Joined: 18 Mar 2014 Posts: 12887 Location: Netherlands
Posted: Tue Feb 06, 2018 17:16 Post subject:
Router Model: Netgear R6400
Firmware Version: DD-WRT v3.0-r34790M kongac (02/04/2018)
Kernel Version: Linux 4.4.114 #507 SMP Sun Feb 4 17:22:38 CET 2018 armv7l
Upgraded: from DD-WRT v3.0-r34780M kongac (02/02/2018) via ddup
Reset: No not this time
Status: Up and running for 24 hours, basic setup as AP, static leases, OpenVPN client ( on PIA) with Policy Based Routing up and running, 2,4GHz, 5Ghz USB storage working. OpenVPN server setup and running
Errors: Yes
--OpenVPN with Policy Based Routing does not forward HTTP(s) traffic to the PBR clients with SFE on see: http://svn.dd-wrt.com/ticket/5900.
--The GUI sometimes does not respond and I have to manually refresh, this is since builds starting with 33630.
--Possible DNS leak see: http://svn.dd-wrt.com/ticket/6020
--Mini-DLNA is not working!
Firmware Version: DD-WRT v3.0-r34790M kongac (02/04/2018)
Kernel Version: Linux 4.4.114 #507 SMP Sun Feb 4 17:22:38 CET 2018 armv7l
Upgraded: from DD-WRT v3.0-r34780M kongac (02/02/2018) via ddup
Reset: No not this time
Status: Up and running for 24 hours, basic setup as AP, static leases, OpenVPN client ( on PIA) with Policy Based Routing up and running, 2,4GHz, 5Ghz USB storage working. OpenVPN server setup and running
Errors: Yes
--OpenVPN with Policy Based Routing does not forward HTTP(s) traffic to the PBR clients with SFE on see: http://svn.dd-wrt.com/ticket/5900.
--The GUI sometimes does not respond and I have to manually refresh, this is since builds starting with 33630.
--Possible DNS leak see: http://svn.dd-wrt.com/ticket/6020
--Mini-DLNA is not working!
how are you running a patched SFE module ? how do you change it ? Need to make your own build ? or are you running a mounted RW filesystem and re-linking ? I would love to try it.
atod,
read the link provided.
You asked a question when the answer was already provided.
Look in the link he provided and your answer is directly under this portion of 1st post.
"Shortcut Forwarding Engine Kernel Module"
atod-wrt wrote:
how are you running a patched SFE module ? how do you change it ? Need to make your own build ? or are you running a mounted RW filesystem and re-linking ? I would love to try it.
_________________ Router currently owned:
Netgear R7800 - Router
Netgear R7000 - AP mode
atod,
read the link provided.
You asked a question when the answer was already provided.
Look in the link he provided and your answer is directly under this portion of 1st post.
"Shortcut Forwarding Engine Kernel Module"
atod-wrt wrote:
how are you running a patched SFE module ? how do you change it ? Need to make your own build ? or are you running a mounted RW filesystem and re-linking ? I would love to try it.
Thanks. Got it! Will read entire threads next time.
upgraded from 34780M, works well for now.
@kong - please put back softether, let's us decide if we want to use it.
They updated recently to support latest version of ssl
<Kong> wrote:
No softether is full of security issues, I have added IPSec much easier to setup, more secure and much faster.
On the minidlna front, yes there are issues in the last few Kong builds.
I've already posted this on the dd-wrt trac, it appears to be a bug in the latest version of minidlna that brainslayer started to include in his builds from October.
I see this behaviour:
Any time I connect to minidlna using VLC it crashes, requiring router reboot. This is using both iOS and Windows 10 clients.
My Samsung TV can still play videos, although it seems much less stable than the previous minidlna version - playback occasionally fails on files that played fine before. Sometime just playing the file again works, sometimes sections of video seem to be impassable.
Plex running on Win 10 and playing the same files over samba works fine as usual. Drive is formatted ext2 and plugged into R8000 usb 3 port.
I’ve also rebuilt the database a number of times with no change to instability.
upgraded from 34780M, works well for now.
@kong - please put back softether, let's us decide if we want to use it.
They updated recently to support latest version of ssl
<Kong> wrote:
No softether is full of security issues, I have added IPSec much easier to setup, more secure and much faster.
He already say no, and that IPSec is his choice.
BS releases are coming with softether _________________ Netgear R9000 main router
RAX80 as AP
upgraded from 34780M, works well for now.
@kong - please put back softether, let's us decide if we want to use it.
They updated recently to support latest version of ssl
<Kong> wrote:
No softether is full of security issues, I have added IPSec much easier to setup, more secure and much faster.
He already say no, and that IPSec is his choice.
BS releases are coming with softether
So use BS releases? Dev said no, and you pester with this same statement every release. For the sake of humanity, stop, please.
I can't quite follow what is going on with OpenVPN server from the back and forth in this thread.
I've had OpenVPN working in past Kong builds on my R7000, but ever since about September 2017 timeframe, the builds no longer worked. OpenVPN never starts, and it shows nothing for server state and status in the web GUI. I've not changed anything with my OpenVPN config or certs in that time, so don't really know how to begin troubleshooting.
I don't have IPv6 enabled on my LAN--is that a bona fide, confirmed showstopper?
Joined: 18 Mar 2014 Posts: 12887 Location: Netherlands
Posted: Wed Feb 07, 2018 14:57 Post subject:
You probably have to regenerate the certificates with the new version of OpenSSL.
Sometimes adding: tls-cipher "DEFAULT:@SECLEVEL=0" to the additional config does the trick
I just installed the OpenVPN server again and made certificates with the latest OpenVPN client for windows and it is working.
I can send you my notes for making the certificates and setting up if necessary.
Post your questions regarding OpenVPN in the advanced networking forum _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399 Install guide R7800/XR500:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614 Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
I can't quite follow what is going on with OpenVPN server from the back and forth in this thread.
I've had OpenVPN working in past Kong builds on my R7000, but ever since about September 2017 timeframe, the builds no longer worked. OpenVPN never starts, and it shows nothing for server state and status in the web GUI. I've not changed anything with my OpenVPN config or certs in that time, so don't really know how to begin troubleshooting.
I don't have IPv6 enabled on my LAN--is that a bona fide, confirmed showstopper?
Thanks, all.
In the September time frame that is almost certainly due to the OpenSSL upgrade. I had to regenerate new certs at the time too. As egc said, do that on your server, and deploy the updated certs to your clients - that should fix it.
It's been so long since I've generated the certs, I don't remember the process anymore. In fact, I think my certs were generated on Tomato firmware on that router ages ago, and I just copied/pasted them into DD-WRT web GUI when I moved to Kong's firmware.
I'd greatly appreciate if you shared your notes on that. _________________ Netgear R7500v2, DD-WRT v3.0-r37845M kongat
Netgear R7000, DD-WRT v3.0-r37715M kongac