Posted: Thu May 11, 2017 12:18 Post subject: Help with WRT1900AC
I hope I'm in the right place for some help. I run a small home network on 75mb/s fiber using the ISP supplied Thomson Technicolor router (no firewall). Windows PC's are wired ethernet and wifi is used for occasional Apple and Android connections, mainly web browsing and email.
The PC's have software firewalls allowing realtime monitoring to help identify apps calling to IP addresses potentially leaking some personal data.
I recently bought an LG 'Smart TV' which connects to the router and leaks TV operation preferences like the proverbial 'hole in a bucket'.
So far I'm fighting all this with openDNS domain blocking, Windows 3rd party firewall apps and open VPN clients installed on each device. But wifi access to the router and TV connection is my concern. I'm sure I'm not alone with personal data and security concerns?
I now have a Linksys WRT1900AC (V1) router because I thought it would be fast enough to run an encrypted OpenVPN client. My VPN client running on an overclocked PC drops VPN file download speed from about 75-70 Mb/s. I don't expect a VPN enabled router to match this, but anywhere around 45Mb/s would be ok.
If I flashed the WRT1900AC with a DD-wrt variant, can I easily get realtime access to the router firewall with one click and monitor traffic to an IP address or url domain generated from a device application, then easily restrict or block it?
By 'easy' I mean at the mo. I open my firewall (Private firewall 7.0) from a desktop link, see connections in and out live with time & date stamps and can then add an address or url to a black or white list. I don't have to login (e.g to the router) each time and wait a long time to see the traffic.
I've found the following firmware versions for the WRT1900AC after reading posts in this thread:
Linksys OE supplied firmware (not well reviewed)
Kong r31100m
BS r30731
May be r31924 05_02_2017
I've not found anything for Gargoyle?
Will an addon firewall manager for DD-WRT give me something similar to running my Windows client firewalls that is accessible from a mouse click? I'm guessing that my Windows firewall can usefully tell me which applications are generating traffic to IP addresses or domains, but logging at router level will not? Only one PC in the home network needs to be 'master' with realtime firewall access and controls.
I think personal data security is a big issue with so many internet connected devices 'plug & play'. I recently bought a Cheap Chinese Android tablet and found a lot of suspect traffic being generated by their firmware apps!
Thanks, took me a while to discover the WRT1900AC Gargoyle firmware is known as 'Armada Caiman'. Image file size seems smaller than BS builds.
Anyody got any suggestions for realtime monitoring and control of a DD-WRT firewall, or can I only expect to download logs,analyze/parse and set rules and IP/domain blocking in non-realtime?
Posted: Thu May 11, 2017 23:14 Post subject: Question resolved
Thanks to those who looked and myersw for your help. I realize I'm amongst experts, but something bugged me from a DD-WRT flash and tests I did on a Netgear N600 a year ago. I couldn't understand why VPN downloads were was so slow compared to my fiber speeds of 35Mb/s at that time. Many others also complained but not many have answers, except to pay more and more for the latest routers offering more speed which doesn't cut the VPN mustard. The router market designs seem dominated by the need to get fast wifi, whereas I'm more interested in 'reasonable' wi-fi performance, VPN and high security. I think I've now found a credible answer to the slow speed VPN conundrum:
Most routers are sold on their cpu clock speeds and waft plenty of wifi antennae to penetrate thick walls, but can't handle the fast math co processing required for real time VPN encryption.
That said, I'm going to stick my neck out on a quad core Chinese mini pc with dual lan and wifi 'N' NIC spending less than a hi end commercial router. Fortunately cheap fast quad core mini pcs have got less power hungry and idle at just 10 watts. O.K it's work to set it up for Linux DD-WRT and get into pfsence, but I hope it will be a future proof router for a while.
Posted: Sun Jul 02, 2017 13:30 Post subject: SOLVED READ ALL ABOUT IT .....READ ALL ABOUT IT
Am can boot from seriell take a bootcmd and image linksys came,but whwn am try rebooot without seriell the ruter only blinking hope someone could help thanks
am mybee boting from wrong partition?if how to change from usb seriell.
Take a factory recovery and woooops its boot proper so now its over to dd-wrt again am learn
Posted: Sun Jul 02, 2017 21:07 Post subject: Gargoyle vs BS betas
This thread has become very inactive lately and I haven't been keeping up for many months. I used Gargoyle on a previous netgear router and it worked well. I'm curious what others are running at this point that is very reliable (especially when wired) and good WIFI as well (secondary for me).
