What's new

[Release] Asuswrt-Merlin 380.65 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Facing issue with VPN with this version. AC66U
Downgraded to 63_2 and import VPN again, no issue connecting to either 2.4 servers or 2.3 servers then upgrade to 64_2, still no problem in connecting using the same client ovpn. Upgrade to 65, all 3 imported ovpn that was working in 63 and 64 is able to connect to all the servers but no internet traffic from the router to the vpn. SSH to router and ping vpn ip fail and ping via ip or dns also failed. Downgrade again to 64_2 and here I am able to send this reply after connecting to the VPN. My Client ovpn does not use any of the 2.4 options yet so I don't think that will cause any backward compatibility, yet. I wanted to use this latest version to rollout 2.4 to all the users but looks like have to put this on hold until can figure out whats broken.
 
Last edited:
ac68u

VPN is not working. Tried disabling Cipher Negotiation but still not working

Code:
Feb  4 19:39:44 openvpn[2521]: VERIFY X509NAME ERROR: C=US, ST=CA, O=Fort-Funston, CN=server_v1, emailAddress=me@myhost.mydomain, must be server
Feb  4 19:39:44 openvpn[2521]: OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Feb  4 19:39:44 openvpn[2521]: TLS_ERROR: BIO read tls_read_plaintext error
Feb  4 19:39:44 openvpn[2521]: TLS Error: TLS object -> incoming plaintext read error
Feb  4 19:39:44 openvpn[2521]: TLS Error: TLS handshake failed
Feb  4 19:39:44 openvpn[2521]: SIGUSR1[soft,tls-error] received, process restarting
Feb  4 19:39:44 openvpn[2521]: Restart pause, 160 second(s)
Feb  4 19:40:00 cstats[473]: Problem loading /mnt/sda1/logs/tomato_cstats_382c4acbd280.gz. Still trying...
Feb  4 19:40:00 rstats[470]: Problem loading /mnt/sda1/logs/tomato_rstats_382c4acbd280.gz. Still trying...

Something wrong with the certificates. Try disabling "Verify Server Certificate" to see if it helps.
 
Short question about driver:
On Tools page on my RT-N66U i see this:
wl0: May 12 2016 14:15:11 version 6.30.163.2002 (r382208)
what kind of driver is this?

I don't understand your question, sorry. This is the wireless driver, not sure what you mean by "what kind".
 
Another release with even worse issues connecting to webui from iOS and macOS devices. In previous releases I had issues with Safari but Chrome worked OK. Now I cannot even connect with all these browsers. The only way I found is to use Edge in my Windows VM in Parallels. What could I break?
 
I don't understand your question, sorry. This is the wireless driver, not sure what you mean by "what kind".
Thanks! That is what i wanted to know - what this driver does. So it is a wireless driver then.
 
RT-AC68U
Network Map -> MAC and IP address Binding -> Apply.
After Apply action I see "miniupnpd: add_filter_rule() : chain FUPNP not found" and LAN->WAN are not work.

SYSLOG:
Code:
Feb  5 11:10:55 rc_service: waitting "stop_upnp" via ip-up ...
Feb  5 11:10:55 miniupnpd[2710]: shutting down MiniUPnPd
Feb  5 11:10:57 miniupnpd[2729]: HTTP listening on port 36256
Feb  5 11:10:57 miniupnpd[2729]: Listening for NAT-PMP/PCP traffic on port 5351
Feb  5 11:11:44 miniupnpd[2729]: add_filter_rule() : chain FUPNP not found

Solution: reboot the router.
 
Successfully updated on my N-66U (Repeater mode) and AC-68U. On the latter I still need to manually restart the NFS daemon, otherwise clients cannot connect. But that was the case with the previous FW as well.

I have the same NFS issue on my AC-68U. I hope to see this issue solved ASAP. It is really annoying.

Everything else is working perfectly on my side.
 
I've wait for 2 days to update from 64.2 to 65 because I espected some difficulties.
But after update process the router works fine with OpenVPN, instant connection to VPN provider IPVanish.
The manual settings I did in 64.2 was just good to work with 65.

Thanks Merlin!
 
In your OpenVPN server configuration are you using TCP or UDP as the Protocol? Default is UDP. I noticed that iOS is reporting TCP. It looks like you might be running an older version of the iOS app as well, the log files in mine report OpenVPN core 3.1.2 and yours is reporting 3.0. The latest OpenVPN iOS client is currently 1.1.1 build 212. I noticed that the last update didn't update correctly on my iPhone so you might need to delete the app and reinstall and then import your settings again.
Thanks for noticing the TCP / UDP difference.

That seems to have been the reason for the firewall blocking. I'm running on TCP due to some old strange clients. After changing the server to TCP everything seems to be working just fine with .65 :)

And the OpenVPN client on the iOS device could not update normally with just checking for updates in App Store. So had to uninstall and reinstall the app, and then I'm up to date there as well.
 
