Reflash a bricked Netgear WNDR3700v2 router

This post describes the procedure I followed to recover my Netgear WNDR3700v2 when I was unable to browse to it, while running Gargoyle open source firmware.  Most parts of this procedure will likely work to reflash any bricked Netgear router.  The procedure takes 10-15 minutes – you will lose any settings and plugins installed on the router.

You can see my posts on other routers here.

Background

I have a Netgear WNDR3700v2 router which I have used as a general purpose router running Gargoyle firmware.

A few months ago I configured the router as a wireless bridge to extend the range of our wireless network at home and get improved Internet performance (for me at the end of the house).  Although the router runs reliably as a bridge it can be tricky to setup in this mode because it involves switching off DHCP on the router and in bridge mode you can only see the router from the upstream network (WAN-side), not as a client on the bridge (connected LAN-side).  Short story is that because it’s not setup as a DHCP server, it’s very easy to lose the router and have no way of finding it.

Today I switched the router to bridge from another wireless AP and double/triple checked my IP address, mask etc.  I’m sure you know how this story ends – once the router rebooted, I couldn’t find it on the network I’d connected it to, even when scanning the entire subnet.  So the lights were on and the router was probably quite happy, but I couldn’t connect to it.

After half an hour of attempting everything I could think of and failing to find it, I considered the router effectively unusable.  Not bricked, but I couldn’t find or connect to it, so not usable.

Hardware reset doesn’t work on a Gargoyle router

This router had been flashed with Gargoyle firmware which, although designed to work with the chipsets of a few different routers, doesn’t necessarily know how to interact with the external hardware of different manufacturers’ routers, such as buttons.  The OEM firmware for this (or your) router knows what to do when I press and hold the little red button, but your open source firmware probably doesn’t, so the hardware procedure to factory reset the router will not work in this situation.  I tried the hardware reset process a few times with no joy, so concluded that I would need to re-flash the OEM firmware in order to get the router back again.

Reflash bricked Netgear router using TFTP

This procedure will re-flash a bricked Netgear router (definitely WNDR3700v2, maybe others) and can also be used on routers that are not bricked, but you’ve lost track of them (you don’t have access to the web interface for whatever reason).  The router does not need to be already running OEM (Netgear) firmware – my router was running Gargoyle and was not bricked, but I was unable to find it on the network, even with an IP scan of all the networks it should have been on.

I pushed the firmware image to the router using TFTP at the command line on Windows 10.  The process would be similar for Windows 7 and even Linux (though TFTP command line switches might be different).

I don’t go into detail on how to configure IP settings for network cards because if I have to you probably shouldn’t be flashing router firmware.

  1. Enable TFTP in Windows (if you don’t already have it installed) – in Control Panel \ Programs and Features \ Turn Windows features on or off – find TFTP Client, select it and click on OK to install it.
  2. Download OEM firmware for the Netgear router you’re using.  In our case version 1.0.0.12 of the Netgear WNDR3007v2 firmware.  Extract the .IMG file from the zip file you’ve just downloaded and save it to a local folder, say C:\Netgear
  3. Turn off the router and plug a single ethernet cable into the router from your computer.
  4. We’ll be connecting to the router before it’s booted, so have to hard-code IP settings for your ethernet card that we’d normally get from the router.  The IP address should be 192.168.1.10 (or any other address in this subnet that is free).   The subnet mask should be 255.255.255.0 and gateway 192.168.1.1 (I doubt the gateway is needed but we put it in just in case)
  5. Open a command prompt in Windows, change to the folder that you extracted the OEM image to (eg PushD C:\Netgear) and get the following command line ready tftp -i 192.168.1.1 put WNDR3700v2-V1.0.0.12.img (or whatever the extracted Netgear firmware image you downloaded is called).  Don’t press enter yet
  6. The Netgear router should be plugged in and switched off.  Press a paperclip (or tiny screwdriver) into the factory reset button hole (surrounded by a red plastic ring underneath the router) and hold the button in for about 5-10 seconds before switching on the router.  Keep the reset button pushed in for 30 seconds more then release it.  The router will reboot after you release the reset button and briefly go into TFTP server mode at 192.168.1.1
  7. At the Windows command prompt, within 5 seconds of releasing the reset button on the router, hit enter on the TFTP command line tftp -i 192.168.1.1 put WNDR3700v2-V1.0.0.12.img.  In Windows 10, after a few seconds you should see a response like Transfer successful: 7078081 bytes in 1 second(s), 7078081 bytes/s or similar, depending on the size of the firmware image you pushed to the router.
  8. The router will reboot and after 45-75 seconds (depending on the size of firmware image) you will see the power light flash green/orange for a minute or so.  If you don’t see the power light flash green/orange then it’s likely the flash hasn’t worked.
  9. The router will reboot again after the firmware is written and after a few more minutes you should be able to access it at http://192.168.1.1
  10. When you’re done, go back into the IP settings for the ethernet card you used to connect to your router from your computer and switch them back to what they were (likely automatic).

If you don’t see the power light flash green/orange about a minute after you’ve pushed the image up then the image has probably not successfully uploaded to the router.  Try again but replacing step 6 with the full 30-30-30 reset.

I have successfully flashed OEM (Netgear) firmware, and Gargoyle firmware using this process.  I have tried to flash DD-WRT with TFTP several times but been unsuccessful.

I have successfully upgraded to DD-WRT using the next method.

Flashing DD-WRT from the OEM web interface

With Netgear WNDR3700v2 firmware version 1.0.0.12 and earlier, you can upgrade to DD-WRT and Gargoyle using the Router Upgrade option on the web interface.  This may be possible with other Netgear routers if their OEM firmware supports flashing 3rd party software (such as DD-WRT).

Once you’ve logged onto the web interface of the OEM firmware, do the following:

  1. On the left side menu, click Router Upgrade under the Maintenance section
  2. Browse to the firmware you wish to upgrade.  With Open-WRT based firmware (such as DD-WRT and Gargoyle) you must upgrade from OEM firmware using the .img versions of the firmware.

I have successfully upgraded from OEM to Gargoyle and DD-WRT firmware using these procedures.

 

Leave a Reply

Your email address will not be published. Required fields are marked *