[Vamp]

If you get power light orange or all light on, or if you have power light blinking, ttl=100 do a tftp and still the same, than your router is bricked and you need to do the folowing steps.
I did this after brick my router for more than 8 times or every time i try to upload old BS firmware. I think wnr834b_V2 dos not like the old BS firmware.

There are 2 ways to unbrick this router.
The first is not safe but you can try on your on risk. Some times works and some don´t and you may burn your router.
All you have to do is:
1. Unplug power
2. open dos windows and type ping -t 192.168.1.1
3. short pins 16 and 17 using a small screwdriver on flash chip and plug power.
4. Then you shoud get power light blinking and ttl=100
5. take off the screwdriver and you read to tftp a new firmware.
If this dosen´t work, then only TJTAG.

The other and safe is using TJTAG, but some times you get "*** Unknown or NO Flash Chip Detected ***" like this:

tjtagv3 -probeonly /noemw /noreset
==============================================
EJTAG Debrick Utility v3.0 RC1 Tornado-MOD
==============================================

Probing bus ... Done

Instruction Length set to 8

CPU Chip ID: 10010100011100000100000101111111 (9470417F)
*** Found a Broadcom BCM4704 KPBG Rev 9 CPU chip ***

- EJTAG IMPCODE ....... : 00000000100000000000100100000100 (00800904)
- EJTAG Version ....... : 1 or 2.0
- EJTAG DMA Support ... : Yes
- EJTAG Implementation flags: R4k MIPS32

Issuing Processor / Peripheral Reset ... ECR: 0x00000100 Done
Enabling Memory Writes ... Mem 0x00000000
Done
Halting Processor ...
00000000001000000000000100000000 (00200100)
00000000001000000000000100000000 (00200100)
<Processor did NOT enter Debug Mode!> ... Done
Clearing Watchdog ... Done
Probing Flash at (Flash Window: 0x1fc00000) ...
Done

*** Unknown or NO Flash Chip Detected ***

*** REQUESTED OPERATION IS COMPLETE ***

In this case, Use this:
tjtagv3 -probeonly /flash_debug.
You will get some like this:
.
.
.
Flash Vendor ID: 00000000000000000000000011000010 (000000C2)
Flash Device ID: 00000000000000000010001010101000 (000022A8)
*** Found a MX29LV320B 2Mx16 BotB (4MB) Flash Chip ***

- Flash Chip Window Start .... : 1fc00000
- Flash Chip Window Length ... : 00400000
- Selected Area Start ........ : 00000000
- Selected Area Length ....... : 00000000



*** REQUESTED OPERATION IS COMPLETE ***

Now that you find the flash chip, is better to erase wholeflash doing this:
Unplug power and plug again. Have to Be fast and type:

tjtagv3 -erase:wholeflash /fc:XX /noemw /noreset
where XX is the flash number, im this case 41 (MX29LV320B 2Mx16 BotB (4MB)), so /fc:41

power cicle and try tjtag -probeonly /noemw /noreset
Now you must have power and all lan light on, no ping, nothing and tjtag should find your flash chip (don´t ask me why)

Next step is to put a work CFE.
tjtag -flash:cfe /noemw /noreset
power cicle again and now you must have power light blinking, but don´t try to tftp it will not work.

Next step is to put a custom on your router, using the one you have with your mac address. (see next post for a generic custom.bin file you can edit - redhawk)
tjtag -flash:custom /window:1fc00000 /start:1ffe0000 /length:10000
power cicle and again you showd have green power light blinking.

Now you are read to tftp the netgear firmware.

set your IP to fixed.
ip: 192.168.1.5
sub-net: 255.255.255.0
gateway: 192.168.1.1
some times is better set your lan card to 10mbs half-duplex.

Open a dos windows and type ping -t 192.168.1.1
If you get a ttl=100 than you can tftp the netgear firmware.
use this wnr834bv2_1_0_22_na.bin (with headers stripped out) found here http://www.dd-wrt.com/phpBB2/download.php?id=5495
I tryed the newest firmware from Netgear, but after that i can´t upload DD-WRT firmware again.


So open another dos windows.
unplug router power.
First window is with ping -t 192.168.1.1
On second type tftp -i 192.168.1.1 PUT wnr834bv2_1_0_22_na.bin. Don´t hit enter.
Plug power and wait for ttl=100.
You should get something like this
.
.
Hardware error.
Hardware error.
Reply from 192.168.1.1: bytes=32 time=2ms TTL=100
Reply from 192.168.1.1: bytes=32 time=2ms TTL=100


When router respond ping hit enter on tftp windows.
On my took about 7 to 15sec to tftp.
After finish, don´t do anything and watch the ping windows. After 2/3 minutes showld respond ttl=64 power light green and lan light (1 or 2 or 3, 4) you are conected solid.
If ok, you will get your router back to netgear firmware, and than you can put back dd-wrt.chk firmware using webgui.

Sorry for a bad english.

[redhawk0]

Here is a generic custom.bin file that you can edit.

LAN MAC starts at location 40 (Red circle)
WAN MAC (LAN+1) starts at location 46 (blue circle)

There are no characters between the two MAC addresses.

In the file below the generic MAC is 00:1B:2F:00:00:01 and 00:1B:2F:0:00:02

Follow Vamp's instructions above for flashing it using tjtag.

Good luck.

BTW...I added a link to this thread in the wiki>>install>>wnr834bv2 section for recovering.


redhawk