1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tomato Mod v1.19.1464 with OpenVPN/Tomato Mod v1.21.TEST-v5 with OpenVPN-GUI,SDMMC,IP/MAC

Discussion in 'Tomato Firmware' started by roadkill, Jun 4, 2007.

  1. peckec

    peckec LI Guru Member

    I'm using openvpn on port 443. No problems at all.
    I changed it for the same reason as you.
     
  2. roadkill

    roadkill Super Moderator Staff Member Member


    I'll look into it.. thanks for the feedback
     
  3. xcooling

    xcooling LI Guru Member

    Fantastic firmware !!!

    Replaced DD-WRT on my WRT54G v3.1 eu : active cooling, dual serial, jtag, mmc

    I could propose the following:

    Format of the sd/mmc from the gui.
    Display Realtime memory usage (similar to dd-wrt)
    Display CPU clock rate in the gui.
    Add a swap partition to sd/mmc (i know its slow, but it does help)

    To me this is the most important: console in the GUI. (execute console commands)
     
  4. srouquette

    srouquette Network Guru Member

    In Status > Overview, there's memory usage and CPU load.
    In Admin > Scripts, you can specify console commands on init or wan up.
     
  5. xcooling

    xcooling LI Guru Member

    Im asking specificaly for cpu clock (mhz)
    ie:
    dmesg | grep -i cpu:
    Memory info:
    free
    Secondly: when i say console, i mean an interactive console: ie telnet in gui.
     
  6. LLigetfa

    LLigetfa LI Guru Member

    You can telnet into a stock Tomato from any GUI computer so I'd be surprised if you cannot telnet into this mod'd version.
     
  7. xcooling

    xcooling LI Guru Member

    i know i can telnet, ssh, jtag into it.

    Its nice to not have to open an extra util.. and sometimes im unable to use a telnet/ssh client. then im stuck with web gui, kinda bad if u urgently need to run a console command.
     
  8. xcooling

    xcooling LI Guru Member

    Fatal SD/MMC Error.


    ERROR in SD/MMC support : linksys WRT54G v3.1 euro (sd mod: http://americasarmy.co.za/downloads/spaceman/wrt54gv3.1eu/ )
    used 3.2 gpio locations from: http://wiki.openwrt.org/OpenWrtDocs/Customizing/Hardware/MMC

    Tomato Mod v1.16.1374 with OpenVPN , SD/MMC Support

    # modprobe mmc
    # dmesg | grep -i mmc

    dd-wrt v23 sp2

    # df -h
    # mount
    # cd /mmc
    /mmc # ls
    /mmc # touch somefile
    /mmc # ls

    ie. working 100% in dd-wrt, not working in tomato mod
     
  9. kevanj

    kevanj LI Guru Member

    DHCP Reduce Packet Size kills WAN connection with 1.16.1374

    Finally got around to upgrading to the VPN Mod version (1.16.1374), and ran into a 'snag'. I was running 1.15 and had DHCP Reduce packet size enabled. When I flashed the latest VPN Mod, my router wouldn't obtain a DHCP lease from my ISP, until I switched off the Reduce Packet Size option, then it connected immediately. I switched it back on, and the connection immediately dropped and wouldn't reconnect. Switched off, and it came back up. Otherwise the firmware seems to be working flawlessly. Was able to establish a VPN in less that 5 min using splat's directions.

    Good stuff Roadkill!!
     
  10. occamsrazor

    occamsrazor Network Guru Member

    Re: using OpenVPN on Port 443. I've got it working on 443 now.... I'd stupidly forgotten to reboot the router after making the script changes....
     
  11. ikarusx3

    ikarusx3 LI Guru Member

    Just a quick question to roadkill:

    did you update the firmware file after yesterday (3-11) ~12 GMT? Bec i did a quick test with it and mmc didnt work anymore. i read about the missing filesystem component and was wondering if that was solved before or after my attempt.

    @xcooling: when unable to use an ssh client, try: http://vmlinux.org/ssh/

    works fine for me
     
  12. roadkill

    roadkill Super Moderator Staff Member Member

    the reduce packet size option in udhcpc (-m) was removed and that is the reason why it doesn't work anymore (invalid parameter), I haven't been able to figure out if it is the default behavior now or simply doesn't exists.
    anyway dhcp client is working like it should besides that so I think for the time being I'll disable the GUI option.

    yes I did updated the file you can check compile time
    Built on Tue, 11 Mar 2008 09:50:47 +0200

     
  13. FidgetyRat

    FidgetyRat LI Guru Member

    What GPIO configuration are you using.

    SD works fine with my WRT54GL (still using tomato mod version 1.14) using the GPIO configuration I posted a few pages ago.
     
  14. ikarusx3

    ikarusx3 LI Guru Member

    mmc not working here too, just shows up "not mounted" and insmod mmc gives:
    Code:
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_hardware_init: initializing GPIOs
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_init: the period of a 380KHz frequency lasts 524 CPU cycles
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_init: powering card on. sending 80 CLK
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_init: 80 CLK sent in 44022 CPU cycles
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_init: resetting card (CMD0)
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_init: doing initialization loop
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_init: card inited successfully in 2 tries (61854 CPU cycles).
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_init: MMC/SD Card ID:
    Mar 12 18:23:17  user.warn kernel: 15 00 00 30 30 30 30 30 30 10 c0 01 8c 22 88 00 [INFO] Manufacturer ID   : 15
    Mar 12 18:23:17  user.warn kernel: [INFO] OEM/Application ID:
    Mar 12 18:23:17  user.warn kernel: [INFO] Product name      : 00000
    Mar 12 18:23:17  user.warn kernel: [INFO] Product revision  : 3.0
    Mar 12 18:23:17  user.warn kernel: [INFO] Product SN        : 10c0018c
    Mar 12 18:23:17  user.warn kernel: [INFO] Product Date      : 2028-8
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_config: size = 62720, hardsectsize = 512, sectors = 125440
    Mar 12 18:23:17  user.warn kernel: [WARN] mmc_init: hd_sizes=62720, hd[0].nr_sects=125440
    Mar 12 18:23:17  user.warn kernel: [INFO] mmc_card_init: set_blocklen (CMD16) succeeded !
    Mar 12 18:23:17  user.info kernel:  mmca:
    Mar 12 18:23:17  user.info kernel:  p1
    Mar 12 18:23:17  user.err kernel: devfs_mk_dir(mmc/disc0): using old entry in dir: 804286e0 "mmc"
    Mar 12 18:23:17  user.err kernel: devfs_register(disc): could not append to parent, err: -17
    
    but working great with 1.14
     
  15. roadkill

    roadkill Super Moderator Staff Member Member

    yes I know this is due to fsck not running when sd/mmcis inserted,
    I'm already implanting legacy mmc module with a version upgrade to 1.17 :grin:
     
  16. xcooling

    xcooling LI Guru Member

    Is the a cvs repository, for us to upload patches/modifications ?

