1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tomato Toastman's Releases

Discussion in 'Tomato Firmware' started by Toastman, Dec 18, 2011.

  1. though

    though Network Guru Member

    i would use

  2. kwanbis

    kwanbis LI Guru Member

  3. Spyros

    Spyros LI Guru Member

    I was running DD-WRT on a WRT-320N converted to E2000 for more than a year, i've used in the past Tomato but there was some features missing like lack of N support or 60K NVRAM, QoS with imq etc. Now im back with Tomato and i can say that Toastman releases are just WOW, everything is working out of the box, QoS is great and needs just a little adjusment, IPv6, web interface feels lightweight without the absence of options, i have my adblocking.

    I'm amazed with the progress that Tomato made and now i'm not changing back, big thanks to Toastman and the other guys.
  4. kwanbis

    kwanbis LI Guru Member

    OK, so I downloaded that file, opened my TOMATO GUI, and then flashed it.

    Now, the router is on, but I get no connection through ethernet (identifying) and wireless do connects, but I can not access the admin GUI.

    I used the ASUS firmware restoration utility + the original tomato firmware, and now is working again.

    Any ideas?
  5. though

    though Network Guru Member

    ya flash it again and tick 'thorough nvram erase'
  6. Spyros

    Spyros LI Guru Member

    Assign a static IP on your network card eg DNS then go to the routers web interface and enable DHCP, configure the router, set back your network card to defaults.
  7. kwanbis

    kwanbis LI Guru Member

    I did tick the 'thorough nvram erase'. I would try again then.
  8. kwanbis

    kwanbis LI Guru Member

    Ah, I see. I would also try that, thanks.
  9. though

    though Network Guru Member

  10. mike2246

    mike2246 Networkin' Nut Member

    Just flashed my Asus RT-N16 with the latest version and love the Web monitoring but how do I get it to Save the Website/Web Search logs to a Flash drive/FTP Server or to a PC?
    and is there anyway to have it save more web history?
  11. gs44

    gs44 Networkin' Nut Member

    Flashed my E3000 and E2000 with latest RT-7496 Build and everything is working great so far!!
  12. BikeHelmet

    BikeHelmet Networkin' Nut Member


    I have some QOS changes. When I flashed my router, I saw that all the gaming stuff was XBox360/console crud. I don't have any consoles - I'm exclusively a PC gamer, and as such I've built up quite a ruleset for all the games I play.

    The most important ones:

    UDP - Dst Port: 27000-27050 - Steam Games (~80% of them)
    TCP - Dst Port: 27000-27050 - Steam Bulk Downloads (+ ~20% of Steam games)
    TCP/UDP - Dst Port: 7777-7780 - Borderlands, MondayNightCombat, Magicka (at one point), Minecraft (my fav servers use it for some reason), etc.; very common ports for indie games to use, too.
    TCP/UDP - Dst Port: 6112-6120 - Blizzard stuff. Originally it was 6112-6114, but apparently with WoW and newer Blizzard games all ports up to 6120 may be used.

    Those are the most important ones. Most of those rules cover at least a dozen games each. Some might cover hundreds. (Certainly the 27000-27050 rules cover every Valve/source game or mod to date, plus many others - and all downloads off the Steam network)
  13. szpunk

    szpunk Networkin' Nut Member

    Hi, i use Tomato Firmware v1.28.7495 MIPSR2-Toastman-RT K26 USB VPN with ASUS RT-N16.

    I enable IPv6 for anti-GFW(China,you know...),6in4 static tunnel,DDNS with HE.net IPv6 tunnel broker,everthing is fine before i running uTorrent.

    uTorrent start half a minute later(It established many connections,include some IPv6 connections),I will get the very high time when I ping the router,800ms+.

    If I uncheck IPv6 protocol binded my network adapter,or I disable IPv6 on my router,the high ping was gone.

    I try disable/enable QoS, try replace RT-N16 by Netgear WNR3500L with same firmware, try replace onboard network adapter by Killer 2100,no help at all.

    So, what's wrong ? Help plz.

