Running latest Merlin on the now unsupported AC87U.
Remote access disabled.
Running nginx, openvpn server, AIcloud, which should be the only services open from WAN.
SSH, FTP and SMB shares not open from WAN.
A week ago my internet provider had some hw issues affecting a lot of customers. At the same time I was suddenly no longer able to connect with openVPN, or access the webservers that are using nginx.
I did however still have access to webcams on the LAN and still got notifications from my servers, so it was nginx and openvpn that failed..
Did not have access to router until yesterday, and after a reboot of the fiberbox and router, nginx worked again, but vpn was still not working.
The openVPN server would not start, it kept saying "initializing" and I found out that it was because it was trying to use this custom configuration

No other router settings has been changed.
So it seems my router has been hacked or am I wrong?
Is this a vulnerability in openVPN or the fw?
I have changed router password, deleted the etc folder and the file that "profile" referred to (called ntp). Everything works fine, including vpn server..
How can I know if the router fw (and maybe my servers on the LAN) has been compromised?
How do I prevent this from happening again?
Thanks for any help
Remote access disabled.
Running nginx, openvpn server, AIcloud, which should be the only services open from WAN.
SSH, FTP and SMB shares not open from WAN.
A week ago my internet provider had some hw issues affecting a lot of customers. At the same time I was suddenly no longer able to connect with openVPN, or access the webservers that are using nginx.
I did however still have access to webcams on the LAN and still got notifications from my servers, so it was nginx and openvpn that failed..
Did not have access to router until yesterday, and after a reboot of the fiberbox and router, nginx worked again, but vpn was still not working.
The openVPN server would not start, it kept saying "initializing" and I found out that it was because it was trying to use this custom configuration

No other router settings has been changed.
So it seems my router has been hacked or am I wrong?
Is this a vulnerability in openVPN or the fw?
I have changed router password, deleted the etc folder and the file that "profile" referred to (called ntp). Everything works fine, including vpn server..
How can I know if the router fw (and maybe my servers on the LAN) has been compromised?
How do I prevent this from happening again?
Thanks for any help
