23 SP2). WPA-PSK with AES enabled AND MAC Address Filtering (Be sure to set the the correct MAC address! The router provides a LAN, WAN and the needed Wireless MAC address of the Bridge). The MAC addresse can be found on the Status->Sysinfo tab of the DD-WRT webinterface.

Jerrytown adds (Sept. 28, 2008): I followed all the steps below and DHCP and DNS did not work. When I installed v23 SP2 (which is quite old at this writing) on the secondary router everything worked fine. Primary: WRT-54G2, Secondary: WRT-54GL.

I have my Secondary Router in another room, connected only to my laptop via an Ethernet cable to Port 1. The laptop has an IP from the Secondary Router’s DHCP to begin with. Neither the laptop nor the Secondary Router are connected to anything but each other. I will be doing all of my setup from this laptop. If you have problems with DHCP or losing your IP address in the midst of these instructions, you may need to statically assign an IP to your Ethernet card. (I was running Knoppix Linux on the laptop and I didn’t have to do that, but YMMV!)


  1. Log into the Secondary Router. (We will only be altering the Secondary Router!)
  2. Administration Tab — Factory Defaults Subtab
    1. Restore Factory Defaults: Yes
    2. Click “Save Settings” — triggers reboot. (DaveK – I’m using V24 with a Buffalo WHR-G125 router and had to click “Apply” after “Save” in order to trigger the reboot)
    3. Router’s IP will now be if it wasn’t already.
      This was a very important step. I have run this process 3 times now as a trial, and the instructions are written assuming you have a “clean” router.
  3. Setup Tab — Basic Setup Subtab
    1. Connection Type: Disable
    2. STP: Disable
    3. Local IP: (it was initially (Appears that it must/should be a valid IP in your Wireless Subnet) ***See notes in Section 4 above about potential IP conflicts using a bridged router IP address too close to the beginning of the allowable IP range of the primary router. I suggest using instead something like***
    4. Gateway: (ip address of your primary router)
    5. Local DNS: (ip address of your primary router, normally it will forward your request to DNS server)
    6. Assign WAN Port To Switch: Checked
    7. DHCP Server: Disable
    8. Click “Apply Settings” — triggers reboot.
      I had an error along the lines of “Can’t connect to” — This is because it’s now — close and restart the browser to avoid authentification problems and connect to the new IP address and retype your username and password.
      (Aside from changing the local IP address, the above steps are unnecessary because putting the router in client-bridged mode takes care of these settings automatically) NOTE: If you change the IP and disable DHCP and then disconnect the network for some reason you will need to set a static IP in the same subnet on your windows TCP/IP settings in order to connect to the router again at the new IP
  4. Security Tab — Firewall Subtab
    1. SPI Firewall: Disable
    2. Click “Save Settings”
  5. Wireless Tab — Basic Settings Subtab
    1. Wireless Mode: Client Bridge
    2. Wireless Network Mode: Match your primary router.
    3. Wireless Network Name (SSID): Match your primary router. (case matters!)
    4. Wireless Channel is not relevant in Client Bridge mode.
    5. Wireless SSID Broadcast is not relevant in Client Bridge mode.
    6. Click “Save Settings”. The router will now be in Client Bridge mode.
  6. Wireless Tab — Wireless Security Subtab
    1. Security Mode: Match your primary router, I used WEP (I have not tried anything but 128bit WEP!)
      note: WPA-PSK works as well -guyonphone;
      note: WPA-PSK even works if original router is WPA2 mixed -mcoope3;
      note: v2.3_sp2 in client bridge mode currently doesn’t support WPA2-PSK, but only WPA2-PSK mixed mode, so the AP has to be set to mixed and not WPA2-only mode (it can be either AES or TKIP).-zevnik
      note: To put it simple, WPA2 doesn’t work in Bridge Mode currently (dd-wrt v23 sp2)
      darthn note: WPA2 Personal does work in v24SP1.
      bobxnc note: WPA2 Personal works fine using v24sp1 on a Netgear WNDR 3300
      teekay note: WPA Personal works great with an Apple Airport Extreme wireless router too. Select “WPA/WPA2 Personal” on the Extreme and “WPA Personal (TKIP)” on the bridge. Enter the same shared key on both of course. -gsosa70;
      Router: Linksys WAG 325N, org. firmware, bridge WRT54Gl (dd-wrt v24): WPA2 didn’t work initially. So I set up the bridge in WEP. Tried WPA and WPA 2 later (just changed it back on router & bridge, no reconnecting or anything: Worked flawlessly. -onkl
      note: Please do not forget to change your MAC addresses (or at least Wireless MAC) if you are trying to create bridge between two DD-WRT devices. with same Wireless MAC addesses it worked only in WEP mode. -TEHb
    2. Encryption: Match your primary router.
    3. Key 1: Match your primary router. Make sure your key is not too long under WPA2 Personal or else it will not connect routers together.
    4. Click “Save Settings”
  7. Wireless Tab — Advanced Settings Subtab
    1. Authentication Type: Shared Key
    2. Click “Save Settings”
      This seems like a VERY important step — it DID NOT work until I did this!
      note: worked for me on auto, when using WEP -cheesetoast.
      note: it worked for me as described when using WEP, but it didn’t work using WPA-PSK – neither TKIP, AES, TKIP+AES. In any of these modes, after successful Join, the MAC of the primary router didn’t appear on the Status screen and the “Transmitted (TX)” error counter in Status–>Wireless–>Wireless Packet Info was constantly incremented every few seconds. It finally connected and worked OK only when I changed “Shared Key” to “Auto” on both the primary and the secondary router. Just as a side note, it reported a successful join even if the connection was obviously broken (e.g. WEP on the primary router and WPA on the secondary). Using dd-wrt v23 sp2 vpn on the primary router and v23 sp2 voip on the secondary one. vbrindus, 2008-01-05
      • Be sure to also sync the Beacon Interval through RTS Threshold numbers to those on the primary router, or you may experience longer delays in connecting after power cycling one of the routers.
  1. Status Tab — Wireless Subtab
    1. Click Site Survey, and Join the appropriate wireless network. Access Point table should show the MAC address of your Primary Router, along with signal strength. (SSID Broadcast MUST be enabled on your primary router) At this point it was working 100% for me.
      If that worked, then:
  2. Administration Tab — Backup Subtab
    1. Click “Backup”
      (SAVE this config before doing anything else to your router, just in case!)