Afoundry EW1200

Hello Everyone!

I have finally got this working with some great help by @Blotto and @Denobisipsis.

I worked with @Blotto to try and get telnet to configure correctly but unfortunately I had no such luck. I reached out to AFoundry DEVS through their support Whatsapp and they were apprehensive to release any such information but with a little coaxing they actually agreed that Blotto's technique would in fact work...for some reason with my was just simply hopeless. It is definitely a great place to start though because you may have better luck with your EW1200.

So here's how I got it to work and it was relatively seemless.

I used a lot of instruction from @Denobisipsis's tutorial but I used a different USB to UART interface.

His tutorial can be found here:

The USB to UART interface that I purchased can be found here:

LEDE files needed:

First start by opening your EW1200 by removing the 6 antennas and the 8 screws, 4 on each size. The board slides right out the rear. Locate the J4 header and connect the USB to UART as follows:

TX -> RX
RX -> TX

Some interfaces may match up the TX and RX but for the sake of this tutorial, the interface listed above accepts this configuration.

Connect the power and the ethernet cord to your system. Once connected, plug the USB portion of the interface into your system..I tried to get it working with Windows but got fed up with the cross compatibility issues and stuck with my Mac(linux partition needed reinstallation so this will do).

First you need to do is determine the device you're looking to connect to. This can be found through the following command:

-ls /dev/tty.*

This will list all the tty.***** devices able to be connected to, find the desired device and connect to it using the command below (replace * with actual device):

-screen /dev/tty.*- 57600

This will take you to a blank screen with a blinking terminal cursor. It looks like nothing is happening but you are currently connected to the serial console of the EW1200. Enter the username: admin and the password: admin...assuming the machine is on stock configuration. You will now see the OpenWRT information and the admin console...not much can be done from here with regards to getting LEDE installed.

So with the interface still connected, reboot the router either through the online AFoundry web portal, through the serial console with reboot or by simply pulling the plug. Because the interface is hardwired into the serial console, upon rebooting you will be instantly connected to the boot process code. I really liked how @Denobisipsis utilized the Flash over TFTP method through the bootloader. Upon rebooting you will come to a portion of the boot where it offers 6 operations. Press 2 to Load system code then write to Flash via TFTP. It will ask you to confirm with a Y/N, obviously press Y.

You will then enter the configuration for the TFTP server hosted on the machine connected via ethernet through LAN as stated in @Denobisipsis's tutorial... DO NOT ATTACH TO WAN. It will ask for the following:

-Device IP: 169.254.X.X(Mine was some variation of this address but everyones will be different)
-Server IP: 169.254.X.X(Mine was some variation of this address but everyones will be different)
-Bin File: lede-ramips-mt7621-ew1200-initramfs-kernel.bin(This file should be placed in the root folder of the TFTP server)

Hit enter and the kernel will install overwriting all of AFoundry's terrible nonesense. Upon finishing you will come to the end of the boot process and hit enter. The new install of LEDE does not come with a password by default, I recommend you make a new one to start, this can be done by the following command:

-Enter new password: Your Choice
-Repeat Password: Your Choice Again

You will then want to run the following commands to update LEDE:

-cd /tmp
-sysupgrade -v lede-ramips-mt7621-ew1200-squashfs-sysupgrade.bin

Once that's fully booted with the updated LEDE system it's time to update OPKG and install LuCi:

-opkg update
-opkg install luci

From this point forward you are able to load the LuCi online web portal through, configure as appropriate to your needs and run with it.

Once again, I would like to thank *@Blotto and @Denobisipsis for your patience and information. Obviously there is a lot of credit to give to @Denobisipsis for the use of his tutorial to supplement this very tutorial. I just found the language barrier and Google's translate ability to be of poor quality so this English tutorial may help others.

I am having some issues with the WiFi interfaces disassociating and dropping connection to clients but I assume that's because I have it loosely setup for my OPNsense machine which usually deals with all DHCP leases. I will mess around with it tonight and report back but if anyone has some insight into it I would appreciate it!

Any questions or corncerns, please feel free to reach out to me!



Hi guys, I have tried the above with limited success, I need your help to figure this out.

I used a serial adapter +

I've done all the steps above, first issue was setting up TFTP, without being able to DL. I tried several times and then had the idea to disable my firewall... BINGO! then that part was done.

