Installing the Firmware by using JTAG ?

26 posts / 0 new
Last post
Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
Installing the Firmware by using JTAG ?

I have used the JTaG commands to backup my router's CFE, BSP, NVRAM and the kernel..

I have also compiled the code available in this website with Tomato firmware 1.25 and generated its .chk and .trx format image files.

What I want to ask is that how could I install the .chk or .trx format file into my router by using the JTag because the Jtag commands only support .bin format.

Is there any utility which I have to use to convert my .chk or .trx format file into the binary ? or are there any set of commands ??

achilles
achilles's picture
You can do normal tftp to

You can do normal tftp to flash your router with the new firmware .....
JTAG commands can be used to upload the CFE (which is already in bin format) if you have erased it .....
Once you have uploaded the CFE you can use tftp to upload your f/w ....
You can have a look at the following links :
http://www.dd-wrt.com/wiki/index.php/Recover_from_a_Bad_Flash#Recovery_b...
http://www.tiaowiki.com/w/Debrick_Routers_Using_JTAG_Cable#Debrick_it.21
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486

From these links you can get other info also in this regard .... they specify flash process for both winows and linux hosts ...

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
Okk ...

Okk ...

so u mean that I dont have to use the JTAG to flash my router with new frmware ...

One more thing that I want to ask is that as I said earlier that the data that is downloaded by using the JTAG commands include:

CFE, BSP, NVRAM and the kernel.

kindly tell me that whether kernel and the firmware (that i have in .chk format) are the same thing ?

I mean to say that when I will flash the new firmware by using the Tftp commands then that .chk file will automatically be converted into kernel.bin ???

achilles
achilles's picture
Ya kernel and f/w in this

Ya kernel and f/w in this context are the same things .....
As far as flashing this f/w is concerned you can do that with tftp as you do in a normal case .....
Basically JTAG is needed to flash the CFE ... once that is done and assuming that CFE has been flashed properly you can use tftp to flash the chk f/w ....
Also there is no conversion such as chk to bin ... chk is just a header that is needed by bootloader .....

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
Ok Thanks...

Ok Thanks...

One more confusion is that in the JTAG tutorial there are commands like:

-backup:kernel and
-flash:kernel

This means that there are certain "kernel" file that we can flash using the JTAG. What I assumed after your reply is that we can only reflash the factory kernel file because it is in binary format but when we want to install the third party firmware we have to use the telnet utility.

Am i right ?

achilles
achilles's picture
yep .... these commands are

yep .... these commands are for factory kernel ..... u can use them for third party kernel also provided they are in bin format ....
But if u already have a chk f/w avlbl to you and you know that u can flash it using tftp then there is no need to get ur 3rd party f/w in bin format ....
I mean why would u reinvent the wheel ... :) ....
Let me know if you have any doubts or need any info .....
Keep us posted ....

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
thanks a lot for such a nice

thanks a lot for such a nice support.

Can you tell me about any link that can be used to install the third party firmware using tftp ?

The link that you already provided has some tutorial about using the tftp but it is related to the dd-wrt firmware which flashes the kernel in .bin format. I dont know those commands will run on my firmware or not because i m using the tomato firmware 1.25.

achilles
achilles's picture
OK ... for flashing a chk

OK ... for flashing a chk file using tftp u need to perform the following steps :

1. Power on the board and go to the bootloader prompt by pressing ^c.
2. start tftp server by giving command tftpd.
3. From your PC give the commnd "tftp -m binary 192.168.1.1 -c >". For example for tomato firmware filename can be tomato_wgr614l.chk and in case of original Netgear WGR614L firmware filename can be "wgr614l_1_1_2_1_0_23_na.chk".

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
I m sorry but i cant

I m sorry but i cant understand how to go to the bootloader prompt ...

achilles
achilles's picture
no probs ..... press "ctrl C"

no probs ..... press "ctrl C" at your key board and then power on the board keeping these two keys pressed ....
It will show u a prompt:
CFE>
on the board's console ......
Let us know if u need any further clarification ....

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
Nooo ... I m using JTAG cable

Nooo ... I m using JTAG cable not the serial cable :)

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
Well ..

Well ..

I had updated the factory fitted firmware version 1.1.11_6.0.36 with the third party firmware present in this location:

http://www.myopenrouter.com/download/11490/Tomato-1.25-Firmware-Source-C...

I had compiled this code and successfully generated its image file and then I tried to upgrade this third party firmware on to my factory fitted firmware but my router get bricked...