    Thanks for the work on 1.17
     
  17. roadkill

    roadkill Super Moderator Staff Member Member

    you can e-mail me the patches I'll integrate them into the source I currently don't have a svn/cvs repository because the source is based on official Tomato releases, but if you create one it will be greatly appreciated.
     
  18. ffbadkill

    ffbadkill LI Guru Member

    Does this version support WHR-G125?
     
  19. HarshReality

    HarshReality Network Guru Member

    Look on Tomato homepage and see... all RK is doing is modifying existing code to add more bells and whistles.
     
  20. roadkill

    roadkill Super Moderator Staff Member Member

    I guess I can make the Mod for G125 also...

    Binaries was updated today(3/16/08) for 1.16.1374 I removed two rather small bugs
    • SD/MMC not being automatically mounted when inserted.
    • DHCP is disabled when WAN Reduce packet size is enabled.
     
  21. srouquette

    srouquette Network Guru Member

    roadkill, in your second post about site-to-site vpn, should the routers have the same IP range (192.168.1.*) because it's in bridged mode ?
    or should I configure some route ?
     
  22. roadkill

    roadkill Super Moderator Staff Member Member

    I use the same subnet or add a route
     
  23. srouquette

    srouquette Network Guru Member

    ok, thank you.
     
  24. srouquette

    srouquette Network Guru Member

    for the moment, I have a problem, like this guy :
    http://openvpn.net/archive/openvpn-users/2005-12/msg00349.html
    Code:
    Mar 18 00:27:23 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 UDPv4 READ [22] from 86.205.52.106:2180: P_ACK_V1 kid=0 sid=5f9459d9 c0ff0a10 [ 27 sid=aec9c4ec a34ee7c8 ]
    Mar 18 00:27:23 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 Control Channel: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
    Mar 18 00:27:23 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 [] Peer Connection Initiated with 86.205.52.106:2180
    Mar 18 00:27:23 unknown daemon.err openvpn[154]: 86.205.52.106:2180 MULTI: no dynamic or static remote --ifconfig address is available for 86.205.52.106:2180
    Mar 18 00:27:24 unknown daemon.notice openvpn[154]:  event_wait returned 0
    Mar 18 00:27:25 unknown daemon.notice openvpn[154]:  event_wait returned 1
    Mar 18 00:27:25 unknown daemon.notice openvpn[154]: UDPv4 read returned 88
    Mar 18 00:27:25 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 UDPv4 READ [88] from 86.205.52.106:2180: P_CONTROL_V1 kid=0 sid=5f9459d9 c0ff0a10 [ ] pid=25 DATA 17030100 188c4dba e1d5afda 275f4833 9e9deeeb 6c79ed92 5cfbb513 b817030[more...]
    Mar 18 00:27:25 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 PUSH: Received control message: 'PUSH_REQUEST'
    Mar 18 00:27:25 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 SENT CONTROL [UNDEF]: 'PUSH_REPLY,ping 15,ping-restart 60' (status=1)
    Mar 18 00:27:25 unknown daemon.notice openvpn[154]:  event_wait returned 1
    [...]
    Mar 18 00:33:31 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 UDPv4 READ [309] from 86.205.52.106:2180: P_DATA_V1 kid=0 DATA 07d35fb3 43cf3f09 d9b812e5 ebbe0509 672eb9de dc65ceaf bb8c1254 35d6932[more...]
    Mar 18 00:33:31 unknown daemon.notice openvpn[154]:  event_wait returned 1
    Mar 18 00:33:31 unknown daemon.notice openvpn[154]: 86.205.52.106:2180  write to TUN/TAP returned 316
    Mar 18 00:33:31 unknown daemon.notice openvpn[154]:  event_wait returned 1
    Mar 18 00:33:31 unknown daemon.notice openvpn[154]: UDPv4 read returned 357
    Mar 18 00:33:31 unknown daemon.notice openvpn[154]: 86.205.52.106:2180 UDPv4 READ [357] from 86.205.52.106:2180: P_DATA_V1 kid=0 DATA d06110ca aa8ea21a d4c6e5dc 7a29c507 130a3fd9 f81307f3 fb290337 9801bec[more...]
    Mar 18 00:33:31 unknown daemon.notice openvpn[154]:  event_wait returned 1
    
    any ideas ?
     
  25. roadkill

    roadkill Super Moderator Staff Member Member

    what are you trying to achieve?
     
  26. srouquette

    srouquette Network Guru Member

    I try to merge 2 networks through VPN with 2 routers, a server and a client.
    here is the setup I'm currently testing (so maybe the problem is due to the complex setup at my work)

    at home:
    [my comp: 192.168.42.10]-----[router (VPN server port 4242): 192.168.42.1]-----[internet]

    at work:
    [internet]----[modem/router (not WRT): 192.168.2.1]-----(192.168.2.2)[router with VPN server port 1194 (VPN not used)](192.168.1.1)------(192.168.1.100)[my router (VPN client port 4242)](192.168.42.254)-------[a computer:192.168.42.100]

    it's a little bit complicated at work, but I just try to test the client router. I don't redirect 4242 from any routers before mine, so maybe it's the problem, but I though it was ok as long as my router initiate the connection on the port 4242 with the VPN server, it should be ok...

    The log above is from the VPN server. The connection from the client seems ok, but I can't ping or telnet to 192.168.42.254.
    Code:
    Pinging 192.168.42.254 with 32 bytes of data:
    Reply from 192.168.42.10: Destination host unreachable.
     
  27. roadkill

    roadkill Super Moderator Staff Member Member

    Please check Time Zones Data they must have the same settings in order for connection to take place.
    if TZ data doesn't make it work please post a traceroute from one VPN location to the other and please post a route table.
     
