What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Can't speak for phone access, but I regularly access via Firefox and Chrome from a Linux laptop through the OpenVPN server without any problems.

Must've been network issues at my end..
 
Can't speak for phone access, but I regularly access via Firefox and Chrome from a Linux laptop through the OpenVPN server without any problems.
Yep for some reason openvpn is running really shirtty like shirt over 4g and hence the trouble opening the gui.. and it used to be just fine on 3g..weird.
 
  • Priorities not being set correctly when adding new entries
    Important: If you are using the bandwidth limiter with multiple entries, please remove and re-add all the entries such that the priorities can be set correctly.

Is this a new feature? I'm still running 17E8 and the bandwidth limiter doesn't have priority options. Can someone screenshot it for me?
 
Hi John just curious how this will effect your efforts with compiling your fork firmware. Is this something that may put an end to your work ? If it does I may as well throw my N66 in the garbage.

http://www.snbforums.com/threads/asus-firmware-will-change-the-verification-method.32357/
I was wondering when someone would put '2' and '2' together :)

To be honest, there isn't any info yet on how their implementation is going to work, so don't yet know what's going to happen going forward. As more info comes available, I'll figure out what I'm going to be doing and pass it on.

Hopefully, ASUS will announce in the release notes when their changes get implemented....but in the meantime if you like running this fork, I'd be careful about trying out any new ASUS releases.
 
Is this a new feature? I'm still running 17E8 and the bandwidth limiter doesn't have priority options. Can someone screenshot it for me?
No, not a new feature and nothing you can control. Basically, when you add or delete a bandwidth limiter rule, behind the scenes it adds a sequence number to the rule as it saves it to nvram. This sequence number is then used to generate id's for the tc qdisc rules. There was a bug, such that two rules could get assigned the same number, which made the tc rules inconsistent.
 
You can bet I won't be using any other firmware on my N66 except yours. I just hope these new implementations that Asus is about to release don't interfere with your work going forward. :)
 
I was wondering when someone would put '2' and '2' together :)

To be honest, there isn't any info yet on how their implementation is going to work, so don't yet know what's going to happen going forward. As more info comes available, I'll figure out what I'm going to be doing and pass it on.

Hopefully, ASUS will announce in the release notes when their changes get implemented....but in the meantime if you like running this fork, I'd be careful about trying out any new ASUS releases.

It's going to be interesting for sure...

It's going to be very interesting for those AsusWRT forks that people have rolled out for non-Asus HW...
 
I'd do the following....

- backup jffs and config in admin page (always a good idea)
- upgrade to 376.3626 ASUS release and give things about 5 min to stabilize afterwards
- upgrade to the V18B1 code and again give it a few minutes to stabilize
- restore your jffs and config from step 1
- check your CFE level on the Tools>SysInfo page and please report back if it changed

I have an RT-AC68U running firmware version: 374.43_2-15E5j9527

What is jffs and how do I back it up? There's no option to back it up on the admin page.
 
What is jffs and how do I back it up? There's no option to back it up on the admin page.
jffs is for user scripts and custom configuration files. If you haven't created any (and you would know if you had) then that area will be empty so there is no need to back it up.
 
hey guys,

I'm having an interesting issue getting my openVPN client to work with a certain config file.

the thing is, the client works fine with the config.ovpn that connects to the US server. however, speeds are way slow when I connect and use that VPN. So, I wanted to use another .ovpn config that connects to a different server location. anyway, here are syslog files related to each. (not going to include verb = 4 since they are long)

