What's new

[Release] Asuswrt-Merlin 380.65 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

The TOR/Mac address configuration page is broken with this update.
Switched back to previous release 380.64.2 and recovered all features.

Can you elaborate?
 
Short question about driver:
On Tools page on my RT-N66U i see this:
wl0: May 12 2016 14:15:11 version 6.30.163.2002 (r382208)
what kind of driver is this?
 
Shouldn't need to change anything, worked fine here. Any error messages in the system log?
I got it working, I had to recreate the openvpn file from my login at Torguard and import it into my 87R and that resolved the problem.
Thanks for your response on this
Paul
 
It appears that asus has fixed their end, regarding the signature checking issue.
Signature Check seems to be working on my 88.
 
Updated from beta3 and had to reboot for VPN Client to become active. Chrome still not displaying correct OpenVPN Client Settings (even after clearing cache) and though I hadn't used them before, Network Tools - Network Analysis isn't functioning whereas I'm able to use command prompt in Win10 for tracert and ping.
 
It appears that asus has fixed their end, regarding the signature checking issue.
Signature Check seems to be working on my 88.

It's failing for me for some reason.

I have no functionality issued though like a couple of the beta's. I'm able to access my harmony and hue equipment just fine as well as my echos.

Thanks Eric!

Updated from beta3 and had to reboot for VPN Client to become active. Chrome still not displaying correct OpenVPN Client Settings (even after clearing cache) and though I hadn't used them before, Network Tools - Network Analysis isn't functioning whereas I'm able to use command prompt in Win10 for tracert and ping.

Maybe try a different browser, I'm using FF and everything works fine.
 
Last edited:
Successfully updated on my N-66U (Repeater mode) and AC-68U. On the latter I still need to manually restart the NFS daemon, otherwise clients cannot connect. But that was the case with the previous FW as well.
 
ac68u

VPN is not working. Tried disabling Cipher Negotiation but still not working

Code:
Feb  4 19:39:44 openvpn[2521]: VERIFY X509NAME ERROR: C=US, ST=CA, O=Fort-Funston, CN=server_v1, emailAddress=me@myhost.mydomain, must be server
Feb  4 19:39:44 openvpn[2521]: OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Feb  4 19:39:44 openvpn[2521]: TLS_ERROR: BIO read tls_read_plaintext error
Feb  4 19:39:44 openvpn[2521]: TLS Error: TLS object -> incoming plaintext read error
Feb  4 19:39:44 openvpn[2521]: TLS Error: TLS handshake failed
Feb  4 19:39:44 openvpn[2521]: SIGUSR1[soft,tls-error] received, process restarting
Feb  4 19:39:44 openvpn[2521]: Restart pause, 160 second(s)
Feb  4 19:40:00 cstats[473]: Problem loading /mnt/sda1/logs/tomato_cstats_382c4acbd280.gz. Still trying...
Feb  4 19:40:00 rstats[470]: Problem loading /mnt/sda1/logs/tomato_rstats_382c4acbd280.gz. Still trying...
 
Chrome beta updated to v57 and broke things again so I ended up going to the release version and things are normal again.
 
It appears that asus has fixed their end, regarding the signature checking issue.
Signature Check seems to be working on my 88.
Signature check still not working on my RT-AC66U_B1
 
Has there been any changes to how OpenVPN-server interacts with the firewall?

I tried to upgrade to .65 from .63, reset to factory defaults and then manually input of all my usual settings.

Then when trying to connect to the OpenVPN server it seems all connection attempts are getting blocked by the firewall.

There is never a response at all it seems. So I tried going back to 64_2 to see if that helped as it does not have the OpenVPN 2.4, but same thing there. Might have to roll back again to 63 – though I want the security fixes introduced and like being up to date.

From a client (OpenVPN on iOS):
Code:
2017-02-04 22:33:41 ----- OpenVPN Start -----
OpenVPN core 3.0 ios arm64 64-bit
2017-02-04 22:33:41 UNUSED OPTIONS
8 [keepalive] [15] [60]
14 [resolv-retry] [infinite]
15 [nobind]
16 [push] [route 192.168.2.0 255.255.255.0]

2017-02-04 22:33:41 LZO-ASYM init swap=0 asym=0
2017-02-04 22:33:41 EVENT: RESOLVE
2017-02-04 22:33:42 NET WiFi:NotReachable/WR t------
2017-02-04 22:33:42 NET Internet:ReachableViaWWAN/WR t------
2017-02-04 22:33:42 Contacting <server-ip>:1194 via TCP
2017-02-04 22:33:42 EVENT: WAIT
2017-02-04 22:33:42 SetTunnelSocket returned 1
2017-02-04 22:33:51 Server poll timeout, trying next remote entry...
2017-02-04 22:33:51 EVENT: RECONNECTING
It keeps reconnect attempts going for quite some time before it gives up with only timeouts.

And this is what I'm seeing in syslog on my Asus RT-AC68U:
Code:
Feb  4 22:43:51 kernel: DROP IN=eth0 OUT= MAC=<mac data> SRC=<client-ip> DST=192.168.2.1 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=54402 DF PROTO=TCP SPT=49364 DPT=1194 SEQ=4110721946 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0B3577180000000001030302)
Feb  4 22:43:51 kernel: DROP IN=eth0 OUT= MAC=<mac data> SRC=<client-ip> DST=192.168.2.1 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=48102 DF PROTO=TCP SPT=49363 DPT=1194 SEQ=4107062526 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0B3577180000000001030302)
..
..