  28. srouquette

    srouquette Network Guru Member

    cool, the forum is back :)
    So... now, I have the same TZ on both sides, but it didn't resolve anything.
    From a computer at work (192.168.42.128), I tried to traceroute to my router at home (192.168.42.1), but nothing happened.

    here is the route on the computer:
    Code:
    C:\Documents and Settings\Kodama>route print
    ===========================================================================
    Interface List
    0x1 ........................... MS TCP Loopback interface
    0x2 ...00 1d 60 91 11 3b ...... Attansic L1 Gigabit Ethernet 10/100/1000Base-T C
    ontroller - Packet Scheduler Miniport
    0x3 ...00 ff 81 53 79 bc ...... TAP-Win32 Adapter V9 - Packet Scheduler Miniport
    
    ===========================================================================
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0   192.168.42.254  192.168.42.128       20
            127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
         192.168.42.0    255.255.255.0   192.168.42.128  192.168.42.128       20
       192.168.42.128  255.255.255.255        127.0.0.1       127.0.0.1       20
       192.168.42.255  255.255.255.255   192.168.42.128  192.168.42.128       20
            224.0.0.0        240.0.0.0   192.168.42.128  192.168.42.128       20
      255.255.255.255  255.255.255.255   192.168.42.128  192.168.42.128       1
      255.255.255.255  255.255.255.255   192.168.42.128               3       1
    Default Gateway:    192.168.42.254
    ===========================================================================
    Persistent Routes:
      None
    and the routing on the router:
    Code:
    Destination	Gateway	Subnet Mask	Metric	Interface
    192.168.50.0	*	255.255.255.0	0	vlan1 (WAN)
    192.168.42.0	*	255.255.255.0	0	br0 (LAN)
    127.0.0.0	*	255.0.0.0	0	lo
    default	192.168.50.1	0.0.0.0	0	vlan1 (WAN)
    
    here is some log from the client side, verb 3:
    Code:
    Mar 18 12:37:53  daemon.notice openvpn[389]: [UNDEF] Inactivity timeout (--ping-restart), restarting
    Mar 18 12:37:53  daemon.notice openvpn[389]: TCP/UDP: Closing socket
    Mar 18 12:37:53  daemon.notice openvpn[389]: SIGUSR1[soft,ping-restart] received, process restarting
    Mar 18 12:37:53  daemon.notice openvpn[389]: Restart pause, 2 second(s)
    Mar 18 12:37:55  daemon.notice openvpn[389]: Re-using SSL/TLS context
    Mar 18 12:37:55  daemon.notice openvpn[389]: LZO compression initialized
    Mar 18 12:37:55  daemon.notice openvpn[389]: Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Mar 18 12:37:55  daemon.notice openvpn[389]: Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    Mar 18 12:37:55  daemon.notice openvpn[389]: Socket Buffers: R=[32767->65534] S=[32767->65534]
    Mar 18 12:37:55  daemon.notice openvpn[389]: UDPv4 link local: [undef]
    Mar 18 12:37:55  daemon.notice openvpn[389]: UDPv4 link remote: 88.175.64.205:4242
    Mar 18 12:37:56  daemon.notice openvpn[389]: TLS: Initial packet from 88.175.64.205:4242, sid=bc39e05c dab602d6
    Mar 18 12:37:57  daemon.notice openvpn[389]: VERIFY OK: depth=1, /C=FR/ST=Paris/L=Paris/O=Syl/...
    Mar 18 12:37:57  daemon.notice openvpn[389]: VERIFY OK: nsCertType=SERVER
    Mar 18 12:37:57  daemon.notice openvpn[389]: VERIFY OK: depth=0, /C=FR/ST=Paris/O=Syl/...
    Mar 18 12:37:59  daemon.notice openvpn[389]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Mar 18 12:37:59  daemon.notice openvpn[389]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mar 18 12:37:59  daemon.notice openvpn[389]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Mar 18 12:37:59  daemon.notice openvpn[389]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mar 18 12:37:59  daemon.notice openvpn[389]: Control Channel: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
    Mar 18 12:37:59  daemon.notice openvpn[389]: [] Peer Connection Initiated with 88.175.64.205:4242
    Mar 18 12:38:00  daemon.notice openvpn[389]: SENT CONTROL [UNDEF]: 'PUSH_REQUEST' (status=1)
    Mar 18 12:38:00  daemon.notice openvpn[389]: PUSH: Received control message: 'PUSH_REPLY,ping 15,ping-restart 60'
    Mar 18 12:38:00  daemon.notice openvpn[389]: OPTIONS IMPORT: timers and/or timeouts modified
    Mar 18 12:38:00  daemon.notice openvpn[389]: Preserving previous TUN/TAP instance: tap0
    Mar 18 12:38:00  daemon.notice openvpn[389]: Initialization Sequence Completed
    Mar 18 13:37:55  daemon.notice openvpn[389]: VERIFY OK: depth=1, /C=FR/ST=Paris/L=Paris/O=Syl/...
    Mar 18 13:37:55  daemon.notice openvpn[389]: VERIFY OK: nsCertType=SERVER
    Mar 18 13:37:55  daemon.notice openvpn[389]: VERIFY OK: depth=0, /C=FR/ST=Paris/O=Syl/...
    Mar 18 13:37:57  daemon.notice openvpn[389]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Mar 18 13:37:57  daemon.notice openvpn[389]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mar 18 13:37:57  daemon.notice openvpn[389]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Mar 18 13:37:57  daemon.notice openvpn[389]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mar 18 13:37:57  daemon.notice openvpn[389]: Control Channel: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
    
     
  29. xcooling

    xcooling LI Guru Member

    Upgraded to the latest version :#

    sd/mmc error still around:

     
  30. xworm

    xworm LI Guru Member

    Unexpected Warring Message

    I've installed this firmware(1.16) on WR850G v2, if I use a windows client to connect WR850G, it works! but the client always show following message:
    ============================================================
    Wed Mar 19 11:23:45 2008 us=437000 NOTE: Options consistency check may be skewed by version differences
    Wed Mar 19 11:23:45 2008 us=437000 WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tap'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 1576'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 1532'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'proto' is present in local config but missing in remote config, local='proto TCPv4_SERVER'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'ifconfig' is present in local config but missing in remote config, local='ifconfig 192.168.10.0 255.255.255.0'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 0'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'cipher' is present in local config but missing in remote config, local='cipher BF-CBC'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA1'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 128'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'tls-auth' is present in local config but missing in remote config, local='tls-auth'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
    Wed Mar 19 11:23:45 2008 us=453000 WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
    ===================================================
    my windows client is also using Openvpn 2.1 RC7.
    If I connect to a windows openvpn server(running 2.1 RC7 and using same server config as WR850G), everything is OK. No warring message. So I think my windows client is OK.
    and, if I use a WRT54G as client, WR850G as server(both running the v1.16 mod firmware), also everything is OK.No warring message.SO, I think WR850G is OK.