Then the second issue started when I tried the 'wget' command. The result I got was:
"wget: SSL support not available, please install one of the libustream-ssl-* libraries as well as the ca-bundle and ca-certificates packages."
I'm assuming this whole tutorial works when the EW1200 router is connected to the internet from another router whose IP is NOT (=default EW1200 IP) AND that the IP/Internet setup is working, therefore once you're in LEDE bootloader, you can download the sysupgrade file from the LEDE website.

After some searching I was able to conclude this:

  • My ew1200 IP is therefore there is no way it can receive the internet from my ISP router who's IP is also (and I cannot change that)
  • using the vi command I was able to edit /etc/config/network as to not have my "lan" interface on DHCP protocol, therefore receiving an IP and the internet from my ISP router.
  • I wasn't yet done, once that worked, I know tried to fix my SSL issue, with 'opkg update' and downloading SSL packages => that did not work out as I got errors from wget telling me there was 0b disk space, therefore no install was possible (sic)
  • I then decided to upload the 'lede-ramips-mt7621-ew1200-squashfs-sysupgrade.bin' file to an online http hosting website (no HTTPS) and use a wget with that website and it worked
  • i then used the sysupgrade command which worked I believed
  • rebooted
  • tried the opkg update from scratch => no go. Configured my EW1200 router 'lan' protocol to DHCP and then that worked
  • install luci
  • rebooted
  • the EW1200 does not seem to go DHCP as my ethernet card is NOT given a 192.168.1.X IP therefore no access to

Where did I mess up?

You could have avoided that SSL issue by simply changing https to http in the download link.

Tried it.
It ended up in a 404 error which is very strange since it worked in my browser but not in the SSH/command prompt.

After messing with the Afoundry EW1200 I wasn't able to get the router to perform to my standards. I was experiencing constant client disassociation, rebooting, errors, etc. I got extremely pissed off after about a week of tinkering with it, to the point I had it setup as a standard DUMB AP and it couldn't hold an association for more than a minute. It's a shame because the unit was powerful but honestly I had better connectivity when I used the unit on stock firmware. Certainly not worth all the struggle.

I ended up using Amazon Prime Returns and replacing the unit with a Ubiquiti AP AC Pro, which took literally 2 minutes to configure once I had the Cat6 ran to the ceiling location I was going to put it. Configured and forgot about all my WiFi needs. System is truly set and forget for a mere $25 more than the Afoundry. However, my network sits behind an OPNsense dedicated firewall and VPN blanket so you would need to configure some sort of "router" to handle DHCP and your other firewall needs.

Will think about that.

Any clues at what I should do in order not to end with a brick? :stuck_out_tongue:

Check your return policy and send it back before the last day XD. If you bought on Amazon, they didn't question for a second the integrity of the firmware just accepted return and refunded within a day. There's so many plug and play options that allow LEDE, OpenWRT, LibreWRT, DDWRT, Tomato...that it's pretty much a waste of time and effort trying to get this Frankenrouter functioning properly. I do highly recommend the Ubiquiti products, truly set and forget..

Then the second issue started when I tried the ‘wget’ command. The result I got was:
"wget: SSL support not available, please install one of the libustream-ssl-* libraries as well as the ca-bundle and ca-certificates packages."

Did you go trought something like this k1ll3ry0 ?
how was the EW1200 router connected to teh internet when you did it?

Thank you

Are you able to effectively ping the device to a server like Is there a network issue? I had my Macbook pro plugged in so I was able to get the respective address information and assign a DHCP to the router from my firewall. I never ran into this issue with my installation.

Change the URL from https:// to plain http://.

Hi all. EW1200 user here.

I'm reading a lot about how to change firmware, because I need to restart several times per day my router. I'm getting really mad with this.

So I have a couple of questions.

With 5.4 firmware, I can telnet the router, but no user/password is valid here. I tried factory defaults even. But seems this doesn't work. Server are waiting for my username and password, but everything is 'Login Incorrect'.

I tried to download settings from router. It's a bin file. No idea how to open it so I tried with my code editor.
There is text inside, but nothing similar to telnet.cfg... So, not sure if i'm doing this well.

Is there a 'secret' key for telnet? Need I to change config file? adding a line if it's not present? I really like to try @Blotto's way, instead of open my router...

