What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Look, John- there is a "problem" with the y axis of the temp graph... :D:D:D

Cool (pun intended :D)

Pretty easy to change it a bit......from a range of 40-90C to 20-100C. And you still keep 1 degree resolution.
temps.JPG
 
Last edited:
Depends on your level of paranoia and annoyance with the message :)
The client by default caches your credentials to speed up auth renegotiatons. If someone were to hack your client, they could conceivably do memory dumps and get your credentials.

For me, I got tired of seeing the message, so set the auth-nocache option

BTW - It also shows up when running the OpenVPN client on the router.
I guess in our cases (as I agree with you it's more annoying than anything else), that's all we are really accomplishing with this. Because, if someone has access to the router, there are two much easier ways to get these credentials, one is the "up" file, and two would be a simple nvram dump.

I think you use PIA as well, seen any issue with auth-nocache? I have been using it only over the past few weeks, and so far no issues. But with your recent releases, I have only have a max of about 1 week uptime. So not sure if that's long enough for PIA to strong arm....
 
And I just noticed for the second time that phones (my laptop seemed fine) lose connectivity for a few seconds every couple of minutes.
Very annoying when playing online.

Hi John, I have an issue since 374.43_2-23E3j9527.
One of m devices (my linux satellite receiver) after a while loses internet connectivity.
It is actually connected to the router and has the usual local IP, but cannot get out.
A router reboot solves it.

I sent you a PM with the syslog.
 
Hi John,

Just noticed something in the Web Gui under the VPN option. Not sure if this is correct or not. In the VPN status tab it shows the user connected and all the info associated with that connection. However under the VPN Server tab it shows the same user as disconnected. See below for visual. Thanks John

upload_2017-3-29_10-7-14.png


upload_2017-3-29_10-7-49.png
 
Hi John,

Just noticed something in the Web Gui under the VPN option. Not sure if this is correct or not. In the VPN status tab it shows the user connected and all the info associated with that connection. However under the VPN Server tab it shows the same user as disconnected. See below for visual. Thanks John

That'd be normal if you don't use user/password-based authentication but strictly certificate-based authentication.
 
That'd be normal if you don't use user/password-based authentication but strictly certificate-based authentication.
I'm currently using username/password authentication only if that helps with the Auth. only option set to NO..nothing fancy. See below. Thanks very much.

upload_2017-3-29_11-43-17.png
 
I see a couple of folks have loaded the beta with Busybox 1.25.1 on AC68's. Anybody with an N18, N66 or AC66 tried it?

I could load it up on my n66u if needed but would only be possible after i get home after a week.
 
That'd be normal if you don't use user/password-based authentication but strictly certificate-based authentication.
Actually, that's the way I run (cert only) and the client name shows as 'UNDEF' for me.
 
What happens if you define another username other than 'admin' and connect with that?
Hi John,

Same issue occurs whether you use the admin account or an account created manually. VPN works fine it's the visual on that page that is incorrect. Thank you.
 
Always room for improvement when there's thousands of lines of code.

I commend you for sticking with it @john9527 , this is becoming an increasingly important build for it's stability and cleanliness... Just saying....
 
Hi @john9527, is there a possibility to resize the JFFS partition? With the latest stable firmware installed, if I enable the second OpenVPN server (so both OpenVPN servers are running) and add more than one line of customization in the custom configuration field, the exclamation mark in the top right of the webconsole suddenly notifies me that the NVRAM usage is too high.

NVRAM usage 62467 / 65536 bytes (95% utilized)
JFFS partition: 0.69 / 13.50 MB

If I have only one line in the custom configuration, the exclamation mark is gone and the NVRAM usage is probably just below the threshold: 62430 / 65536 bytes (95% utilized)

I don't need such a large JFFS partition. Can I give back some of the JFFS space to the system? It is not a problem if the JFFS is completely removed, I can recreate the scripts easily. I tried disabling the JFFS partition, but nothing changed. Or maybe there is another solution?
 
@john9527 , you're U.S. based. What DNS Crypt resolvers do you use? I am thinking about setting up DNS Crypt this weekend.
Here's the settings I use. I throw everything on to make sure it all works :)

Start out withe the Strict DNSSEC enforcement unchecked....then after you have it working you can check it (with that checked, if you inadvertently use a non-DNSSEC enabled server, you'll lose intenet access since all DNS replies will be rejected)
dnscrypt.JPG
 
I don't need such a large JFFS partition. Can I give back some of the JFFS space to the system?

Sorry, they're not interchangeable.

But, you can manually move all your openvpn certs to JFFS to free up nvram space......

First, copy the certs to JFFS. I' recommend using a directory structure to keep things organized. For example, here are my ca certs...you get the idea. Copy all your certs this way with appropriate names.
Code:
/jffs/openvpn/server1/ca.crt
/jffs/openvpn/client1/ca.crt
/jffs/openvpn/client2/ca.crt
Remember to copy only from the ***BEGIN to ***END inclusive into the file.

Next, using the gui, remove the certs, but enter something. I put the location there like this. Remember to hit Save after making the change.
jffs_ca.JPG


Then, add a line to the custom config section that points to the certs on JFFS....again an example of ca.crt.
config_ca.JPG


Hit Apply and you're done (with some additional NVS space)
 
Here's the settings I use. I throw everything on to make sure it all works :)

Start out withe the Strict DNSSEC enforcement unchecked....then after you have it working you can check it (with that checked, if you inadvertently use a non-DNSSEC enabled server, you'll lose intenet access since all DNS replies will be rejected)
View attachment 8915
Awesome, thanks.

Well, I am going to go a slightly different route. I will be trying to set it up on my pi-hole instead of the router itself (since I have those "alien martian packets" and the issue with DNS on OpenVPN because of pi-hole). Just wanted to know what servers you were using since I also am state side.
 
Installed 374.43_2-23E3j9527
Just noticed I am now unable to reach my PC via <IP>:<port> established via RDP. I have established a rule that has worked since I got the Asus. I will supply logs and general info if needed. I have rebuilt, deleted and rebuilt the rule and rebooted all I have and still cannot connect.

Setup
Main AP = RT-ac68u 374.43_2-23E3j9527
Wireless Bridge = RT-ac66u 374.43_2-23E3j9527

RDP forwards to PC on Wireless bridge

Only thing I have yet to do is factory default each...
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top