I don't see any options to upload my certs somehow... I've looked everywhere but thought it was under that page at some point... Am I missing something???That feature wasn't removed.
I don't see any options to upload my certs somehow... I've looked everywhere but thought it was under that page at some point... Am I missing something???That feature wasn't removed.
I don't see any options to upload my certs somehow... I've looked everywhere but thought it was under that page at some point... Am I missing something???
Asuswrt-Merlin 382 Changelog
============================
382.2 Beta (xx-xxx-xxxx)
- NOTE: The official IRC channel has moved to
Freenode (#asuswrt).
- NEW: Merged with GPL 382_18991.
Most notable changes (will vary between models):
- Added IPSec VPN server
- Added IFTTT and Alexa support
- Let's Encrypt support (DDNS page)
- Better support for some longer settings (RT-AC86U)
- NEW: Merged HND SDK + binary components from 382_18848
(RT-AC86U)
- NEW: Added IPSec VPN status on the VPNStatus page.
- NEW: Added support for RT-AC56U and RT-AC68U
(and all of its variants)
- NEW: Enabled support for Let's Encrypt on RT-AC56U and
RT-AC68U (in addition to RT-AC88U/3100)
- CHANGED: Moved HTTPS cert management to the DDNS page (where
Asus has put theirs, as Let's Encrypt is tied to
the DDNS configuration)
Jan 3 07:01:14 kernel: ERR[update_qos_data_by_mac:3568] Failed to find udb entry by skb src-MAC!
WAN > DDNS
It was moved. This was detailed in the change log. Last line below from change log excerpt.
If you can, use letsencrypt it may not be available on your model though. Located on the DDNS page.so anyone else having problem where you generate a certificate, WAN > DDNS, add it to in my case (keychain) as using mac, shows secure in browser but once you reboot router a new certificate is generated so get insecure again unless i add new generated certificate at bootup to keychain? it's not persistent after reboots. cheers.
If you can, use letsencrypt it may not be available on your model though. Located on the DDNS page.
Yes web access to wan needs to be enabled but I find that if you assign an obscure port like in the 10000 range or higher and allow only HTTPS connections. I have yet to have had a scan on mine it just works real well.yeah it's there but to use lets encrypt would i need to enable 'Enable Web Access from WAN' ? i keep that setting disabled. i just like having secure connection to router (https) when logging in to router on lan side not wan hence a self signed one always been fine before. certificate just seems to regenerate a new one at reboot, is this a bug or something?
When setup you use HTTPS connection locally as well.yeah it's there but to use lets encrypt would i need to enable 'Enable Web Access from WAN' ? i keep that setting disabled. i just like having secure connection to router (https) when logging in to router on lan side not wan hence a self signed one always been fine before. certificate just seems to regenerate a new one at reboot, is this a bug or something?
When setup you use HTTPS connection locally as well.
IMHO: I'm sorry but I don't see any problem with http access on the lan. Why would you want https on your own network. The router is password protected which can be made as complex as required.think we getting our wires crossed, to use let's encrypt you have to enable 'Enable Web Access from WAN'. I don't want to enable it, i only login to my router via lan hence a self signed one generated by router does me fine but it just regenerates a new one when router reboots. I choose let's encrypt and got all kinds of problems with the ui not loading properly etc because i did not enable 'Enable Web Access from WAN'.
IMHO: I'm sorry but I don't see any problem with http access on the lan. Why would you want https on your own network. The router is password protected which can be made as complex as required.
enabling wan access to router is not secure in my opinion, i use openvpn and access lan and router via openvpn externally, i know there is nothing wrong with http access on lan but i still like to use https, my password is complex but that means nothing if someone on my wifi is sniffing the packets with summit like wireshark if using http instead of https on router, i know it will not happen i know what's on my network etc but i'm just a security concious i guess, i'll see what merlin says, on 380.69 the certificate was persistent and did not regenerate after reboots on 382.2 Beta it just regenerates a new one. Thanks for your time though
Agreed, I don't allow WAN access to my router either and use the locally generated/signed cert but I am not seeing the regeneration issue you are. What model are you running? Did you do a Factory Reset when updating to the new beta? I factory reset mine and I'm not experiencing it regenerating on reboots.
when i was on version 380.69 and below when i rebooted router the ssl certificate stayed the same so when accessing web gui it showed green (https), i did full router reset and upgraded to 382.2 beta, every time i reboot router a new certificate seems to be created so i get the not secure in browser, i use mac and added certificate to my keychain like i always have before and it shows green until router is rebooted and a new one seems to be generated, is this a bug or some change?
Should we be concerned are there any fixes being considered? Thanks I know you're busy I don't want to be a bother.
This is known. The certificate location has changed to be in sync with Asus's new code, so you have to generate/reupload your certificate.
The RT-AC86U is the only model with jffs-stored nvram.
Overclocking through nvram hasn't been supported for a few years now. The value from the bootloader gets copied to nvram at boot time.
Maybe the bash scripts help you .-) , especially services-stop and services-start:Looks like over clocking is broken with this beta on a RT-AC68U
Steps:
upgraded to 382 beta 2
Factory restet
Configured to desired settings
Login via ssh
nvram get clkfreq reports 800,666
nvram set clkfreq=1200,800 (previously working stetting with 380.xx release)
nvram commit
reboot
After reboot, still reads 800,666.
Anyone else see this?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!