Custom firmware build for R7800 v. 1.0.2.60SF

[cdysthe]

I am not able to get OpenDNS parental controls to work. I can set it up but no sites seems to be blocked. Is this supposed to work in this FW?

 

[kamoj]

I don´t know why it does not work for you.

You can try to use the Voxel's built-in dnscrypt with e.g. these (free) settings.

Create/edit the file /etc/dnscrypt.conf with these 1, 2 or all 3 of these lines:
adguard-dns-family-ns1
adguard-dns-family-ns2
cisco-familyshield

and reboot your router to use these servers.
(Similar to using "OpenDNS parental controls" servers.)

Router commands:

echo "" >/etc/dnscrypt.conf
echo "adguard-dns-family-ns1" >>/etc/dnscrypt.conf
echo "adguard-dns-family-ns2" >>/etc/dnscrypt.conf
echo "cisco-familyshield" >>/etc/dnscrypt.conf
reboot

To remove dnscrypt usage:

\rm /etc/dnscrypt.conf
reboot

You can install this information add-on to verify if it is working:
https://www.snbforums.com/threads/k...on-for-netgear-r7800-x4s-and-r9000-x10.48965/

 

[randytsuch]

Unfortunately looks like trick with updates1.netgear.com is not helping there. What is worse after every restart new OpenVPN keys are generated. Exact message is as follows:

<<Attention>> A new OpenVPN configuration package for your router is available that enhances your router’s security. You must update the OpenVPN configuration package for your router. Once the OpenVPN configuration package is updated, you must update the OpenVPN configuration package on all your clients; otherwise, your clients won’t be able to access your router using the VPN feature.

Any other idea?

I restarted my router over the weekend, and OpenVPN server still works for me, just checked. Not sure if I got that message or not, I didn't check any logs.

Randy

 

[percy3]

I restarted my router over the weekend, and OpenVPN server still works for me, just checked. Not sure if I got that message or not, I didn't check any logs.

Randy

Just to clarify OpenVPN message is the first thing that loads after logging into web interface. In order to get into normal interface one needs to click Update button.
Have you enabled OpenVPN server via web interface?

 

[randytsuch]

Just to clarify OpenVPN message is the first thing that loads after logging into web interface. In order to get into normal interface one needs to click Update button.
Have you enabled OpenVPN server via web interface?

I don't remember seeing any message, and would have remembered clicking an update button, strange.
I use chrome, although it shouldn't matter.

Here is how I enabled OpenVPN, think its the standard way.
https://sites.google.com/view/netgearr7800/openvpn

EDIT:
One more thing, I rebooted the router from the web page, so I was already in the web page, and maybe that made a difference. I didn't power cycle or restart from ssh.

 

[percy3]

I don't remember seeing any message, and would have remembered clicking an update button, strange.
I use chrome, although it shouldn't matter.

Here is how I enabled OpenVPN, think its the standard way.
https://sites.google.com/view/netgearr7800/openvpn

EDIT:
One more thing, I rebooted the router from the web page, so I was already in the web page, and maybe that made a difference. I didn't power cycle or restart from ssh.

I've even tried to erase config and configure only very basic things. Still the same. Do you recall what was your upgrade path? Which OEM/Voxel firmware versions you went through before reaching .60FS one?

 

[randytsuch]

I've even tried to erase config and configure only very basic things. Still the same. Do you recall what was your upgrade path? Which OEM/Voxel firmware versions you went through before reaching .60FS one?

This router is pretty new, got it about a month ago.

When new, I powered it up, did a basic setup to make sure it worked, then installed voxel 54 on it. I'm not sure what it came with.
After 54, I installed 60 as soon as it was confirmed to be working ok.

Randy

 

[kamoj]

Seems to be another bug in the Netgear code.
Sorry I don't have more time for some days now, so you need to do this yourself:
Try to change /www/vpn_confirm_update.htm at line 39:

                    <script>
                        if(isMd5)
                            document.write('<input class="apply_bt" type="submit" name="update_vpn_cert" id="update_vpn_cert" value="$update_mark">');
                        else
                            document.write('<input class="apply_bt" type="submit" name="update_vpn_cert" id="update_vpn_cert" value="$update_mark">');
                    </script>

to

                    <script>
                        if(isMd5)
                            document.write('<input class="apply_bt" type="submit" name="update_vpn_cert" id="update_vpn_cert" value="$update_mark">');
                    </script>

I am on 1.0.2.60FS version and after each restart I am getting from web interface prompt to update OpenVPN package. Is it possible to get rid of that message? How can I upgrade OpenVPN package?
percy

 

[percy3]

Seems to be another bug in the Netgear code.
Sorry I don't have more time for some days now, so you need to do this yourself:
Try to change /www/vpn_confirm_update.htm at line 39:

                    <script>
                        if(isMd5)
                            document.write('<input class="apply_bt" type="submit" name="update_vpn_cert" id="update_vpn_cert" value="$update_mark">');
                        else
                            document.write('<input class="apply_bt" type="submit" name="update_vpn_cert" id="update_vpn_cert" value="$update_mark">');
                    </script>

to

                    <script>
                        if(isMd5)
                            document.write('<input class="apply_bt" type="submit" name="update_vpn_cert" id="update_vpn_cert" value="$update_mark">');
                    </script>

Direction is good but your change is just hiding the Upgrade button and not getting rid of that nag screen.