    I've also checked time on all systems, and I'm sure they're the same.
    I've also tried to add the complained "missing" parameter in config, like the 'keysize 128', but same result.
    I've also tried to add the complained "missing" parameter in command line, like "--keysize 128", but the same result.
    Actually, at least the 'comp-lzo' parameter is present in both sides,
    I can even noticed a startup message saying "LZO compression initialized" on both client and server sides.
    So, why will those message generated?

    here is my windows client:
    =======================
    remote 123.123.123.123 8080
    proto tcp-client
    tls-client
    dev tap0
    dev-node tap0
    tls-auth D:\\OpenVPN\\easy-rsa\\keys\\ta.key 1
    cert D:\\OpenVPN\\easy-rsa\\keys\\Tiger.crt
    key D:\\OpenVPN\\easy-rsa\\keys\\Tiger.key
    ca D:\\OpenVPN\\easy-rsa\\keys\\ca.crt
    ns-cert-type server
    ifconfig 192.168.10.11 255.255.255.0
    keepalive 10 120
    comp-lzo
    verb 4
    ==========================

    Here is my WR850G server
    ============================
    local xxx.xxx.xxx.xxx
    port 8080
    proto tcp-server
    tls-server
    dev tap0
    cert X509/Server/server.crt
    key X509/Server/server.key
    dh X509/Server/dh1024.pem
    ca X509/CA/ca.crt
    tls-auth X509/ta.key 0
    ifconfig 192.168.10.1 255.255.255.0
    keepalive 10 120
    user nobody
    group nobody
    persist-key
    persist-tun
    comp-lzo
    verb 4
    ==============================
     
  31. FidgetyRat

    FidgetyRat LI Guru Member

    First, has the sd/mmc ever worked for you with the previous versions? (1.14). Just need to make sure it worked for you at one point before calling it an error.

    By the error logs you supplied, it looks like you are using a different GPIO configuration then we are.

    What is working for me under 1.14 is: (WRT54GL)
    CS 7
    DI 2
    DO 4
    CLK 3

    I haven't yet updated past 1.14, but I know the GPIO config above is working perfectly fine for me and has been completely stable.
     
  32. xcooling

    xcooling LI Guru Member

  33. ffbadkill

    ffbadkill LI Guru Member

    I love tomato firmware very much but need to use VPN function.
    I can find this mod version only..
    Unfortunately, I am using G125:thumbdown:
     
  34. FidgetyRat

    FidgetyRat LI Guru Member

    I'm confused. In this post you say it does not work in Tomato but did in DD-WRT. Also in that post you state you are using 3.2 GPIO configuration which uses GPIO 5 which is not working under this mod as far as I know.

    What I asked was if you ever got it to work with a previous version of Tomato, not DD-WRT.
     
  35. HarshReality

    HarshReality Network Guru Member

    Not to sound like a smart alec here... but the current revision is lacking the legacy support RK is working on in order to select the GPIO pins. Deductive reasoning would dictate that if the pins cant be changed and it isnt working NOW then it never did in Tomato since THIS IS THE ONLY VERSION WITH SD SUPPORT.

    The guy replied to your inquiry and even gave a bit more detail by stating that it had worked with another firmware so you could eliminate the mod itself as being the problem. If you'd like to help then fine but dont come BACK like an idiot when you troubleshoot as far as you can and cant get anywhere else... far more reasonable to simply say "Im out of ideas... sorry cant be of further help"
     
  36. FidgetyRat

    FidgetyRat LI Guru Member

    First off, my first question was if he ever got it to work with Tomato, not DD-WRT. I asked this to figure out if the new .17 version broke his tomato SD support directly. This is very important since many of us have working SD support in previous versions.

    Second, I fail to see how your deductive resoning here is helpful. If he did have SD working in previous tomato versions and not in .17, then the fault is .17. If he never had any version of tomato working with SD, then the fault lies in either the module or his GPIO config. I consider that a very useful thing in determining where the problem lies rather then just outright saying the entire SD mod is an error.

    But, since I aparantly offended people by trying to help troubleshoot, I guess I will just stop helping.
     
  37. xcooling

    xcooling LI Guru Member

    HI

    Sorry been away for a bit.

    Im going to try a different build (1.14), however i doubt this will work, as the legacy gpio/mmc module is missing.

    Im hoping tm 1.17 will include the legacy module.
     
  38. roadkill

    roadkill Super Moderator Staff Member Member

    gpio settings for legacy?
     
  39. xcooling

    xcooling LI Guru Member

    SD/MMC legacy module - different module/gpio selection.

    Ive got my 512MB sd, thats unusable atm
     
  40. HarshReality

    HarshReality Network Guru Member

    Give the fellow time.. after all there shall be no wine (or SD card) before its time ;)
     
  41. adex

    adex LI Guru Member

    console detach

    Is there a possibility to detach Serial Console from COM1 (ttyS0) in this Tomato, like editing inittab in OpenWRT?? I want to use two ports, but first port is used by console and sending data generates errors. Maybe some recompilaton or sth else? Anyone know where in code serial port 1 (ttyS0) is attached to console?:confused::confused:
     
  42. Xriderbc

    Xriderbc Network Guru Member

    sd mod

    I've searched around, and wiki but haven't seen this... Is the sd/mmc card mod doable on a version 1.0 WRT54G ? Mention of other versions, but not the 1 series. Just wanted to make sure there weren't any significant hardware differences that would prevent the mod before investing any more time on it. Anyone know what the GPIO layout on a v1.0 might be?
     
  43. HarshReality

    HarshReality Network Guru Member

    As I understand the OpenWRT Wiki was done first on a 1.0 WRT54G and then added to for later models. Also, as I understand the default GPIO pins are currently working in RKs Mod. Alternate pins however do not.

    **One of the previous posts lists working pins that the user has and functionality with RKs current

    http://wiki.openwrt.org/OpenWrtDocs/Customizing/Hardware/MMC
     
  44. tcsoft

    tcsoft Addicted to LI Member

    v1.16.1374
    my sd-card does not get mounted. i have to login at ssh and do a "insmod mmc". then the card gets recognized. but a "mount /dev/mmc/device0/part1 /mmc" fails with "no such device"

     
  45. HarshReality

    HarshReality Network Guru Member

    What GPIO pins are you using.. currently only the default543&7 pins are supported as the ability to configure the pins is pending.
     