Router logs says:
Oct 27 11:32:39 Router auth.warn login[2193]: invalid password for 'admin' on 'pts/0'"

Any help is welcome! Thank you!!

Hi guys.
I finally managed to make it work.
The reason why I wasn't getting access to was that I forgot to change back the /etc/config/network parameters to 'Static' // as I had changed them to "DHCP" in order to receive internet from my ISP router.
After changing that and started the web interface:
/etc/init.d/uhttpd start
/etc/init.d/uhttpd enable

I've been using it for 2 days and I have similar disassociation issues like k1ll3ry0.
Will probably try to get a refund.

What would be your best advice / choice on a similar powerful router nowadays?

I'm looking at Asus RT-AC88U or it's DSL modem counterpart DSL-AC88U.

Take a look at Ubiquiti. For the cost, you simply cannot beat the performance. I'm not sure if you have a separate server or router but I would greatly recommend the Ubiquiti AP AC PRO. Link: You can either run it as an independent access point and configure it through your PC using the Ubiquiti Controller or you could get a USG which would act as the Controller for the AP. USG link here:

I have a separate server running as a full network VPN tunnel. Every packet goes through the tunnel which is nice because it only utilizes a single client on my VPN network. The OPNsense server also handles DHCP and all other routing/firewall needs so I only needed a "Dumb AP" to distribute to my wireless devices. I HIGHLY RECOMMEND UBIQUITI. It's as set and forget as you can get...Never any network issues in the 2 months I have had it.

what about the UAP‑AC‑HD with 802.11ac Wave 2 4x4 MU-MIMO?

For standard home applications, the PRO will more than suffice as it's rated for roughly 200 users. You're looking at a massive increase in price range for something that you probably will not need. Roughly $130 vs $300 if priced through amazon. The range is fantastic, speeds are wonderful and the way they manage 2.4Ghz and 5Ghz ranges, single SSID and it differentiates between what it thinks you need in terms of speed. Pretty neat stuff. Stay away from anything less than the PRO though they are meant to be used in a mesh throughout the household where a PRO handles the entire 1st and 2nd floor of my house from edge to edge and some ways down the driveway. I have mine mounted to the ceiling with lines running through the attic and the downward pointing of the AP covers the entire living space. However, it will only perform as well as the service you provide for it. I have Gbit internet and I can sustain 400Mbps on the first floor to my Nexus 6P and Macbook Pro.

1 Like

I’ve been using it for a few days and I have similar disassociation issues like k1ll3ry0 and At0mx.

But I found out the following:
The transmission power is completely sufficient, but once I had an interruption in the upper floor of my apartment, a renewed authentication fails.
Only when I go back near my router, the connection is immediately restored and I can move away from him again.
It's as if the settings like distance, RTS threshold and fragmentation threshold have no effect. Compared to the original firmware, the effective distance to the router has been reduced from about 500m to 30m, but the field strength is consistently great. I tried it with 10mW up to 100mW, but it had no effect on the effective distance to the router.
Is there another, better driver for the wifi module or the WPA / WPA2 negotiation? Or is it possible to extend the runtime limit with other unknown parameters?
If not, someone has the original firmware from the router?

Same issue here.

I have the stock firmware (1.7.2) but how can I install it?

From the factory web GUI: System-->Management-->Backup Button
This will export a file called farm_config.tar
Save this to your hard drive and untar it. It will barf out a collection of all
of your config files. cd to /config/tui/ and you'll see telnet.cfg
Edit telnet.cfg with a text editor (change "disable" to "enabled"), save,
create a new tarball and restore from the same web admin page you downloaded from,
reboot, and you should be good to go. Nmap before & after to see if telnet is open after
reboot. Those are the steps that worked for me.

Sorry, I think my question was not clear.
The question is: how can I revert to the stock firmware? LEDE is currently installed. See for more information.

Hi Fiber Monkey,
thank you for your stock firmware, but unfortunately, I could not use your file.
But I found another file "EW1200_Afoundry_EN.upgrade" (just do not know where it was).
I simply flashed this file via the LUCI web page of the LEDE OpenWRT interface. I gave the router a few minutes (> 5min) to flash and after a restart I could not access the router anymore.
Then I pressed the reset button for about> 5 seconds and after another restart it was found under its default IP: with the default user: admin and Password: 88888888
Now I am satisfied with this router again.
sorry for my bad english
See: EW1200_Afoundry