How to OpenWRT and Cucumber your Meraki Access Point
How to OpenWRT and Cucumber your Meraki Access Point
Please note that Cucumber as referenced in this blog is no longer in business.
A long time ago I wrote a blog on the Meraki experience Cisco does something “Meraki-lous”. I had my hands on a free Meraki MR12 Wireless Access Point and I was delving into its capabilities. However, with the passage of time came the passing of the three-year license and I lost the ability to manage the MR12. Since this unit was for demo only, there was no justification for paying the licensing costs. The unit was in a box like a no longer wanted and unused toy (echoes of Toy Story here…) until I happened across a possible alternate ending. This is the director’s cut on the story of how it came back to life.
My main goal in this endeavor was to make my device cloud-managed once more. However, since I only have one Meraki unit, I decided to take a detour on this path. Here is my roadmap:
While I am all for OpenWRT as a solution to bring an AP to life (note my previous blog on a similar solution; Enabling DD-WRT (OpenSource firmware) on your wireless router, as I mentioned, I wanted to end up with a cloud-managed device. Here are the steps of my journey. My device is the MR12, but there are other Meraki units that can undergo this procedure. To see if your device is compatible, go to OpenWrt Wireless Freedom.
At the time of this writing, this is what showed for my AP:
I followed the OpenWRT instructions found here:
I did experience some issues trying to use TFTP from my Windows 10 box (this issue was mentioned under Caveats Installing Cucumber on Cisco Meraki), but I did succeed using an old XP box. I tried TFTP32 and 64, I tried the SolarWinds TFTP server, as well as Pumpkin TFTP, with varying degrees of success. I like all of those, but it was trial and error until I got one to work with my project. I also connected to the Meraki using a USB to TTL Serial cable. Here is a pic of that cable:
I got it from adafruit.com. I also show a pic of how I connected it to the disassembled Meraki unit. (Here is a video on disassembling, it also shows attaching an external antenna, which I also did. I will cover that later in this blog.
Here is another view:
One more way to see it is like this:
Notice the red wire is left dangling.
I am not going to repeat the step by step instructions found on the OpenWRT Wiki, but I will add this bit of info. If you wish to avoid creating your own build, you can grab the needed files directly. Within the past week (early September 2017) I found them here: Cisco Meraki MR12 Ethernet
Scroll down and look for rip_tide post (Thanks rip_tide!). I just downloaded the zipped file, then extracted them and placed the correct files in my TFTP Root directory.
Once the instructions were followed, it seems I had a functioning AP once more! To verify functionality, I set an SSH login and password and then used Putty to test it. I created an SSID and joined. All was well. I really just wanted to know for myself that my OpenWRT would work on my Meraki. If your goal is just to have your Meraki converted to OpenWRT, stop! you are done!
Now that I knew it worked, time to dump it and move on. I followed the instructions for Cucumber that are located here: (Sign up for your free account while you are there.)
I had the best results with PumpKIN TFTP. I did disable my wireless adapter and kill my antivirus and firewall during this process, as suggested. I found it much easier to find success by being connected via my USB-to-Serial because I could see the progress and status as it happened; however, this is only a suggestion. Once again, the instructions provided at the link above worked for me so there is no need to reprint them here. Once the process was complete, I did find that I needed to log in to the portal and set the MAC address, as the instructions noted. If you fail to set the MAC address and your device attempts to connect to Cucumber, it will reject you because default Meraki MAC addresses are not permitted.
I did run into a couple of snags while finalizing my config, but I used the chat support option that is at the bottom right of the web page, and I am thoroughly amazed at the proficiency and promptness with which my concerns were addressed. There is no charge for downloading the Cucumber solution and there was no fee for the tech support. I received assistance from several persons within Cucumber – all of whom knew the product inside and out. Note that if you are not present at the web page when the chat is answered, you will also receive an email with their response(s).
Once I verified that I could log in to my Cucumber dashboard site, I wanted to add the external antenna to my device. I followed the steps shown in the aforementioned video to install my external antenna. Here is the antenna (two for under $10) I selected, which I found on Amazon:
There were two in the bag when it arrived, but I used one! I did drill through the metal of the case, which is different from what is shown in the video, but with the length of the pigtail, you can choose whichever way you like best. If you do drill through the metal case, remember that you will need to drill a slot into the plastic case so it will slip over the antenna.
I did have to use my grinder on the inside of the metal case to fit the antenna flush to the inside wall, and as you can see, I took off a bit too much. Hey! This was my first attempt and this is the underside anyway. I wanted the hole in the metal to be complete; that is, I wanted to avoid getting too close to the edge. You can see there is not much space left. I started with a small drill bit and worked up to ¼ inch. You may decide to blast it in one go instead of incrementally, but I did it in baby steps. The finished product is shown:
Above image shows how it looks on the inside with the antenna attached:
There was originally some black adhesive securing the antenna connector to the board, but I didn’t have any of that, so I used a miniscule drop of Gorilla Glue. I haven’t noticed any untoward effects from that. The antenna actually snaps into place on the board, so you may choose to go with no adhesive at all. It didn’t seem to me that it would disconnect on its own, as it took a bit of effort to unsnap it. Your choice.
Let’s see how it responds to cloud control. Once you sign up, your welcome email will explain how to access your dashboard. Here is a screenshot of what my initial page looks like:
Once I get to my own location, I see this:
From here you can view your device(s), create networks (up to 16 networks per location), and so much more. The directions are well documented. If you are brand new, here is the place to begin: Getting Started.
I created a couple of networks, joined them with a variety of clients (smartphone, desktop, laptop), did a couple of speed tests (performance was on par with our corporate Wi-Fi), and wandered around the building to see how well I would stay connected (excellent results, by the way).
So if you have an Access Point taking up space on your shelf and want to see if you can make it useful again, take a look at OpenWRT and/or Cucumber WiFi. You can also apply either of these solutions to a device in perfect working order also; however, most are loathe to wipe a currently licensed unit. Share your stories of unbricking your Meraki (or other vendor on the OpenWRT list or Cucumber list) and if you have such a device and don’t want to take the time to follow the steps, feel free to send it to me! J
Until next time….
You May Also Like
In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management
See our class schedule for complete Course Schedule Training. Classes are held in Phoenix, AZ and can be attended online from anywhere in the world with RemoteLive™. Instructor: Rick Trader Video Transcription: One of the things that we might have to do in our corporate network is to take a class of IP addresses and then subnet that into … Continue reading Subnetting a TCP/IP Network using the Magic Box Method
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015