    Sorry my english..
  14. rhdcheme

    rhdcheme Addicted to LI Member

    I am running Tomato Firmware v1.28.0496 MIPSR2-Toastman-VLAN-RT-N K26 USB Ext on an E4200. I have set up one guest network following the instructions at http://code.google.com/p/tomato-sdhc-vlan/wiki/MultiSSIDHOWTOForE3000. In checking inSSIDer, however, I noticed that TWO guest networks with the same name appear - one with a MAC address with all zeroes and manfacturer as XEROX CORP. The other guest network looks OK, showing the correct MAC address and Cisco as manufacturer.

    Is this normal??

  15. Elfew

    Elfew Addicted to LI Member

    Hi Toastman, can you add support for Captive portal to you firmware? This feature was in your build last year... but its outdated:( thank you...

    And one question - what is the biggest different between your and Victek firmware? Wiki is confusing, I think we need detailed information about every mod
  16. ladysman

    ladysman LI Guru Member

    Captive Portal is in his firmware i'm using for my RT-N66U. I'm not using it (yet) but it's there.
  17. Elfew

    Elfew Addicted to LI Member

    I have the newest version for RT-16N VLAN but I cant find it :(
  18. kthaddock

    kthaddock Network Guru Member

    In the list to the LEFT, between "Access Restriction" and "USB and NAS".
    tomato-K26USB-1.28.7496.1MIPSR2-Toastman-VLAN-RT-V PN-NOCAT.trx
    Elfew likes this.
  19. Elfew

    Elfew Addicted to LI Member

    Ohh thank you!!!
  20. kthaddock

    kthaddock Network Guru Member

  21. brainz

    brainz Networkin' Nut Member

    Another comment on WDS instability...

    My main router: (Shibby) tomato-E2000-NVRAM60K-1.28.RT5x-MIPSR2-083V-IPv6-VPN
    2nd router for WDS only: tomato-F7D3302-1.28.7495.3MIPSR2-Toastman-RT-Mini
    This combination is stable for >20 days.

    So I gave tomato-E2000-NVRAM60K-1.28.7496.1MIPSR2-Toastman-RT-Std a shot again on my primary router and it barely held up 15 minutes before it crashed and rebooted. The second router then shows up in the device list as wds0.1, but I can't connect to it until I reboot this one as well.
    Flashed the E2000 to Shibby 085V and things are perfectly stable again, so there is definitely something wrong here.
    This has been happening since build 7489+.

    7483.2 is labeled as WDS stable, but I've found 7487 stable as well.
  22. Toastman

    Toastman Super Moderator Staff Member Member

    That's interesting, I'll take a look to see if anything obvious changed.
  23. shadowken

    shadowken Networkin' Nut Member

    Toastman ,

    I'm using Tomato Firmware v1.28.7495 MIPSR2-Toastman-VLAN-RT K26 USB VPN-NOCAT and tried to overclock the router's cpu speed from 532 MHz to 600 MHz and rebooted the router to take effect , the problem is in Overview tab shows that cpu still running at 532 MHz , "Previous WAN IP" doesn't change no matter how many time i rebooted but actually noticed that the router throughput becomes much better , faster , and QOS/BW limiter performs better than before .
    and plz if you can compile a new build with "String match" module as i really need it :confused:
    Thanks .
  24. RonV

    RonV Network Guru Member

    I have a question about SIRQ and downloading files. Today I was downloading an disk image from Microsoft and I noticed that SIRQ was using 35 to 40% of the CPU. My internet download speed is running along at about 13 to 14 mbps. Is this normal? When I ran top I didn't find any other process using more than 2% of the cpu. This is happening on my ASUS RT-N16.

