[Solved] Netgear GS308T recovery

Hi all, full disclaimer, first time installing OpenWRT and I don't know nearly as much about networking as I'd like to.

I got a my GS308T yesterday, I want to use it as a dumb switch and link all 8 ports together as I already have a main router. Installation went fine first with the kernel from the OEM GUI, then with the sysupgrade via SSH after taking care of using vlan ID 100.

I was able to install and access LuCI after a bit of trickery, my main router is assigned already, had to move the switch to to get internet from one of the WAN ports.

After that I followed the dumb AP guide, assigned a static address to the LAN port, and proceeded to disable the firewall and DHCP on that interface. I also assigned it to the same VLAN as the WAN ports (switch.1 instead of switch.100). That's where things went wrong, LuCI wouldn't apply the changes because the device became unresponsive after 90s, so I got caught in the heat of the moment and chose to apply unchecked.

I can't ssh nor ping it anymore when connected directly to my laptop (tried and on VLAN 1, and 100 just to be sure). When connected to my main network via the LAN port, I can ping the address but that's about it. No SSH, no LuCI.

Did I do something wrong (most likely)? Is there a way to recover from this? I read the device has 2 firmwares, but it's not clear how to boot on the second one. If I do find a way, what should I do differently to make this switch a dumb switch?

Edit: It does seem to work as a dumb switch, I can plug stuff in the WAN ports and they get an IP from my main router, but not being able to SSH or access LuCI is a deal breaker, I wanted to try LACP for my server, among other things.

should work (probably already the simple case of keeping the reset button pressed for over 5s, once OpenWrt has fully booted up), if not, it would be time to connect a serial console.

1 Like

I am not sure this works, but you should always try failsafe mode as the first step when the device is inacessible due to configuration problems: https://openwrt.org/docs/guide-user/troubleshooting/failsafe_and_factory_reset#failsafe_mode

From your thorough description of what you did and what you see, I believe the problem is that you have configured the only ip interface as WAN, and it is therefore firewalled. You did this by moving it from VLAN 100 to VLAN 1, since WAN was defined as VLAN 1.

AFAIK, you can only boot from the second firmware by modifying the bootpartition variable. To do that, you either need access to a running firmware allowing you to set UBoot variables or to the UBoot shell. So without access to the currently booting firmware , that means serial console.

An idea for later: Maybe we should create a magic signal (using a button press pattern?) to switch firmwares? Or will that just be a footgun? Not sure... Doesn't help you here and now anyway

EDIT: BTW, a trick I like to use when I modify network settings of a device I don't have console access to is saving a known good network config and putting this (or something similar) in /etc/rc.local:

# restore networking to known-good state
[ -f /etc/config/network.save ] || cp -p /etc/config/network /etc/config/network.save
if ! cmp -s /etc/config/network /etc/config/network.save; then /bin/cp -p /etc/config/network.save /etc/config/network; /etc/init.d/network restart; fi

This way I can always go back to the known good /etc/config/network.save by a simple reboot.

The only problem is that I usually forget to update /etc/config/network.save after making changes and verifying them, so I have to do the same changes twice. Or more if I've had too little coffee. But this has saved my ass more than once - in particular with remote devices where pressing a button is hard but remote power management is possible (e.g PoE powered devices).

Thank you both for your quick answers, I tried pressing the reset button for 10s and it worked! I am now back to square one.

@bmork I'll use your trick while I try to get the config I want to work :slight_smile:

1 Like

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.

1 Like

@tmomas Done, thanks for the heads up!

As a follow-up, I managed to get what I wanted. I kept the LAN interface as is on VLAN 100 in case I break something again, I'll have a way to recover. Disabling the firewall on WAN enabled SSH and LuCI access from my main network and the dumb switch is otherwise fully functional. Kudos for this great piece of software, my initial impressions are very high. Hope my main router (Netgear RAX40) is one day supported so I can move away from the buggy OEM firmware. Cheers!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.