OK, the 38400 baud seems to be TP-Link specific. On the T2500G-10ts this was also the case, but I thought it had to do with the UART-RS232 converter. There is a CISCO style RS232 plug.
Now you need to flash a new u-boot.
I assume you have a way of not only reading the flash but also writing it with some external flash programmer.
- Download both the T2500G-10TS GPL source code as well as the one for the T1500G-8T.
- save ldk_realtek/realtek_v2.1.4/u-boot-2011.12/common/bootapp.c of the T1500
- cp ldk_realtek/realtek_v2.1.4/u-boot-2011.12/common/bootapp.c from the T2500 over to the
- make e.g. do the reboot command in bootapp.c do what the exit bootapp command does in the T2500
- alternatively copy also the flash* utilities over from the same directory as the bootapp.c and make sure they get built
- go to t1500g-8t_gpl/tplink/buildroot-realtek
- make O=build/t1500g-8t tplink-t1500g-8t_defconfig
- make O=build/t1500g-8t
- If something fails in the build, restart with: make O=build/t1500g-8t clean
- The build will fail at some point but should produce ./tplink/buildroot-realtek/build/t1500g-8t/images/u-boot.bin
- Verify there is the string Tftp in the u-boot image.
- Flash the new u-boot to the flash
You should get more commands in the Boot Menu including one to go to the realtek OEM boot menu.
There do the usual "rtk network on", tftpload etc.