OpenVPN setup screen - couple of issues

[tundrwd]

I haven't used my OpenVPN setup (server) for a while, but after updating to 378_50 today, noticed a couple of things:

First, under the server, I see a user now I never added. Coincidentally, this user (without a password), is also the username used to login to the router for admin purposes. The screenshot below shows what I'm talking about:

Note the red oval around the User Name - and no password. I've never built more than one user - so this appears to be some data index/overlay issue? And I can't delete that entry either - note there's no minus sign in a circle to remove it.

Second - the VPN wouldn't start, I kept getting errors about an overlap in the DHCP and VPN range. When trying to correct, I no longer see the VPN IP range that used to be there for anyone using the VPN. Now just an IP subnet/mask. When I changed from 192.168.1.0/255.255.255.0 to 192.168.0.0/255.255.255.0, it would allow me to save - but not with the original 192.168.1.0/255.255.255.0.

My DHCP range is 192.168.1.15-192.168.1.150

 

[RMerlin]

I haven't used my OpenVPN setup (server) for a while, but after updating to 378_50 today, noticed a couple of things:

First, under the server, I see a user now I never added.

Right here, your post is raising a red flag for me: you're supposed to do a factory default reset after flashing 378.50. It's in the changelog, and also in the dedicated release thread here on the forums.

 

[tundrwd]

Ok,

However, the documentation (in order you'd read it) says:

"Installation
------------
Simply flash it like any regular update. You should not need to
reset to factory defaults (see note below for exceptions).
You can revert back to an original Asus firmware at any time just
by flashing a firmware downloaded from Asus's website."

I realize the changelog is there - but it would be FAR more convenient to have it "right up top". Or - put the changelog in a separate file. Far easier to find than scrolling nearly halfway through a readme document.

 

[netware5]

This is not something new. I always had this on my OpenVPN server setup screen. I don't know what that mean, but it stays there even my OpenVPN configuration is with certificates and username/password is disabled and I never configured it after the FW upgrade followed by factory default reset. BTW this artifact is seen only if the setup screen is in "General" mode. If you switch to "Advanced" mode it disappears.

 

[tundrwd]

Ok - having now gone through 2 hard resets and configs of the router, the same problem persists. The admin login name for the router appears as I've shown above.

I've confirmed on 3 different browsers, Safari, Chrome and Firefox. And on a Windows PC with IE just to be sure. (Oh, the screenshot shown above is from Chrome).

There IS some issue with this screen and a conflict with the admin user.

 

[faria]

Chiming in to confirm that indeed it appears in my routers too, I can't remember when it appear but I can confirm it has been there a long time.

 

[RMerlin]

Ok,

However, the documentation (in order you'd read it) says:

"Installation
------------
Simply flash it like any regular update. You should not need to
reset to factory defaults (see note below for exceptions).
You can revert back to an original Asus firmware at any time just
by flashing a firmware downloaded from Asus's website."

Please read the WHOLE installation section. Also, what the second sentence of your quote says.

I'm not going to repost the same information in five different places, sorry.

 

[RMerlin]

The router's admin user has always been there by default. It's nothing new, it's intentionally done by Asus. If you disable user/pass authentication then it simply won't be used.

 

[tundrwd]

Please read the WHOLE installation section. Also, what the second sentence of your quote says.

I'm not going to repost the same information in five different places, sorry.

Never asked for it to be reposted in 5 different places. Just in a separate changelog.txt file like so many others. Also - if the above has become irrelevant, due to needing to always read the changelog - why not eliminate it? It is now incorrect.

Yep - my fault. Too many 16 hour days, and over the last year, I've been trying to keep up with patches as they come out due to all the issues being discovered.

I was tired, and hit "Installation" and brain quit. So - my fault? Yep, no question. But it would help to remove redundant and now useless information, and make it easier and faster to look over the relevant changelog.

 

[nug]

The router's admin user has always been there by default. It's nothing new, it's intentionally done by Asus. If you disable user/pass authentication then it simply won't be used.

Is it possible to disable the admin account from accessing the VPN without disabling user/pass authentication?

 

[RMerlin]

Is it possible to disable the admin account from accessing the VPN without disabling user/pass authentication?

No. Why?

 

[nug]

I've been trying to setup two factor authentication and I thought I needed the user/pass authentication option enabled. Turns out I don't, so it's all good.