  46. tcsoft

    tcsoft Addicted to LI Member

    you're right. i'm using gpio 2.
     
  47. ikarusx3

    ikarusx3 LI Guru Member

    i also do have gpio 2 instead of 5, but im wondering why it wont work anymore while its working with the 1.14 mod version...
     
  48. Seraphin

    Seraphin LI Guru Member

    Hi everybody

    The same here. I (or exactly someone I know) just modded a SD-Card Reader into my WRT54GL v1.1 as described at www.hendlsofen.de (german), so I'm using the GPIO's 2, 3, 4 and 7. I should have read this thread here before, but now it's too late.

    But maybe someone has already changed and compiled the Source-Code for this combination of GPIOs? Or would it be hard to do it by myself? ... I'm not very familiar with programming and compiling C(++) ... I just already did a little bit in PHP in earlier times.

    Or will it last a long time, until there is a version witch will support various GPIOs, like it is already in the ToDo-List?


    Thanks in advance
    Patric
     
  49. srouquette

    srouquette Network Guru Member

    each week, I must reboot the router due to:
    Code:
    Apr 11 19:00:56 unknown user.err kernel: Out of Memory: Killed process 29240 (dnsmasq).
    do you know why dnsmasq takes so much memory ?
    how can I fix this ?
     
  50. bigl2

    bigl2 LI Guru Member

    New Tomato (1.18) out so maybe ne version will be based on it....
     
  51. El Labero

    El Labero LI Guru Member

    ie readed the first 20 pages of this Thread... but i still don't understand how this mod works...

    is this like Hamachi but for the whole Network?
    And ist this sd-mod a must to use it?
     
  52. Maggard

    Maggard LI Guru Member

    VPN = Virtual Private Network.
    Hamachi is a type of VPN.
    OpenVPN is another type of VPN.

    Typically Hamachi only connects to a single machine (though it can be manually configured to route a whole local area network.)

    Typically OpenVPN routes to an entire local area network (though it can be configured to route to only a single machine.)

    The sd-mod is unrelated to networking features; it just happens to be rolled into this Tomato variation along with other add-ons like additional color themes for the web interface, etc.
     
  53. El Labero

    El Labero LI Guru Member

    thank you for your answer^^
     
  54. bingjiw

    bingjiw Addicted to LI Member

    redirect the HTTP requests

    Is it possible that: allow everyone to access in the [Basic - Wireless Filter], then make a MAC-addresses-List somewhere in Tomato. Then follow the following logic.

    Code:
    IF ( the connection or request is from one of the computers which MAC is in that MAC-addresses-List ) THEN
        Do the normal process that Tomato will normally do.
    ELSE
        IF ( it's a HTTP request ) THEN
            redirect this HTTP request to a certain URL
        ELSE
            Don't allow this connection/request, just drop this connection request
        ENDIF
    ENDIF
    How to make this function? Which file should be modified to insert this logic into?

    Thanks a lot
    Bingji
     
  55. jyavenard

    jyavenard Network Guru Member

    PPTP, SMTP and Tomato

    Hi.

    Took quite an interest in this thread.

    Not sure if anyone would be interested.

    I have modified the Tomato 1.18 source code to add crypto kernel (it has been removed by Linksys, probably due to export restriction). Also updated PPP and PPTP-client to support MPPE encryption.

    This version of tomato as such allows to act as a pptp vpn client (can be made as a server very easily but I haven't bothered compiled pptpd).

    I also added a snmp daemon as I wanted it.

    Firmware image is still below 3MB.

    I haven't bothered packaging my changes , but should people be interested I can share my modifications.

    Let me know.
    Cheers
    Jean-Yves
     
  56. roadkill

    roadkill Super Moderator Staff Member Member

    Yes I would be interested in your changes
     
  57. jyavenard

    jyavenard Network Guru Member


    Ok, let me finish writing some code so it starts automatically so I don't have to run it by hand after a reboot , clean it up

    And I'll post a link here
     
  58. jyavenard

    jyavenard Network Guru Member

    Tomato 1.18 with PPTP and SNMP support

    Here it is.

    Unfortunately, creating a simple/small diff file is complicated by the fact that there are binaries in the distribution.

    The binary are there:
    http://www.avenard.org/wrt54-tomato/tomato-118-vpn.zip

    source code:
    http://www.avenard.org/wrt54-tomato/tomato-118-src.vpn.tar.bz2

    How to compile:
    Create the tomato source code
    then:
    %cd tomato/release/src
    Remove the linux and router directory
    %rm -rf linux router

    Extract the source
    %tar jxvf /path/tomato-118.vpn.tar.bz2

    Build the linux.
    %cd linux/linux

    the original .config is also saved as config.vpn

    %make menuconfig
    quit and save when asked
    make depend
    %cd ../.. (to go back in src)
    %make

    I haven't changed any of the web interface.
    The following nvram values are used:

    SNMP:
    "snmpd_run" - if 1 will start the snmp daemon. Can't change the settings for snmp (stored in /etc/snmpd.con)

    Thinking about it, I should make this "snmpd_enable" instead

    PPTP Client:
    "pptp_client_enable" : start the vpn if set to 1
    "pptp_client_peerdns" : if not defined or 0, automatically retrieve the automatic DNS settings from the VPN
    "pptp_client_mtu : set the mtu value, default is 1450
    "pptp_client_mru : set the mru value, default is 1450
    "pptp_client_nat" : allows to share the VPN connection over NAT
    "pptp_client_srvip : IP / hostname of the PPTP VPN server
    "pptp_client_srvsub" : Subnet of the VPN network like 192.168.0.0
    "pptp_client_srvsubmsk" : Mask of the VPN network like 255.255.254.0
    "pptp_client_username" : username
    "pptp_client_passwd" : password

    Set additional pppd / mppe settings:
    "pptp_client_mppeopt"
    Like "require-mppe" (check man pppd to see the available option)

    Looking at it, I should add the option to set the default route to the VPN.

