RT-N66U CFE Upgrade

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.


New Around Here
Tried to send a private message to @ryzhov_al, but could not do so. Maybe it is because just registered. So instead am posting here. Anyone else who can help is welcome to jump in as well.

Have a strange issue with an RT-N66U where sometimes it gets "stuck" after changing settings in the GUI. Manually turning the power off and on fixes the issue. There are other strange issues that will not get into. The only difference between this unit and other RT-N66U's running FreshTomato (not Asuswrt-Merlin) is the CFE on this unit is instead of

Since upgrading the CFE is dangerous wanted to touch base here before proceeding. Dooes anyone see any issue running this script (https://www.snbforums.com/threads/cfe-bootloader-update.8259/) while using FreshTomato instead of Asuswrt-Merlin?


Senior Member
Before you get to flashing a different CFE, what other steps have you taken? Have you tried a complete re-set, without anything plugged into the USB ports? Have you tried re-flashing the firmware (not CFE) to see if there is a borked nvram setting?

My N66U is running I can tell you that I used to have Tomato (Shibby) on it and while the features were attractive, it was *not* stable. I thought that it was heat-related, and added a fan, but still found it to be unstable. Because I was sure that it was hardware related, I ended up replacing it. It spent about 6 years in a closet until I dusted it off, loaded @john9527 LTS version of Merlin with the intention to use it as an AP extender for guests.

Much to my surprise, it has been 100% stable since - almost 2 years. It's now performing yeoman's service at a relative's house. Bulletproof.

Before you flash CFE, I'd try the re-set (again) and the re-flash (with @john9527's).

Diddling with the CFE is not for the faint of heart. If you do need to flash CFE, re-set it to factory and back-up your existing CFE. There're plenty of instructions on how to do this. You also want to find a CFE reading tool to make sure that you have a valid backup.

Most of the instructions you will find on the internet use some variation of mtd-write (mtd write; mtd-write2) and only certain versions of firmware have these. On the rare occasion that I've had to flash CFE, I've tended to use the dd command to write to the appropriate partition (cat /proc/mtd).

That thread you linked to is pretty old and speculative. I'd be leery following something that's almost a decade old now.
Last edited:


New Around Here
First thank you for your role in vnStat-on-Merlin. Will admit that an RT-N66U AP running Asuswrt-Merlin LTS has always been rock solid and the Wifi performance is superior to Tomato, but FreshTomato 2021.2 has been rock solid as well with the CFE. Tomato also allows the use of VLAN's, virtual wireless interfaces, built-in bandwidth monitoring similar to vnstat, ect.


Senior Member
This thread: https://www.linksysinfo.org/index.php?threads/best-way-to-flash-cfe-in-tomato.75113/ is focused on the R7000 but does mention the available "mtd-write" versions and has a dd mention to boot.

I completely understand the attractiveness of the ease of use of VLANs and other aspects of Tomato over Merlin. I'm still leaning towards a firmware issue rather than a CFE issue based on your description.

(PS I've tested and am using vnStat-on-Merlin R1 on the N66U and it works just fine. VLANs can be set up - albeit not as easily as FT - but once set up can be left to run.)


New Around Here
My RT-N66U running Asuswrt-Merlin LTS is in access point mode, so never have really been able to see all the features.

Does Asuswrt-Merlin LTS have an option to intercept client DNS and force a DNS server on clients as well as an adblocker/DNS filtering?


Part of the Furniture
Does Asuswrt-Merlin LTS have an option to intercept client DNS and force a DNS server on clients...
Yes it has DNS Filtering.

as well as an adblocker/DNS filtering?
I don't know whether Diversion, the popular Merlin add-on is compatible with John's LTS fork. I just use my own 24 line script for ad-blocking.

With DNS Filtering you could use something like AdGuard DNS there as well.
Last edited:


New Around Here
Tried Asuswrt-Merlin LTS as a router, decided to stick with Tomato. Here are some observations. Wifi strength was far superior with Asuswrt-Merlin LTS. Put a Tomato RT-N66U next to a RT-N66U running Asuswrt-Merlin LTS and it was something like 65 db versus 50 db as walked further away. Stopped measuring at that point. Tomato wifi performance on the RT-N66U with FreshTomato 2021.2 is subpar, and it isn't the hardware.

However, FreshTomato 2021.2 really is just as rock solid, has a much better GUI, and better features. So FreshTomato for the router, Asuswrt-Merlin/LTS for access points.

The issues that started this thread have gone away after ATT swapped out their fiber router (have to put own network behind ATT router) and after installing a local Unbound recursive server for external queries while keeping local queries on the FreshTomato Dnsmasq. Did this by using Dnsmasq to send clients the Unbound server directly as a DNS server, and telling the Unbound server to send local queries back to Dnsmasq. While it is true that FreshTomato did hang after changing a setting, will chalk that up to changing settings left and right over a short period of time trying to figure out what was going on. After a restart it hasn't happened once (although do recall this happening once years ago as well).

External DNS through a local resolver is noticeably faster then when it has to go through Dnsmasq (both Tomato and Asuswrt-Merlin). Highly recommend using external DNS through a local resolver with a fiber connection. The internet is like it should be out of the box.

Another observation. The internet of the box directly from a BGW210-700 is the same as when using Dnsmasq on Tomato behind the BGW210-700. DNS going through a router/Dnsmasq just cannot be as fast as a local resolver for external queries no matter what public DNS server is used. A dedicated local DNS resolver on a fiber connection is magic.

Honestly, if the ATT router made the internet feel like this I never would have setup any of this. It is sad that all of this is needed to experience the internet as it should be.
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!