It's all working now with OpenVPN Connect for Android 1.1.23
Also MAKE SURE your Server and Client certs are NOT signed with the MD5 signature hash-algorithm.
This is not allowed anymore with the new OpenVPN Connect for Android.
@john9527 What is the default if you let the router generate certs?
I grabbed the new EasyRSA (3.0.3) and generated all new certs and keys.
When I compared with the old stuff it seems I indeed used Server and Client certs with MD5 signature hash-algorithm.
The new generated certs are all sha256 signature.
You can find easy-rsa here.
No, see post #1.Forgive my ignorance here...
Is this the latest firmware for a "RT-N66R" router, since Merlin has focused on other models?
This is an LTS (Long Term Service) fork of Asuswrt-Merlin based on 374.43_2. This older code base has a history of being very stable, and some of the older code components may perform better in some environments. It may be a good choice for those who desire a 'set it and forget it' router solution. Additional information on the differences between this firmware and the later Asuswrt-Merlin releases can be found following the recent change highlights.
Maybe you should have updated to the latest version rather than one that's over 2 years old.After updating my neighbor’s RT-AC66U to fork V14.1 i cant log into the web setup page with my old username and code not even admin/admin
Maybe you should have updated to the latest version rather than one that's over 2 years old.
[emoji1315] so No problem going from v14.1 to latest [emoji780][emoji1315]
Sent from my iPhone using Tapatalk
i used XCA for that
is EasyRSA better?
The NAT(HW) acceleration status is on the Tools>Sysinfo page, and is set on the LAN>Switch Control page. On routers that don't have FA mode (like the N66), it will show as Enabled or Disabled.The only difference it had NAT Acceleration = Auto (CTF enabled). But Fork have no such options.
Hello, John.The NAT(HW) acceleration status is on the Tools>Sysinfo page, and is set on the LAN>Switch Control page. On routers that don't have FA mode (like the N66), it will show as Enabled or Disabled.
What type of WAN connection do you have? DHCP or PPPoE?
The only thing I can think of is that you log into the router with SSH and run top. Then perform your speed tests and note the CPU usage. If the CPU is at 100% (probably classified as sirq) then that would indicate that hardware acceleration isn't being used (despite what the webUI says).As I wrote above I have LAN>Switch Control->NAT Acceleration = Enabled.
And Tools - System Information->HW acceleration says Enabled.
The only thing I can think of is that you log into the router with SSH and run top. Then perform your speed tests and note the CPU usage. If the CPU is at 100% (probably classified as sirq) then that would indicate that hardware acceleration isn't being used (despite what the webUI says).
Mem: 222752K used, 32904K free, 5172K shrd, 127208K buff, 53204K cached
CPU: 0.5% usr 2.5% sys 0.0% nic 44.3% idle 0.0% io 0.0% irq 52.4% sirq
Load average: 0.27 0.13 0.08 4/78 19100
PID PPID USER STAT VSZ %VSZ CPU %CPU COMMAND
Here are top processes:
PID PPID USER STAT VSZ %VSZ CPU %CPU COMMAND
3 2 admin RWN 0 0.0 0 49.9 [ksoftirqd/0]
375 1 admin S 1296 0.5 0 11.7 /usr/sbin/acsd
319 1 admin S 2744 1.1 0 5.5 /sbin/wanduck
380 378 admin S 656 0.2 0 3.1 /usr/sbin/bcrelay -i br0 -o ppp1[0-9].* -n
One more test:
PID PPID USER STAT VSZ %VSZ CPU %CPU COMMAND
3 2 admin RWN 0 0.0 0 46.2 [ksoftirqd/0]
4 2 admin SW< 0 0.0 0 23.8 [events/0]
375 1 admin R 1296 0.5 0 11.2 /usr/sbin/acsd
1057 341 admin S 1344 0.5 0 6.1 dropbear -p 192.168.197.1:22 -I 1200 -j -k
319 1 admin S 2744 1.1 0 3.3 /sbin/wanduck
380 378 admin R 656 0.2 0 3.3 /usr/sbin/bcrelay -i br0 -o ppp1[0-9].* -n
363 1 admin S 2744 1.1 0 2.1 watchdog02
1063 1058 admin R 1456 0.6 0 1.2 top
Another test:
PID PPID USER STAT VSZ %VSZ CPU %CPU COMMAND
353 1 admin R 4416 1.8 0 61.4 httpd
375 1 admin R 1296 0.5 0 19.7 /usr/sbin/acsd
1057 341 admin S 1344 0.5 0 8.2 dropbear -p 192.168.197.1:22 -I 1200 -j -k
319 1 admin S 2744 1.1 0 4.1 /sbin/wanduck
380 378 admin S 656 0.2 0 2.9 /usr/sbin/bcrelay -i br0 -o ppp1[0-9].* -n
3 2 admin RWN 0 0.0 0 1.3 [ksoftirqd/0]
1063 1058 admin R 1456 0.6 0 1.1 top
327 1 admin R 1444 0.6 0 0.5 protect_srv
326 1 admin S 6552 2.7 0 0.0 /usr/sbin/haveged -r0 -w1024
361 1 admin S 2752 1.1 0 0.0 watchdog
1 0 admin S 2752 1.1 0 0.0 /sbin/init noinitrd
363 1 admin S 2744 1.1 0 0.0 watchdog02
It's hard to catch with http://beta.speedtest.net. But it seams httpd & dropbear use most CPU during download and upload.
On Merlin's RT-N66U_380.68_4 I also got CPU usage close to 100% during speedtests. But I didn't note what process is using processor.
@stalker780 A 15 second sample rate might be bit too long, we're more interested in the peak CPU usage rather than an average.
What do you see on the 2nd (CPU: ) line of the top output during download?
EDIT: When you do your tests make sure you have turned off your VPN and you are using a wired connection, not wireless.
I was actually interested in the sirq rather than the CPU usr/sys. You can see it is at nearly 100% which would indicate that it is not using hardware acceleration. Did you disable your VPN, as that was consuming some CPU time in your earlier post?CPU shows not more than 4% during tests. Of course I test wired connection.
CPU: 2.7% usr 0.9% sys 0.0% nic 0.9% idle 0.0% io 0.0% irq 95.4% sirq
Yes. VPN Server is off.I was actually interested in the sirq rather than the CPU usr/sys. You can see it is at nearly 100% which would indicate that it is not using hardware acceleration. Did you disable your VPN, as that was consuming some CPU time in your earlier post?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!