    The crypto / mppe kernel modules are extracted from kernel 2.4.35 in dd-wrt 2.23 sp2
    pppd, pptp_client etc is extracted from dd-wrt v24 and http://pptpclient.sourceforge.net/ and http://sourceforge.net/projects/poptop

    The script to start and stop the vpn is also from dd-wrt, modified for tomato

    I've only tested it on my WRT54GS (with 32MB of RAM/Flash), I believe it will fit without problem in the WRT54GL as it's still smaller than dd-wrt. snmpd is rather memory hungry

    I'd like to know what toolchain dd-wrt is using, cause they manage much shorter binaries than what I compiled (though I didn't try to optimise)

    Been running this firmware for 3 days straight, it's been rock solid.

    Edit: you can also follow some instructions there, in particular how to configure the dns server based on the domain requested
    http://www.dd-wrt.com/wiki/index.php/Static_PPTP_VPN_Client

    Cheers
    Jean-Yves
     
  59. roadkill

    roadkill Super Moderator Staff Member Member

    thanks..
     
  60. HarshReality

    HarshReality Network Guru Member

    RK... how go the alterations to allow GPIO selection or alteration?
     
  61. xcooling

    xcooling LI Guru Member

    Is tomato mod dead ?
     
  62. roadkill

    roadkill Super Moderator Staff Member Member

    no, I simply lack the time to make additional versions.. but 1.19 is planned..
     
  63. gizmosforyou

    gizmosforyou Addicted to LI Member

    Request for serial mod enhancement

    I've been enjoying Tomato for a while and chanced upon your post while searching for ways to get a some serial communications stuff installed on the router with Tomato firmware. Your firmware mod with serial stuff really has most of what I was looking for. Couple of additional things I was looking for were "ser2net" application (net to com mapping - serial device server) and a way to dissociate the console from the first serial port (to use both serial ports for applications). This would make the serial mod on the box really, really great.

    However, I am a newbie and is probably missing some easy way to do this using just "stty" and "setserial". If that is so, then please drop some hints!

    Appreciate it if you could look into the possibility of including these in your next build.

    Thanks!
     
  64. vinbunt

    vinbunt Guest

    When will the new version be ready? I am using WHR-G125 and your current version is not compatible with my router. Only works with 1.19ND. I am using the 1.19ND right now and I like it a lot. But I need OpenVPN, because I am currently residing in China and the stupid censorship is driving me crazy. Including my router I am practically behind 3 firewalls. I can't connect reliably with just a OpenVPN client on my pc. I was trying out DD-WRT 24 RC7 VPN, but is not stable and too much things I don't need. And connecting to my OpenVPN provider was possible but not stable. Thanks
     
  65. MiBz

    MiBz Network Guru Member

    Need help on setting up VPN (fast) please :)

    Hi guys, (btw Roadkill thanks for all your work on getting this mod to all of us!

    Need some help in setting up a roadwarrior type VPN setup using a WRT54GL fast. Not sure if it's realistic, but I have to be away as of Friday morning for 10 days and absolutely need to be able to access my home office lan files while away.

    Here's the basic setup:

    Home office lan = 10.1.0.xxx 255.255.255.0

    I've installed OpenVPN on my laptop and created keys for the WRT VPN server as well as client keys for laptop.

    Can one (or many) of you VPN gurus spoon feed me on what scripts/configs I need to insert on the WRT and my OpenVPN laptop client so that I can connect and have full access to my lan ?

    I'm really pressed for time and would really appreciate it.

    Thanks guys.
     
  66. roadkill

    roadkill Super Moderator Staff Member Member

    you can use Splat's tutorial HERE

    R
     
  67. bigclaw

    bigclaw Network Guru Member

    Will this one static key work for a number of clients who will not access the VPN at the same time? In other words, is the key file locked to the machine on which it is generated on? Can I copy & paste the same key file onto multiple clients and VPN from at most one at a time?

    Thanks.
     
  68. MiBz

    MiBz Network Guru Member

    Thanks roadkill, but isn't Splat tutorial using a tap client config ?

    I want to create a client (tun) tunnel (for my laptop) to the WRT so I can access my LAN. So I guess I'd need to use a client IP other than the LAN subnet for the tun. Will this automatically route to the internal lan subnet 10.1.0.xxx/24 ?
     
  69. gizmosforyou

    gizmosforyou Addicted to LI Member

    Thanks Roadkill for putting Ser2Net on the 'Things to Do' list!

    I was wondering if any experienced users here have an answer to my second question. Is there a way to stop the console sending messages to /dev/tts/0 (the first serial port) so that I may use that port also for connecting other devices? Or has it to be a mod to the source code?

    I am a total Linux noob and a C illiterate. Can any experts here tell me what to look for in the souce code to disable the console to serial port association? (BTW, by following the tutorials and the raedme file, I was able to compile Tomato from souce)
     
  70. roadkill

    roadkill Super Moderator Staff Member Member

    it should work either way since you're using OpenVPN client on a computer your virtua vpn interface will dhcp the remote network for IP address so it will be possible to access the remote network.

    R
     
  71. gizmosforyou

    gizmosforyou Addicted to LI Member

    I was trying to compile Tomato Mod v1.16.1374 - Source Code but I get the following errors:

    Code:
    make[2]: execvp: mipsel-linux-gcc: Not a directory
    make[2]: Entering directory `/tomato/tools-src/uClibc'
    rm -rf include/bits
    mkdir -p include/bits
    can't find file extra/Configs/Config.
    make[2]: *** [include/bits/uClibc_config.h] Error 1
    make[2]: Leaving directory `/tomato/tools-src/uClibc'
    make[1]: *** [libc] Error 2
    make[1]: Leaving directory `/tomato/release/src'
    make: *** [all] Error 2
    Not sure what is causing this. Any help?

    Thanks!
     
  72. roadkill

    roadkill Super Moderator Staff Member Member

    cross compiler gcc isn't in your path?
     
  73. valnar

    valnar Network Guru Member

    I would be interested in a PPTP server. I'm sure others would too!

    Robert
     
  74. jockel

    jockel LI Guru Member

    Hi,
    Absolutely! A PPTP Server is the only thing I miss in Tomato!
     
  75. LexxM3

    LexxM3 Guest

    Firewalled client troubles

    Hi everyone,

    I am new to OpenVPN -- please have mercy :). Having some OpenVPN troubles and hoping for some help.

    The setup: basically identical to the first 1-to-1 setup as described by _SPLAT_ in the 3rd post (thank you _SPLAT_). Server setup: WRT54GL router with "TomatoMod VPN/SERIAL flavor 1.16.1374" firmware (thanks you Roadkill!!!). Client is openvpn-2.1_rc7 on WinXP SP2. Server is on a static routable IP. Client is behind various firewalls/routers, e.g. WRT54GL with stock firmware. Using bridged mode i.e. TAP interface.