Edit:

I believe I found the solution (although probably not the most elegant one):
disable VPN service from web interface
restart rooter
enable VPN service
from console:
mkdir /etc/openvpn/config
cp /tmp/openvpn/* /etc/openvpn/config
/etc/init.d/openvpn_check disable
/etc/init.d/openvpn disable
add cp /etc/openvpn/config/* /tmp/openvpn/ line somewhere at the begining of /etc/init.d/openvpn file
/etc/init.d/openvpn enable

In addition I am invoking /etc/init.d/openvpn restart from last init.d script

 

[ulaganath]

I am getting Ubiquti edge router x. Planning in a month to add on 2nd ISP may be as backup or loadbalancing .

What is best way to setup x4x under it. Separate network or Just as AP. I believe AP will be to limited and wont harness the power of the x4s. I want the full use .

Not sure if the edge can handle full GB speed even for local transfer . As most of the pc and nas is connected including TP eap225 is connected to x4s.

Only purpose of edge is dual WAN and possible vpn on either of wan permanantly. So that i will have one wan for local and one for preferred country.

 

[percy3]

Then you can try to add "nvram set wps_lock_down=1" as eg first line of the file /etc/rc.local

Still not making a difference. I guess this is just a lockdown due to too many incorrect PIN attemps. Instead I have placed following commands in /etc/init.d script:

        config set wps_status=1
        config set wla_wps_status=1
        config set wps_lock_down=1
        config commit

Now web interface is reporting WPS as not configured despite the fact Smart Connect is enabled.

 

[percy3]

Anyone having problems with OpenVPN config file for Windows (TAP one)? When I imported Windows config OpenVPN client is connecting to router but there is (almost) no communication. One or two pings are back. However importing config for smartphone (TUN one) works far better (although there are some packet losses too).
What is strange with TAP config virtual interface is showing that it is connected to guest network and not to the main one.
Any ideas?

 

[dadainnyc]

hey guys, i just installed voxel firmware on my r7800 and put shadowsocks on it. trying to use 443 for shadowsocks but it doesn't work as 443 has being taken......is there a way to use 443 or 80 for shadowsocks? thanks a lot

 

[sux]

Hello,

I am using Voxel firmware on my R7800 for a while, without an issue. Now I wanted to upgrade from 59SF to 60SF but every time (on every browser, with turned of QoS on the R7800, with turned off firewall and antivirus on my PC - Microsoft Security Essentials and Windows Firewall on Win7 64bit) the uploading of the firmware to the router fails, and I get this notification from my browser:

This site can’t be reached
The connection was reset.

Any help? Is there a way of upgrading without the web user interface?

I didn't reset the router yet.

 

[percy3]

Hello,

I am using Voxel firmware on my R7800 for a while, without an issue. Now I wanted to upgrade from 59SF to 60SF but every time (on every browser, with turned of QoS on the R7800, with turned off firewall and antivirus on my PC - Microsoft Security Essentials and Windows Firewall on Win7 64bit) the uploading of the firmware to the router fails, and I get this notification from my browser:

This site can’t be reached
The connection was reset.

Any help? Is there a way of upgrading without the web user interface?

I didn't reset the router yet.

I had similar issues with Duma OS. Try to use TFTP instead.
https://forum.openwrt.org/t/netgear-r7800-exploration-ipq8065-qca9984/285/4

 

[pege63]

Have you empty the CACHE memory in the browser?

 

[Voxel]

Have you empty the CACHE memory in the browser?

pege63 is right. Try to clear the cache.

Voxel

 

[Voxel]

hey guys, i just installed voxel firmware on my r7800 and put shadowsocks on it. trying to use 443 for shadowsocks but it doesn't work as 443 has being taken......is there a way to use 443 or 80 for shadowsocks? thanks a lot

Port 443 is used by uhttpd daemon by default (https connection to WebGUI). You can try to change this port modifying the file:

/www/cgi-bin/uhttpd.sh

(443 and 80 ports).

Voxel.

 

[dadainnyc]

Port 443 is used by uhttpd daemon by default (https connection to WebGUI). You can try to change this port modifying the file:

/www/cgi-bin/uhttpd.sh

(443 and 80 ports).

Voxel.

works like a charm. Thanks, Voxel!

BTW is there a .sh I can use to start process automatically at startup?

 

[Voxel]

works like a charm. Thanks, Voxel!

BTW is there a .sh I can use to start process automatically at startup?

Two ways:

1. Your own init script in /etc/init.d directory. See:

https://wiki.openwrt.org/doc/techref/initscripts

re: how-to.

2. Modification of /etc/rc.local script.

Voxel.