Its status LED is continuously orange and the GUI is not opening ...

now what should i do ?? :)

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
When i uploaded the file the

When i uploaded the file the Gui displayed the status that it is updating the firmware and then when the progress bas was completed the browser refreshed but the GUI was not opening .. I had waited for around 3-4 minutes ... and then closed the browser and tried again by entering the router IP but it was not opening the GUI.

when i tried to ping the router, the ping was working but don't know why the GUI was not opening :S

Power LED was constantly on and the status LED was also constantly on and was rather orange in color.

achilles
achilles's picture
Hi yasir,

Hi yasir,
Dont worry ...as u r able to ping the board ..it means ur board is OK ...
All u need is to do a hard factory reset and let us know .... It shud get back to normal behavior .....
Also as u have build the image urself I assume that u have taken proper steps in creating ur chk file ....
One more suggestion ... as u have gone to the extent of using a JTAG cable it would be helpful to have a serial cable too ... It's not a must but sometimes it reflects the issues clearly and quicky ....

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
how to do a hard factory

how to do a hard factory reset and can you tell me how it is different than the regular reset ..

Secondly ... will the hard reset load the original firmware means factory fitted version 1.1.11_6.0.36 or will try to recover this third party firmware ...

One thing that i noticed when I was updating the third party firmware was that at its version was 1.1.99_0.0.0 NA ... Does this NA could create any problem ???

achilles
achilles's picture
OK ....

OK ....
For factory reset u need to switch ur board off ... press the factory reset button which is at the back side of ur router and then switch on the board keeping
the button pressed .... u shud keep the button pressed for 30 seconds (minimum).... then release the button ... this will perform hard factory reset...

No factory reset does not flashes any new f/w it just sets different board/nvram parameters to their default values ....

Yep .. NA version of f/w can create a problem if ur router is of WW or EU version .... this u can check from the spec that comes with ur router ....
Let us know if u need any further info ...

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
Oooooooh I see ... my router

Oooooooh I see ... my router has the EU version ...

may be that would be the problem ... So, how could I install a third party firmware which is a WW version ... I mean is there any third party version of the Tomato 1.25 firmware which is WW not NA ??

I have done the factory reset but still its not working :(

I think my router is bricked ... but then .. why the ping is working ??

achilles
achilles's picture
I dont think ur router is

I dont think ur router is bricked .... as u have flashed a wrong version some features like GUI are not working ... while on the other hand some features like ping may work ....
At this stage I would suggest u to flash a default Netgear f/w for EU version ... get ur board working ....
Then u can try out the third party f/ws for EU version ...
Also as u can't access GUI in this case .. it z imperative 4 u to get a serial cable to flash a new f/w ....

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
As per your suggestion, I m

As per your suggestion, I m installing the default firmware of my router through Jtag. I have tried the tftp utility but failed, it just retries so many times but could not succeed.

I have already made all the backup and i m flashing wholeflash but it is taking so much time. I have started it around 2 hours ago and its around 17% uptill now. Isnt there any fast method or utility? I m using tornado ejtag (tgtagv3.exe) Jtag utility... Is there any other faster utility for WGR614L routers ?

Secondly, kindly tell me any third party firmware which is Non NA version as I have to flash the third party firmware again after all ...

achilles
achilles's picture
Yep JTAG does take a lot of

Yep JTAG does take a lot of time .... as u can't do tftp ... this is the only option u have ....
U can have a look at the following link :
http://www.myopenrouter.com/download/10948/Tomato-Firmware-for-NETGEAR-W...

It says that above f/w runs on both EU and NA versions ..so u can try this out ..

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
I have tried to install the

I have tried to install the firmware using JTAG but it stuck after a certain amount of time .. once it stuck at 60% and then at 18% ...

I want to ask that can i flash only CFE and then use the serial console to install the firmware using tftp ? I think it would be quicker ...

One more question is that how can i get the memory map of the WGR614L router...

I want to get information about CFE .. means that where it is located in the flash ..

achilles
achilles's picture
Yes u can use JTAG to flash

Yes u can use JTAG to flash the CFE and then use tftp ..... this will be quicker and easier to do ....

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
ok thanks :)

ok thanks :)

and can i get the memory map of the WGR614L router ?

imran
imran's picture
Here it is :

Here it is :
0x00000000-0x00020000 : "boot"
0x00020000-0x003b0000 : "linux"
0x0009b7ec-0x003b0000 : "rootfs"
0x003b0000-0x003c0000 : "T_Meter1"
0x003c0000-0x003d0000 : "T_Meter2"
0x003d0000-0x003e0000 : "POT"
0x003e0000-0x003f0000 : "board_data"
0x003f0000-0x00400000 : "nvram"

Please note that all these are offsets with respect to starting address of the flash .....

imran
imran's picture
here it is :

here it is :
0x00000000-0x00020000 : "boot"
0x00020000-0x003b0000 : "linux"
0x0009b7ec-0x003b0000 : "rootfs"
0x003b0000-0x003c0000 : "T_Meter1"
0x003c0000-0x003d0000 : "T_Meter2"
0x003d0000-0x003e0000 : "POT"
0x003e0000-0x003f0000 : "board_data"
0x003f0000-0x00400000 : "nvram"

Please note that these are offsets with respect to starting address of the flash ..

Syed Yasir Imtiaz
Syed Yasir Imtiaz's picture
Thanks :)

Thanks :)