    The problem: when client-side firewall is configured to place client machine in DMZ (or equivalent with a fully open port forwarding rule), client has no problem connecting to server. However, when client-side firewall is "normal" i.e. not every single port open, client machine never receives any packets from server and, thus, fails to connect (above is figured out with Wireshark running on client, and observing logs on server). It does not work even if port 1194 is specifically opened, but it does work when ports 1024-65000 are open.

    When it doesn't work, I am observing something like this:

    client -> server (s=random1,d=1194)
    server -> client (s=1194, d=random1)
    client never receives above packet or any other packet from server

    Is this enough info to ask for any ideas?

    Thanks in advance!

    Lexx

    (P.S. Yes, I know, the obvious idea is to just do what works i.e. place the client in a DMZ or equivalent. While this is good for debugging, this isn't a viable general or long-term solution for many reasons, however. I don't want to pollute this discussion with those reasons, but if anyone is interested, I can.)
     
  76. i1135t

    i1135t Network Guru Member

    Any updates on the 1.19 version? I'd like to flash, but waiting... thx!
     
  77. hrts

    hrts LI Guru Member

    Hi. I am a new tomato user -1.16 (less than 12 hours :D) but an old DD-WRT user.
    First of all: a big thank you for this firmware :smile:. I got double WiFI speed if I compare with my old DD-WRT firmware. And less processor usage for this high speed.

    My comments about this firmware:

    1. I have quite big openvpn.conf file - over 4096 byte size. I cut all nice comments, all route manipulation, but still I got 5KB size - too big for wan up script. Solution: all file creation (ca.crt, server.key, dh1024.pem) are done now in init script and the rest of openvpn.conf in wan up script. In this way I managed to respect the 4096 bytes size limit for each script
    2. SSH does not accept the key. This is quite strange due to the fact that the key works for SSH under DD-WRT. I also created a new key with putty key generator, but the interface tells me that is not a valid key. I need this key in order to generate a schedule that downloads the OpenVPN logs and save them as traffic records.


    Some questions please:
    1. DHCP - how can I send the domain suffix to my DHCP clients? It's handy especially in combination with DDNS.
    2. Router uses DDNS with no problem. However, when I ping the DDNS name I got as return the WAN IP. How can I get instead the local LAN IP (as I get under dd-wrt)? For the moment I've edited the host file on my laptop...but this is a short term solution.
    3. Logs. In openvpn.conf I've instructed myvpn daemon to generate 2 log files: one for status and one for connections. How can I see these logs from the Tomato web interface? I've tried the find function with full path of the files (/tmp/var/log/openvpn.log and /tmp/var/log/openvpn-status.log). Until I will generate a script to download theme over SSH (and make SSH to work with static key) to a local PC periodically I need to check them over the web interface.

    Thank you.
     
  78. fabian2_de

    fabian2_de LI Guru Member

    Improvement

    Hey Guys!

    I have to manage a network with about 10-15 members. This is due to the fact, that I let rooms to foreign students. They just come and go every 4 months. Everytime one is arriving, I have to add him to the wireless filter, so he can access the internet. But as well as this, I add him to the static dhcp
    list, so he always gets the same ip address.
    For making my life alot easier, I wrote a patch for Tomato which adds a checkbox to the Static DHCP list. This box allows you to add a pc to the wireless filter, too. Thus, you need only 2 clicks to add a new member. (One on the device list, one in the dhcp list)

    I asked Jon if he's going to put the patch into the mainstream release, but I didn't got an answer by now. Maybe roadkill is going to use it.
     

    Attached Files:

  79. conanxu

    conanxu LI Guru Member

    hello,roadkill. i try to upgrade busybox 1.9.1 for tomato source, only replace the directory of busybox. but it can not work. how did you upgrade busybox. can you tell me the method? thank you
     
  80. roadkill

    roadkill Super Moderator Staff Member Member

    busybox 1.9.1 needs to be patched for mipsel first...
     
  81. conanxu

    conanxu LI Guru Member

    thanks,roadkill.
    can you tell me how to be patched for mipsel? i need the command arp, but in busybox 1.2.2, it doesn't have the command.
     
  82. roadkill

    roadkill Super Moderator Staff Member Member

    why don't you use the pre-patched version from 1.16 with these compiling commands
    Code:
    	$(MAKE) -C busybox ARCH="mipsel" CROSS_COMPILE="mipsel-uclibc-" CFLAGS="-mips2 -O1"
    
    ## bb 1.9.1 install routines
    	rm -rf $(INSTALLDIR)/busybox
    	$(MAKE) -C busybox install CONFIG_PREFIX=$(INSTALLDIR)/busybox ARCH="mipsel" CROSS_COMPILE="mipsel-uclibc-" CFLAGS="-mips2 -O1"
    
    
     
  83. conanxu

    conanxu LI Guru Member

    ok, i will try. is this code append to Makefiles in the directory router?
     
  84. conanxu

    conanxu LI Guru Member

    when i compile the source files,it has some errors.how can i solve it?thanks
    Code:
    util-linux/setarch.c:10:29: sys/personality.h: No such file or directory
    util-linux/setarch.c: In function `setarch_main':
    util-linux/setarch.c:26: `PER_LINUX' undeclared (first use in this function)
    util-linux/setarch.c:26: (Each undeclared identifier is reported only once
    util-linux/setarch.c:26: for each function it appears in.)
    util-linux/setarch.c:28: `PER_LINUX32' undeclared (first use in this function)
    util-linux/setarch.c:41: warning: implicit declaration of function `personality'
    make[3]: *** [util-linux/setarch.o] Error 1
    make[2]: *** [util-linux] Error 2
    make[2]: Leaving directory `/root/WRT54G/tomato/release/src/router/busybox'
    make[1]: *** [busybox] Error 2
    make[1]: Leaving directory `/root/WRT54G/tomato/release/src/router'
    make: *** [all] Error 2
    
     
  85. roadkill

    roadkill Super Moderator Staff Member Member

    I simply add the Busybox includes path to main includes path...
     
  86. conanxu

    conanxu LI Guru Member

    thanks, now it works will. i have upgraded busybox to 1.10.1.
     
  87. mstombs

    mstombs Network Guru Member

    I see in the changelog for busybox 1.10.1 it now includes a sendmail program, presumably this will be a tiny addition to the busybox binary?
     