Code:
May  9 11:19:44 openvpn[1069]: OpenVPN 2.3.10 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Apr  9 2016
May  9 11:19:44 openvpn[1069]: library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.09
May  9 11:19:44 openvpn[1072]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May  9 11:19:44 openvpn[1072]: Control Channel MTU parms [ L:1585 D:1212 EF:38 EB:0 ET:0 EL:3 ]
May  9 11:19:44 openvpn[1072]: Socket Buffers: R=[118784->118784] S=[118784->118784]
May  9 11:19:44 openvpn[1072]: Data Channel MTU parms [ L:1585 D:1450 EF:85 EB:12 ET:0 EL:3 ]
May  9 11:19:44 openvpn[1072]: Local Options String: 'V4,dev-type tun,link-mtu 1585,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA384,keysize 256,key-method 2,tls-client'
May  9 11:19:44 openvpn[1072]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1585,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA384,keysize 256,key-method 2,tls-server'
May  9 11:19:44 openvpn[1072]: Local Options hash (VER=V4): 'ee91fef0'
May  9 11:19:44 openvpn[1072]: Expected Remote Options hash (VER=V4): '04b8b57e'
May  9 11:19:44 openvpn[1072]: UDPv4 link local: [undef]
May  9 11:19:44 openvpn[1072]: UDPv4 link remote: [AF_INET]158.69.126.96:1200
May  9 11:19:44 openvpn[1072]: TLS: Initial packet from [AF_INET]158.69.126.96:1200, sid=d7ce0004 82294fed
May  9 11:19:44 openvpn[1072]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
May  9 11:19:44 openvpn[1072]: VERIFY OK: depth=1, C=SE, ST=QQ, L=FrootTown, O=FrootOrg, OU=changeme, CN=changeme, name=changeme, emailAddress=mail@host.domain
May  9 11:19:44 openvpn[1072]: VERIFY OK: nsCertType=SERVER
May  9 11:19:44 openvpn[1072]: VERIFY OK: depth=0, C=SE, ST=QQ, L=FrootTown, O=FrootOrg, OU=changeme, CN=server, name=changeme, emailAddress=mail@host.domain
May  9 11:19:45 openvpn[1072]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May  9 11:19:45 openvpn[1072]: Data Channel Encrypt: Using 384 bit message hash 'SHA384' for HMAC authentication
May  9 11:19:45 openvpn[1072]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May  9 11:19:45 openvpn[1072]: Data Channel Decrypt: Using 384 bit message hash 'SHA384' for HMAC authentication
May  9 11:19:45 openvpn[1072]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
May  9 11:19:45 openvpn[1072]: [server] Peer Connection Initiated with [AF_INET]158.69.126.96:1200
May  9 11:19:47 openvpn[1072]: NOTE: Beginning empirical MTU test -- results should be available in 3 to 4 minutes.
May  9 11:19:48 openvpn[1072]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
May  9 11:19:48 openvpn[1072]: PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2607:5300:60:9360:c000::1007/67 2607:5300:60:9360:c000::1,dhcp-option DNS 192.99.237.193,redirect-gateway ipv6,redirect-gateway def1,route-ipv6 2000::/3,block-outside-dns,tun-ipv6,route-gateway 192.99.237.193,topology subnet,ping 10,ping-restart 160,ifconfig 192.99.237.201 255.255.255.224'
May  9 11:19:48 openvpn[1072]: Options error: unknown --redirect-gateway flag: ipv6
May  9 11:19:48 openvpn[1072]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: block-outside-dns (2.3.10)
May  9 11:19:48 openvpn[1072]: OPTIONS IMPORT: timers and/or timeouts modified
May  9 11:19:48 openvpn[1072]: OPTIONS IMPORT: --ifconfig/up options modified
May  9 11:19:48 openvpn[1072]: OPTIONS IMPORT: route options modified
May  9 11:19:48 openvpn[1072]: OPTIONS IMPORT: route-related options modified
May  9 11:19:48 openvpn[1072]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
May  9 11:19:48 openvpn[1072]: TUN/TAP device tun11 opened
May  9 11:19:48 openvpn[1072]: TUN/TAP TX queue length set to 100
May  9 11:19:48 openvpn[1072]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1
May  9 11:19:48 openvpn[1072]: /usr/sbin/ip link set dev tun11 up mtu 1500
May  9 11:19:48 openvpn[1072]: /usr/sbin/ip -6 addr add 2607:5300:60:9360:c000::1007/67 dev tun11
May  9 11:19:48 openvpn[1072]: Linux ip -6 addr add failed: external program exited with error status: 2
May  9 11:19:48 openvpn[1072]: Exiting due to fatal error

Any ideas on why it keeps exiting with the fatal error?

These two lines pop out to me:
Code:
May  9 11:19:48 openvpn[1072]: Options error: unknown --redirect-gateway flag: ipv6
May  9 11:19:48 openvpn[1072]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: block-outside-dns (2.3.10){/CODE]
 
Asuswrt's OpenVPN does not support IPv6.
 
Asuswrt's OpenVPN does not support IPv6.
I don't have ipv6 enabled... I'm unsure on why the client is trying to use ipv6

edit: wait, maybe the vpn server i'm attempting to connect to only uses ipv6 while the US server allows ipv4? (confirmed lol)
 
Last edited:
I don't have ipv6 enabled... I'm unsure on why the client is trying to use ipv6

Because the server is telling it to. You will have to see if IPv6 support can be disabled on the server.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top