@myersw - I would like to know your opinion in particular. I have the WRT1900AC V1 and am not looking for advanced features (wireless bridging, etc.) My internet connection is fast (>150 Mb/sec) but it is not always reliable and I would really like to know if there are any features that could help easily identify if it was the cable modem/WAN connection having a "blip" or if it is actually the 1900AC. I have considered paying a monthly service fee for an internet based monitor but I don't even allow a respond to a WAN ping since I don't want to give the slightest opening for hacking.
Posted: Fri Jul 21, 2017 20:02 Post subject: Disable wifi dd-wrt logins on each wifi interface
Hi guys,
I have two routers(wrt1900acs & archer C9) both have dd-wrt installed and are running great.
I noticed on the archer C9 router that there is a setting to which I can disable wifi login on each interface ie 5Ghz or 2.4G. However that feature is not available on the wrt1900acs.
Is it possible to request for this please on the wrt1900acsv2 dd-wrt firmware.
Posted: Sat Jul 22, 2017 3:04 Post subject: Re: Disable wifi dd-wrt logins on each wifi interface
Soaring wrote:
Hi guys,
I have two routers(wrt1900acs & archer C9) both have dd-wrt installed and are running great.
I noticed on the archer C9 router that there is a setting to which I can disable wifi login on each interface ie 5Ghz or 2.4G. However that feature is not available on the wrt1900acs.
Is it possible to request for this please on the wrt1900acsv2 dd-wrt firmware.
Thank you
Please excuse my naïve question. Exactly what is the purpose of disabling the wifi login? Wouldn't disabling the wifi radio serve the same purpose? I'm curious.
Posted: Sat Jul 22, 2017 5:02 Post subject: Re: Disable wifi dd-wrt logins on each wifi interface
gainestr wrote:
Soaring wrote:
Hi guys,
I have two routers(wrt1900acs & archer C9) both have dd-wrt installed and are running great.
I noticed on the archer C9 router that there is a setting to which I can disable wifi login on each interface ie 5Ghz or 2.4G. However that feature is not available on the wrt1900acs.
Is it possible to request for this please on the wrt1900acsv2 dd-wrt firmware.
Thank you
Please excuse my naïve question. Exactly what is the purpose of disabling the wifi login? Wouldn't disabling the wifi radio serve the same purpose? I'm curious.
I'll put it in simple terms for you. The wrt190acs router is far more superior than my archer c9 router. Both using DD-wrt firmware, yet the archer c9 firmware has more features than the wrt1900acs have. I would like to have them both to be the same features, but I'll make my requests gradually if you catch my drift?
Posted: Sat Jul 22, 2017 5:28 Post subject: Re: Disable wifi dd-wrt logins on each wifi interface
Soaring wrote:
gainestr wrote:
Soaring wrote:
Hi guys,
I have two routers(wrt1900acs & archer C9) both have dd-wrt installed and are running great.
I noticed on the archer C9 router that there is a setting to which I can disable wifi login on each interface ie 5Ghz or 2.4G. However that feature is not available on the wrt1900acs.
Is it possible to request for this please on the wrt1900acsv2 dd-wrt firmware.
Thank you
Please excuse my naïve question. Exactly what is the purpose of disabling the wifi login? Wouldn't disabling the wifi radio serve the same purpose? I'm curious.
I'll put it in simple terms for you. The wrt190acs router is far more superior than my archer c9 router. Both using DD-wrt firmware, yet the archer c9 firmware has more features than the wrt1900acs have. I would like to have them both to be the same features, but I'll make my requests gradually if you catch my drift?
I can totally understand you wanting them to have the same features. Maybe it's a feature that I would want as well? Since I only have the wrt1900acs and this is my first router with dd-wrt, I can't compare features.
Again, what exactly is the benefit of disabling the wifi login? Is this to prevent ANY devices from connecting, or any additional devices that haven't already logged on? There is already a simple way to disable the radio with the push of the WPS button. I guess I'm not understanding the benefit. Sorry, I'm not questioning you wanting it, I'm just trying to see if it's something others would want as well. Apparently, someone wanted that feature at one point in the development so it must have a use that was/is beneficial.
Look what you want to do with your set up is your business, I really couldn't care what you have enabled or not. If it's working for you, then good on you.
As for disable wifi login It's also in the latest linksys firmware, so this shouldn't be too hard to do, since it's already been done so for the tplink dd-wrt firmware as I mentioned earlier.
