Recycle a TP-LINK Router with OpenWrt

Reading time ~7 minutes

Recycle a TP-LINK Router with OpenWrt

Recycle a TP-LINK Router with OpenWrt

I tried to recycle an old TP-LINK TL-MR3020 by installing and configuring OpenWrt on it. This turned out to be a bit challenging because it has only 4M disk space and 32M RAM. Even the OpenWrt site does not recommend it anymore ( To extend the disk space I used a USB disk, but this is challenging too, because the standard OpenWrt image for TP-LINK TL-MR3020 does not contain the drivers for reading it, so a custom image has to be built, which contains these drivers.

1 Restore the original tp-link firmware

Initially I was not sure what was installed on the router, so I started by restoring the original firmware from TP-LINK: (I have the version 1.9 of this router, which can be read from the label of the serial number, on the bottom.)

cd TL-MR3020_V1_150921/

We will see the file ~'mr3020nv1_en_3_17_2_up_boot(150921).bin'~. According to the instructions on, since it contains the word boot, we need to cut off some part of it, before flashing it:

dd if='mr3020nv1_en_3_17_2_up_boot(150921).bin' of=tplink.bin skip=257 bs=512
ls -l

Notice that it's size is 3932160, about 4M, which is also the size of its storage.

To flash this image to the router I used a TFTP server (according to these instructions:

apt install atftpd
mkdir /srv/tftp
cp tplink.bin /srv/tftp/
chown nobody:nogroup -R /srv/tftp
atftpd --daemon /srv/tftp
netstat -lunp | grep 69

ip address add dev enp1s0f0

get tplink.bin

Now connect the router to the computer with a cable and turn it on while keeping pressed the WPS/RESET button. Looking at the logs (tail /var/log/syslog -f), you will see a message like this:

Serving mr3020v1_tp_recovery.bin to

This means that the router is looking by default for the file mr3020v1_tp_recovery.bin. So, we should rename tplink.bin to this:

mv /srv/tftp/{tplink.bin,mr3020v1_tp_recovery.bin}

Then try it again and the router will start flashing the new image to its storage and will reboot. If everything goes well you should be able to ping to, which is the default IP of the flashed image. You can also open without password and access the greenish interface of the router. (If it asks for a password, then try username 'admin' and password 'admin'.)

Now you can stop the TFTP server:

ps ax | grep atftpd
kill -9 32264
ps ax | grep atftpd

2 Install OpenWrt LEDE

From the download page get the file tl-mr3020-v1-squashfs-factory.bin:


Then, following instructions similar to these, open "System Tools" and "Firmware", then "Choose File" and select 'lede-17.01.5-ar71xx-generic-tl-mr3020-v1-squashfs-factory.bin', and finally click on "Upgrade".

When upgrade and restart is finished, the router can be accessed on = without password:

ip address add dev enp1s0f0
ip addr
ssh root@
df -h

It can also be accessed at

3 Use a USB stick for storage

You will notice that the native storage is very limited and you cannot harness the full power of OpenWrt with so little storage. Plugging a USB stick to the router doesn't work because the necessary drivers are missing. If we follow the instructions on this page we have to build a new image upgrade that contains these drivers and install it. If we had more disk space (for example 8MiB) we could have installed the needed drivers from the internet, like this:

opkg update
opkg install block-mount kmod-fs-ext4 kmod-usb-storage kmod-usb-ohci kmod-usb-uhci
opkg install e2fsprogs fdisk   # optional

However the small disk space would not be enough to fit the package list and the necessary packages.

Let's start by downloading from the file lede-imagebuilder-17.01.5-ar71xx-generic.Linux-x86_64.tar.xz (it is at the end of the page) and opening it:

tar -xf lede-imagebuilder-17.01.5-ar71xx-generic.Linux-x86_64.tar.xz
cd lede-imagebuilder-17.01.5-ar71xx-generic.Linux-x86_64/

Now we can build the image using the profile for tl-mr3020-v1 and adding some extra packages:

make info
make image PROFILE=tl-mr3020-v1 PACKAGES="block-mount kmod-fs-ext4 kmod-usb-storage kmod-usb-ohci kmod-usb-uhci"

If the command fails, most probably you need to install some additional development packages. The error message should give a hint about what needs to be installed.

If the image build was successful, you will find on bin/targets/ar71xx/generic/ the images lede-*-factory.bin and lede-*-sysupgrade.bin. Let's copy the sysupgrade image to the router and upgrade the system:

scp bin/targets/ar71xx/generic/lede-17.01.5-ar71xx-generic-tl-mr3020-v1-squashfs-sysupgrade.bin \
ssh root@
ls /tmp/
sysupgrade -v /tmp/lede-17.01.5-ar71xx-generic-tl-mr3020-v1-squashfs-sysupgrade.bin

On a linux system, we can partition the USB stick (for example using fdisk) to have a swap partition of 512MiB, and the rest of it an ext4 partition. We can plug this USB on the router and continue the configuration like this:

ssh root@
block info  # should see /dev/sda1 as swap and /dev/sda2 as ext4

eval $(block info "${DEVICE}" | grep -o -e "UUID=\S*")
echo $UUID
uci -q delete fstab.overlay
uci set fstab.overlay="mount"
uci set fstab.overlay.uuid="${UUID}"
uci set"/overlay"
uci show fstab
uci commit fstab

mount $DEVICE /mnt
cp -a -f /overlay/. /mnt
umount /mnt

reboot ; exit

Then login again after reboot and check that /dev/sda2 is mounted as root (with the command df -h). If it is not, then try the troubleshooting instructions on