For other Torguard customers...

Following the advice of @Zirescu I used the VPN Configuration generator at the TorGuard site: https://torguard.net/tgconf.php?action=vpn-openvpnconfig

Select the ASUS option
Pick the server you want to use
VPN Protocol: udp
VPN Cipher: AES-128-CBC|SHA256(1912)
Require TLS 1.2: Checked

Then click the Generate Config and it will download. You can then import it. You will just need to supply your username and password and change "Redirect Internet Traffic" option on the web gui. @Zirescu said he removed the additional MTU setting in the Custom Config area as it's not necessary and just used the following:

remote-cert-tls server
setenv CLIENT_CERT 0

I got it to work, for awhile....throughput performance is terrible for me with the cipher BF-CBC. I need to use no encryption for my needs as I am very far away from my server in North America. Any encryption makes my tunnel too slow for my needs. Anyway, I then got it to work with no encryption using the same config generator. I started playing with additional config parameter and could never get it working again. I ran out of time and reverted to 380.64_2 for now.

I'm am leaving for a holiday Tuesday morning and will have to let things stay as they are until I return in three weeks.
 
Another release with even worse issues connecting to webui from iOS and macOS devices. In previous releases I had issues with Safari but Chrome worked OK. Now I cannot even connect with all these browsers. The only way I found is to use Edge in my Windows VM in Parallels. What could I break?

I ran into difficulties logging into the web UI in Safari on my macbook Pro after I enabled HTTPS. I found similar difficulties with Firefox and chrome. I finally got it working in Firefox when I go directly to https://192.168.1.1:8443/Main_Login.asp. If you don't specify /Main_login.asp it will not work in any of the three browsers. Perhaps this is common knowledge but I just started using this yesterday :)

Edit: I failed to mention my router is rt–ac68w.

Here is a screenshot of what I was getting in Safari last night.
https Login Error.png
 
Facing issue with VPN with this version. AC66U
Downgraded to 63_2 and import VPN again, no issue connecting to either 2.4 servers or 2.3 servers then upgrade to 64_2, still no problem in connecting using the same client ovpn. Upgrade to 65, all 3 imported ovpn that was working in 63 and 64 is able to connect to all the servers but no internet traffic from the router to the vpn. SSH to router and ping vpn ip fail and ping via ip or dns also failed. Downgrade again to 64_2 and here I am able to send this reply after connecting to the VPN. My Client ovpn does not use any of the 2.4 options yet so I don't think that will cause any backward compatibility, yet. I wanted to use this latest version to rollout 2.4 to all the users but looks like have to put this on hold until can figure out whats broken.
Upon further testing and ssh to the router, it seems pre 2.4 options may no longer be working on the 2.4 if its stated as deprecated, you need to check the ovpn from your provider line by line against openvpn 2,4 manual and replace the obsolete with the newer option.
 
I ran into difficulties logging into the web UI in Safari on my macbook Pro after I enabled HTTPS. I found similar difficulties with Firefox and chrome. I finally got it working in Firefox when I go directly to https://192.168.1.1:8443/Main_Login.asp. If you don't specify /Main_login.asp it will not work in any of the three browsers. Perhaps this is common knowledge but I just started using this yesterday :)

Edit: I failed to mention my router is rt–ac68w.

Here is a screenshot of what I was getting in Safari last night.
View attachment 8458
The problem is weird and most probably has nothing to do with this firmware or everything to do with firmware httpd. Both my Chrome and Firefox can browse BUT cannot save any changes. After clicking apply it revert everything back to original value before editing and I will always get stuck at openvpn client3. However with Safari I can start and select all 5 ovpn client, import and do whatever necessary that cannot be done in firefox and chrome. Removing and clearing cookies and all does not remove the previous values, its like the autofill functions is stuck on that page for both ff and chrome.
I hope my safari will not get infected with what FF and Chrome has.
 
After noticing some blackboxes in other web sites using Chrome, I found a beta test of chrome called chrome canary. I downloaded it, and it resolved the problem. In other words, its a Chrome issue, and they have addressed it in their newest beta test version.
OK, I just upgrade my graphics card to a newer nvidia version (which uses the same drivers) and it cleared up the the issue. I was using the 650ti, and am now using the 1050ti. I don't know if it was a driver issue, or if the card was starting to act up. Still the 650ti came out in 2013, so I guess it was time for an upgrade regardless :)
 
Another release with even worse issues connecting to webui from iOS and macOS devices. In previous releases I had issues with Safari but Chrome worked OK. Now I cannot even connect with all these browsers. The only way I found is to use Edge in my Windows VM in Parallels. What could I break?
There is the chance Merlin does not have a mac or iOS device to test these things. Not to mention how broken web standards are. No reason to get huffy.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top