Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. C

    Need to extend building wifi into private network on different subnet

    Do a search for "wireless Internet service provider (WISP) client router"
  2. C

    I can ssh to my router from guest wifi network

    Are you saying this has gotten broken again by Asus? From your change log:
  3. C

    Need feedback on proposed rule for state INVALID check in iptables

    Well I got my configuration to fail / work on demand. My problem was with the order of my tests. If I tested with ping or a UDP application first, then the TCP application worked too. You have to test with TCP first which shows the failure. Everything I tried works with the new rule in place...
  4. C

    Computers won't connect to my SSID

    Likely your normal SSID contains special characters. You are best to use between 2 to 31 characters from only a-z, A-Z,0-9 for max compatibility with various implementations (manufactures and models) of the WiFi standard. For example, Cisco says about the SSID for their devices In this text...
  5. C

    Router web accessibility from WAN/internet when an openvpn client is running

    Attached is a script to secure your VPN to a public server. You can NOT run it manually. It picks up the VPNdevice for the argument to the script, so should work if you decide to change your VPN to from tap to tun mode. It puts one line into the syslog file to inform you that security is set...
  6. C

    Router web accessibility from WAN/internet when an openvpn client is running

    I would like two more items from your syslog file. Did the firewall-start script happen before or after the the openvpn-event script_type=up at boot time? Did the firewall-start script happen again between the down and up of the vpn?
  7. C

    Parental control not working via wireless

    Did you look at the MAC address of the device when connected by WiFi? To block most machines, you need two entries since the wired interface uses a different MAC address than the wireless interface. The two MAC addresses means that the machine will also get different IP addresses based on the...
  8. C

    [SOLVED] Openvpn and Encryption cipher = None: Not working

    I don't know if this is a problem, but does not the encryption have to match the servers? Apr 16 18:38:09 openvpn[956]: WARNING: 'cipher' is used inconsistently, local='cipher [null-cipher]', remote='cipher BF-CBC' Also be aware of this thread about using VPN to a public server...
  9. C

    Mixing WiFi and Ethernet?

    The high traffic was likely caused by broadcast storm. That can happen when you have a loop in your network. What should stop it a protocol called Spanning Tree Protocol (STP) which I had expected would be on your router. When you inserted the switch, it likely had STP enabled, detected the...
  10. C

    Need feedback on proposed rule for state INVALID check in iptables

    There was also a discussion about that time about splitting off the malformed packet check from the conntrack's connection status. I think we will see a new "state" in future versions of the conntrack module that just checks for the malformed packets. Until then we are stuck with using...
  11. C

    Need feedback on proposed rule for state INVALID check in iptables

    My justification for not using the negative check: My logic was to have the check only on the interface that hackers from the Internet could use. If a VPN server is configured, it's port is still on the Internet interface. To get through to the VPN interface, which will be encrypted, the...
  12. C

    Mixing WiFi and Ethernet?

    Would need to see your routing table to be sure, but I think your problem is the WiFi and the wired ports are on the same subnet. If the WiFi is on 192.168.1.0 network, then put the static IP addresses on the wired connection into another network say 192.168.55.0. You don't need to set a...
  13. C

    Need feedback on proposed rule for state INVALID check in iptables

    Hi Some configurations containing multiple LAN networks (either multiple routers or a inside VPN server) are having problems with connections between the local networks and devices on the private network of the gateway router. A fix to this problem is to completely delete the INVALID checking...
  14. C

    schedule based firewall script is not accurate

    Just noticed that your script. The part locating the rules is using "INPUT" while the rules are being inserted into "FORWARD". My mistake, sorry ... Change the "INPUT" to "FORWARD" everywhere.
  15. C

    [Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

    Searching ... I did find this thread from Jun 2013 http://www.snbforums.com/threads/static-routes-not-working-as-expected-in-asuswrt-merlin.11429/ And post #12 in that thread describes the flow of packets over an asymmetric path that creates their problem. For a VPN an asymmetric path is a...
  16. C

    Router's web interface via ipv6

    First why would you look to the ipv4 page to set your ipv6 address? The ipv6 LAN address is over on the ipv6 page and if you got your ipv6 network automatically, it is also set automatically. Second you do not want to disable ipv4 on your network because: 1) Not all of the applications on your...
  17. C

    [Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

    You should not delete the INVALID state rule. I believe one of it's purposes is to block invalid packets that hackers use like xmas configured packets. I should tell you that my network is subneted over two routers and I can print from one subnet to a printer in the other IPV4 subnet with no...
  18. C

    [Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

    Could you explain this "local subnet forwarding" option maybe with an example? How is it different than a static route on the LAN - Route tab?
  19. C

    Access point with DHCP

    We need a lot more information on your desired configuration. Normally an Access Point is connected to a network which already has DHCP running. A second DHCP on the same network only causes problems. Access Point mode is one of the factory configured modes that you can select from the Asus...
  20. C

    Router web accessibility from WAN/internet when an openvpn client is running

    Attached is a script to do what you are doing now. I have added one more rule that might keep the VPN connection open. It allows UDP port 1194 to be open to the Internet. Also added a new chain (sickbird) to get a sample log of the packets dropped from the VPN. The script is designed to be...
Top