Edit: Also tried setting up port forwarding for port 1194 to the LAN ip of the router, but did not have any affect on the behavior.
 
Maybe try a different browser, I'm using FF and everything works fine.

Among Firefox, Chrome and Edge, Firefox is the only browser that gives me correct settings.
 
Updated AC56U and AC68U to 380.65 with no issues. Thanks again Eric!
 
Has there been any changes to how OpenVPN-server interacts with the firewall?

I tried to upgrade to .65 from .63, reset to factory defaults and then manually input of all my usual settings.

Then when trying to connect to the OpenVPN server it seems all connection attempts are getting blocked by the firewall.

There is never a response at all it seems. So I tried going back to 64_2 to see if that helped as it does not have the OpenVPN 2.4, but same thing there. Might have to roll back again to 63 – though I want the security fixes introduced and like being up to date.

From a client (OpenVPN on iOS):
Code:
2017-02-04 22:33:41 ----- OpenVPN Start -----
OpenVPN core 3.0 ios arm64 64-bit
2017-02-04 22:33:41 UNUSED OPTIONS
8 [keepalive] [15] [60]
14 [resolv-retry] [infinite]
15 [nobind]
16 [push] [route 192.168.2.0 255.255.255.0]

2017-02-04 22:33:41 LZO-ASYM init swap=0 asym=0
2017-02-04 22:33:41 EVENT: RESOLVE
2017-02-04 22:33:42 NET WiFi:NotReachable/WR t------
2017-02-04 22:33:42 NET Internet:ReachableViaWWAN/WR t------
2017-02-04 22:33:42 Contacting <server-ip>:1194 via TCP
2017-02-04 22:33:42 EVENT: WAIT
2017-02-04 22:33:42 SetTunnelSocket returned 1
2017-02-04 22:33:51 Server poll timeout, trying next remote entry...
2017-02-04 22:33:51 EVENT: RECONNECTING
It keeps reconnect attempts going for quite some time before it gives up with only timeouts.

And this is what I'm seeing in syslog on my Asus RT-AC68U:
Code:
Feb  4 22:43:51 kernel: DROP IN=eth0 OUT= MAC=<mac data> SRC=<client-ip> DST=192.168.2.1 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=54402 DF PROTO=TCP SPT=49364 DPT=1194 SEQ=4110721946 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0B3577180000000001030302)
Feb  4 22:43:51 kernel: DROP IN=eth0 OUT= MAC=<mac data> SRC=<client-ip> DST=192.168.2.1 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=48102 DF PROTO=TCP SPT=49363 DPT=1194 SEQ=4107062526 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0B3577180000000001030302)
..
..

Edit: Also tried setting up port forwarding for port 1194 to the LAN ip of the router, but did not have any affect on the behavior.

In your OpenVPN server configuration are you using TCP or UDP as the Protocol? Default is UDP. I noticed that iOS is reporting TCP. It looks like you might be running an older version of the iOS app as well, the log files in mine report OpenVPN core 3.1.2 and yours is reporting 3.0. The latest OpenVPN iOS client is currently 1.1.1 build 212. I noticed that the last update didn't update correctly on my iPhone so you might need to delete the app and reinstall and then import your settings again.
 
ac68u

VPN is not working. Tried disabling Cipher Negotiation but still not working

Code:
Feb  4 19:39:44 openvpn[2521]: VERIFY X509NAME ERROR: C=US, ST=CA, O=Fort-Funston, CN=server_v1, emailAddress=me@myhost.mydomain, must be server
Feb  4 19:39:44 openvpn[2521]: OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Feb  4 19:39:44 openvpn[2521]: TLS_ERROR: BIO read tls_read_plaintext error
Feb  4 19:39:44 openvpn[2521]: TLS Error: TLS object -> incoming plaintext read error
Feb  4 19:39:44 openvpn[2521]: TLS Error: TLS handshake failed
Feb  4 19:39:44 openvpn[2521]: SIGUSR1[soft,tls-error] received, process restarting
Feb  4 19:39:44 openvpn[2521]: Restart pause, 160 second(s)
Feb  4 19:40:00 cstats[473]: Problem loading /mnt/sda1/logs/tomato_cstats_382c4acbd280.gz. Still trying...
Feb  4 19:40:00 rstats[470]: Problem loading /mnt/sda1/logs/tomato_rstats_382c4acbd280.gz. Still trying...

Click on "Content modification of Keys & Certificates." on the OpenVPN Client tab and see if the certificates are still there. Sometimes, the certificates don't get copied over during updates of firmware. If so, you will need to paste it back in.
 
Running a RT-AC-68U and update installed perfectly. Only oddity I see has been mentioned before...the signature check fails. It is at 1.110 and when checking it just reports "Signature update failed"
 
Running a RT-AC-68U and update installed perfectly. Only oddity I see has been mentioned before...the signature check fails. It is at 1.110 and when checking it just reports "Signature update failed"
Same here, except mine is at signature version 1.142.
 
I spoke too soon.
Signature Check went from Notifying as current, to Update Failed.
Currently @ 1.142
Weird Glitch occurred when signing into router, instead of logging into the "index.asp" the router log in took me to /ajax which showed core temp text. Took several attempts to get log in to correct page. o_O
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top