  88. elkabong33

    elkabong33 LI Guru Member

    Help please!!! - Router crashes everyday unless I reboot!

    Hello All,

    I am running 2 x Buffalo WHR-HP-G54 routers with Tomato v1.10.1189 with OpenVPN Mod in different locations but the routers seem to crash everyday within minutes of each other.

    The routers are constantly receiving VoIP traffic all day through the VPN tunnel for about 18 hours each day. If I reboot the routers early in the morning they work fine for the day without any problems. If I forget to reboot them they both crash within about 30 hours of the last reboot.

    I tried using v1.16.1374 and v1.14.1291 but had the same issue, hence this is how I ended up going back to v1.10.1189.

    Has anyone got any recommendations for this problem? Does anyone have any suggestions for a more powerful router maybe with more RAM and a better CPU?

    regards,

    Elkabong33
     
  89. somms

    somms Network Guru Member

    Was having the same type issue.

    My solution was to upgrade a pair of routers to Linksys WRT160Ns and dumped Tomato in favor of DD-WRT RC7 w/VPN...been running solid for a week now...
     
  90. bronzemaxell

    bronzemaxell Network Guru Member

    openvpn on WRT54GL performance

    sorry if this has been discussed many time, and i didn't read every single post on this thread, my question is , what is the max throughput speed i suppose to get on WRT54GL with tomato v1.16 1375 openvpn as server on fios 15mbps/15mbps, and xp pro, p4 1.7ghz 768mb ram, running openvpn 2.0.9 gui 1.0.3 as client on 7.1mbps/768kbps. i was hoping can get 5mbps transfer speed on my client download, but only getting around 2mbps.

    i am interested to see a reference speed of where i should be at. the two networks are within verizon network, if i do a tracert on my PC, it only show 5 hops including a hop on my home router. pings are in 30ms

    if i were to do a speed test on my fios side using www.speedtest.net, i am getting 14,500 kbps up and down, so i know i fios is indeed capable of uploading about at 15mbps max.

    not sure if router cpu is the bottleneck or my PC.
    any input will be appriciated.
     
  91. humba

    humba Network Guru Member

    2mbit/s sounds about right - it's the value that's been thrown around here and the bottleneck is the router CPU. Unlike actual VPN routers that have an encryption/decryption accelerator board, your WRT has to do everything on the CPU and it's not a particularly powerful one.
    I've seen 20mb downloads go up to 500KB/s at work but I haven't done a dedicated test yet and small files and webbrowsers aren't a particularly reliable way to measure things, plus my work setup is a site to site vpn on a lan so you cannot compare that with links over the Internet where there are all kinds of factors to reduce your speed.
     
  92. ikarusx3

    ikarusx3 LI Guru Member

    Try to monitor the router's cpu usage while transferring at full speed, if it shows you 100%, its pretty sure the router. best tool would be top.
    if its the router try to tweak the encryption settings...

    i dont think the pc would be a problem because it pretty sure is able to handle more than 250kb/s.
     
  93. bronzemaxell

    bronzemaxell Network Guru Member

    i was looking at my tomato cpu usage and it was at 0.25/0.30/0.28 for cpu load 1, 5, 15 minutes

    i tried two different tests,
    1st test was windows file transfer of media file i get around 4 to 6 mbps, not sure if that is the max my PC can do.
    2nd test was on video streaming traffic using slingbox, flucutating between 220 to 260kByte per sec.

    can i use QOS to tweak the video traffic to a higher rate?



    here is my openvpn client config on my pc

    dev tap0
    ifconfig 192.168.2.102 255.255.255.0
    secret static2.key
    proto udp
    remote xyz.dyndns.org 1194
    keepalive 10 60
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    cipher BF-CBC
    comp-lzo
    verb 3
    float
     
  94. ikarusx3

    ikarusx3 LI Guru Member

    for benchmarking, try to use a raw transfer mode, like ftp. this should give you pretty good info on speed.

    QoS would only do good if there is other traffic on the line, in idle mode you should get max speed without any special QoS settings. But check if QoS is enabled and try disabling it for testing. I think by default QoS limits outbound bandwidth, depending on traffic classification...
     
  95. bronzemaxell

    bronzemaxell Network Guru Member

    Name tomato
    Model Linksys WRT54G/GS/GL

    Time Mon, 12 May 2008 19:02:36 -0700
    Uptime 0 days, 00:37:50
    CPU Load (1 / 5 / 15 mins) 1.48 / 1.26 / 0.84
    Total / Free Memory 14.19 MB / 3,164.00 KB (21.78%)


    RX 160.50 kbit/s
    (19.59 KB/s) Avg 55.89 kbit/s
    (6.82 KB/s) Peak 190.06 kbit/s
    (23.20 KB/s) Total 4,093.81 KB

    TX 3480.17 kbit/s
    (424.83 KB/s) Avg 1223.91 kbit/s
    (149.40 KB/s) Peak 4351.94 kbit/s
    (531.24 KB/s) Total 87.54 MB



    here is the number i got, and i found i got best performance using my Dell inspiron 6400 duo core 1.73ghz with vista business, 1gb of ram, 200gb hard drive as a client openvpn.

    previously, i use a 1.7ghz p4 as client, and getting about half the speed, i am thinking the client openvpn cpu decryption also play a role.

    also i notice the cpu load is almost reaching 1.5, what is the max anyone has seen?
     
  96. jyavenard

    jyavenard Network Guru Member

    If you check the source code I've attached, the pptp server code is there. The makefile just needs to be modified to include it.

    I can have a look later if people really wants it
     
  97. nvtweak

    nvtweak LI Guru Member

    Hi roadkill,

    Could you tell me what version of Linux you use to compile this code? I'm having no luck with Debian or Ubuntu.

    Debian complains GLIBC_2.4 not found. Ubuntu complains

    Thanks for any help
     
  98. roadkill

    roadkill Super Moderator Staff Member Member

    I'm using Ubuntu 8.04 Kernel 2.6.24-16
    don't forget to relink /bin/sh to /bin/bash instead of /bin/dash..
     
  99. nvtweak

    nvtweak LI Guru Member

    ah, thanks for the tip roadkill.

    Have you had any luck compiling this for ND version? For example the Buffalo WHR-G125?
     
  100. valnar

    valnar Network Guru Member

    Official support with the GUI is what I'm after though. This is for other people too, not just me. (They run Sveasoft now)

    Robert
     

Share This Page