    Here is a snapshot of top:

    Mem: 26484K used, 100548K free, 0K shrd, 3272K buff, 10124K cached
    CPU: 0% usr 0% sys 0% nic 60% idle 0% io 1% irq 37% sirq
    Load average: 0.00 0.03 0.00 2/33 24944
    1031 1 root S 1108 1% 0% miniupnpd -f /etc/upnp/con
    24944 24887 root R 1716 1% 0% top
    2108 1 root S 2984 2% 0% /etc/openvpn/vpnserver1 --
    1029 1 root S 2572 2% 0% httpd
    1032 1 root S 1724 1% 0% udhcpc -i vlan2 -b -s dhcp
    3975 1 root S 1724 1% 0% crond -l 9
    24887 510 root S 1720 1% 0% -sh
    322 321 root S 1716 1% 0% /bin/sh
    510 1 root S 1712 1% 0% telnetd -p 23
    3964 1 root S 1708 1% 0% klogd
    3962 1 root S 1708 1% 0% syslogd -R 192.168.xxx.xxx:
    1 0 root S 1372 1% 0% /sbin/init noinitrd
    320 1 root S 1352 1% 0% buttons
    321 1 root S 1320 1% 0% console
    9154 1 root S 1240 1% 0% cstats
    529 1 root S 1028 1% 0% rstats
    9119 1 nobody S 940 1% 0% dnsmasq -c 1500 --log-asyn
    281 1 root S 752 1% 0% hotplug2 --persistent --no
    380 1 root S 736 1% 0% p9100d -f /dev/usb/lp0 0
    523 2 root SW< 0 0% 0% [cifsd]
    89 2 root SW< 0 0% 0% [mtdblockd]
    4 2 root SW< 0 0% 0% [events/0]
    45 2 root SW 0 0% 0% [pdflush]
    3 2 root SW< 0 0% 0% [ksoftirqd/0]
    521 2 root SW< 0 0% 0% [cifsoplockd]
    44 2 root SW 0 0% 0% [pdflush]
    47 2 root SW< 0 0% 0% [aio/0]
    2 0 root SW< 0 0% 0% [kthreadd]
    339 2 root SW< 0 0% 0% [khubd]
    46 2 root SW< 0 0% 0% [kswapd0]
    5 2 root SW< 0 0% 0% [khelper]
    18 2 root SW< 0 0% 0% [kblockd/0]
    522 2 root SW< 0 0% 0% [cifsdnotifyd]

  25. stuntsy99

    stuntsy99 Networkin' Nut Member

    Its normal:

    "This is expected, all the network routing is done in software, so your router is extremly busy servicing Ethernet interfaces interrupts. There is not much we can do about it."

    From: https://dev.openwrt.org/ticket/7356
  26. RonV

    RonV Network Guru Member

    That is what I thought. When we used to use ISA Ethernet adapters they didn't offload any work and would hit the CPU really hard with interrupts during large data transfers and then they went to PIO. I was not sure if Broadcom used the same technique with their system on a chip.
  27. frojnd

    frojnd Networkin' Nut Member

    Hi there. I have a question regarding captive protal. I have linksys WRT54GL v1.1 and I have currently: kernel 2.4 - tomato-ND-1.28.7632.3-Toastman-IPT-ND-VPN

    I know that captive portal is currently possible with gui only in victek raf version but it's possible to do it in toastman release as well in command line? http://www.chillispot.info/chillifo...p-openwrt-as-a-captive-portal-on-wrt54gl.html this is on open wrt but the packages installed are:
    monit I think some packages are already installed and built in toastman release. The most biggest problem I see are the dependencies whick ipk install automatically. I have no idea how hard would this be to achieve on toastman release. Any ideas what would be the most elegant solution to enable captive portal on toastman release?
  28. Toastman

    Toastman Super Moderator Staff Member Member

    ???? It's been there for a long time. You need the NOCAT version.
  29. Toastman

    Toastman Super Moderator Staff Member Member

    You can only change processor speeds if the new setting is in the table of supported frequencies for that router. Usually, if you specify a setting that isn't in the table, the router will usually either choose the nearest known frequency that is supported or revert to some hardware default, which may be rather slower than you were expecting. Wrong settings can brick some models of router.