In my case I had to do these extra steps to make it work:

ssh root@
mount /dev/sda2 /mnt
rm -f /mnt/.extroot-uuid
rm -f /mnt/etc/.extroot-uuid
umount /mnt
reboot ; exit
ssh root@
df -h

It is also useful to preserve software package lists across boots and to enable the swap partition:

sed -i -r -e "s/^(lists_dir\sext\s).*/\1\/usr\/lib\/opkg\/lists/" /etc/opkg.conf
opkg update    # it doesn't work yet because there is no internet connection

uci -q delete fstab.swap
uci set fstab.swap="swap"
uci set fstab.swap.device="/dev/sda1"
uci show fstab.swap
uci commit fstab
/etc/init.d/fstab boot

4 Connect to client Wi-Fi network

We can connect to a Wi-Fi network from the command line, like this:

uci show wireless
uci set wireless.@wifi-device[0].disabled="0"
uci show wireless
uci commit wireless

Now we can list the networks in range using iw dev wlan0 scan. Then continue the network configuration using the right values for ssid, bssid and key:

uci show network

uci set network.lan.ipaddr=''
uci set network.wan=interface
uci set network.wan.proto='dhcp'

uci show wireless.@wifi-iface[0]
uci set wireless.@wifi-iface[0].network='wan'
uci set wireless.@wifi-iface[0].mode='sta'

iw dev wlan0 scan

uci set wireless.@wifi-iface[0].bssid='C8:D5:FE:C8:61:B0'
uci set wireless.@wifi-iface[0].ssid='Violetta'
uci set wireless.@wifi-iface[0].encryption='psk2'
uci set wireless.@wifi-iface[0].key='myWifiPasswordHere'

uci show network
uci show wireless

I had to set the IP of the LAN interface (eth0) to in order to be on a different network from that of the Wi-Fi interface (which is For more details see:

Now we can enable/activate this configuration:

ip addr
ip ro

uci commit wireless

At this moment, the IP on eth0 will be changed from to and our connection will be frozen. We have to add another IP to enp1s0f0 and connect again:

ip addr add dev enp1s0f0

ssh root@
ip addr
ip ro

If everything went well, the router should now be connected to the internet. Not only that, but it should also act as a gateway for our computer (connected through the cable).

5 Fix the web interface

Somehow we broke the LUCI web interface when we installed the upgrade image (in order to install the USB drivers). Now that we have plenty of storage space and have internet connection, we can fix it easily (following these instructions:

opkg update
opkg install luci
opkg install luci-ssl-openssl
reboot ; exit

Now you can open in browser and manage the router from the web interface.

6 Ad blocking

It is easy to install adblock, following the instructions on this page:]

opkg install adblock
opkg install luci-app-adblock
uci set"1"
uci set adblock.extra.adb_backup="1"
uci set adblock.extra.adb_backupdir="/etc/adblock"
uci set adblock.extra.adb_backup_mode="1"
uci commit adblock
/etc/init.d/adblock restart

uci show adblock

7 Setup an OpenVPN client

You can setup a VPN based on these instructions:

Basically you need to copy the client profile to /etc/openvpn/client.conf and fix its permissions, like chmod 600 /etc/openvpn/client.conf. Then install the package openvpn-openssl and make a small change on the firewall:

ip addr
ip ro

opkg install openvpn-openssl
/etc/init.d/openvpn restart
ip addr
ip ro

uci set firewall.@zone[1].device='tun0'
uci show firewall.@zone[1].device
uci commit firewall
/etc/init.d/firewall restart
iptables-save | grep tun0

8 Create an AP (Access Point)

Right now the router can be used as a gateway only for a computer that is connected to it by a network cable. It would be nice if it could be used as a gateway for a phone or tablet as well, connecting to it by wi-fi.

We can do this by creating a new wireless interface, connecting it to the LAN network, and configuring it as an AP:

ip addr
ip ro

uci set wireless.@wifi-iface[1]=wifi-iface
uci set wireless.@wifi-iface[1].device='radio0'
uci set wireless.@wifi-iface[1].network='lan'
uci set network.lan.type='bridge'

uci set wireless.@wifi-iface[1].mode='ap'
uci set wireless.@wifi-iface[1].ssid='OpenWrt'
uci set wireless.@wifi-iface[1].encryption='psk2+tkip+ccmp'
uci set wireless.@wifi-iface[1].key='123abc'

uci commit wireless
wifi reload

ip addr
ip ro

For a more advanced configuration see wwanHotspot.

Date: 2020-01-20

Author: Dashamir Hoxha

Created: 2020-01-21 Tue 14:03

Emacs 25.2.2 (Org mode 8.2.10)


OpenPGP Web Key Directory

OpenPGP Web Key DirectoryOpenPGP Web Key DirectoryTable of Contents1. Introduction2. How WKD works3. Building a WKD3.1. Create the direct...… Continue reading

SMTP Server with LDAP Authentication

Published on April 17, 2021

Using WireGuard VPN

Published on November 09, 2020