    I'm assuming that you have the E3000 still. The processor in the E3000 does not support 600MHz and therefore the change of setting actually didn't do anything at all :D

    Also, would people please take note that you can't use 60K builds on routers that don't have 60K of NVRAM ! No more PM's trying to "negotiate" this please!
  30. Morac

    Morac Network Guru Member

    Okay maybe I'm just dense here, but for the life of me I can't get the IP Traffic stats (cstats) to restore if I stop and start the cstats service on my E3000 running tomato-E3000USB-NVRAM60K-1.28.7495.2MIPSR2-Toastman-RT-VPN. I wanted to backup all the /tmp/var/lib/misc/cstats-* files and then restore them after the router restarts. I can do that fine, but I'm finding that it doesn't matter if there are any cstats-* files in the /tmp/var/lib/misc/ directory, when the cstats service starts. They are simply ignored and all the stats reset to 0. It doesn't look like cstats even reads in the cstats-* files when the service starts.

    Also trying to restore the the IP traffic stats from the Administration -> IP Traffic Monitory page puts up a "Error reading file" error. That's easy to get by simply backing up the stats and then immediately trying to restore them.

    Basically it's impossible to restore the cstats via the web interface and simply doing a "service cstats stop" followed by a "service cstats start" resets the IP Traffic Monitoring stats.

    rstats restores without a problem, but not cstats. Is restore the cstats even possible?


    I think I might know why if I'm reading the code correctly. It looks like it will only load the old data if there is a specific save path specified. If the default path is used, cstats just assumes there's no data to read it and skips reading it. I tried putting "/tmp/var/lib/misc/" as a custom save path, but it didn't work at all when I did that. Am I reading that code correctly?

    That doesn't explain the "error reading file" error though.
  31. Toastman

    Toastman Super Moderator Staff Member Member

    March 9 2012 - 1.28.7496.2 Maintenance build, thanks to Shibby!
    • USB detection, old scheme first
    • Fix libusb error - now the 3G USB support should be working
    • Update miniDNLA to 1.0.24

    [Some people ask - Why? If a router/AP develops a severe problem it usually reverts to using with DHCP turned on, thus issuing the wrong IP's to clients on the network. By not using for an active router address, and setting DHCP on all routers and AP's off by default, this can't happen, and makes it possible to just remotely access the failed router on and reconfigure it].
  32. windozer

    windozer Networkin' Nut Member

    Does this mean I can now remove this init script line I've been using (which I picked from another thread about USB performance) "echo -n Y >/sys/module/usbcore/parameters/old_scheme_first"?
  33. ddotmada

    ddotmada Networkin' Nut Member

    I have a problem with the latest Vlan builds so far as far back as 1.28.0495.3 (haven't tested further) but when I use a virtual wireless interface I can not hit the save button after that has been done. The only way to be able to is to default the router. This is with a E3000 router. Other problems are the overview loses all info after a virtual interface save and on the 1.28.0496 I get some weird initialize modem and other options in the basic network settings.
  34. brueggma

    brueggma Networkin' Nut Member


    Is it possible to include the subversions in the "About" page? v1.28.7496.2
  35. Toastman

    Toastman Super Moderator Staff Member Member

    I'll see what I can do ...
  36. frojnd

    frojnd Networkin' Nut Member

  37. thunderforce

    thunderforce Networkin' Nut Member

    I figured this is the correct thread to put this question, rather than start an entirely new thread:

    I just flashed "tomato-WRT54G_WRT54GL-1.28.7633-Toastman-IPT-ND-Std.bin" onto a WRT54G V3 router [stock firmware 4.21.1].

    Can I then flash "tomato-K26-1.28.7821MIPSR1-Toastman-ND-MiniIPv6.trx" from this toastman firmware that I just flashed? I tried to flash the miniIPV6.trx one when I had the stock firmware initially, but got the "invalid image file" message.


    Also, Toastman, keep up the good work.
  38. Herrmoo

    Herrmoo Networkin' Nut Member


    So I just recently got a E4200v1 with the intention to of using it to monitor and throttle usage of my network. Monitoring of usage is working wonderfully utilizing an attached usb drive for bw/iptraffic storage. However, enabling BW Limiting on even one client is causing the router to repeatedly crash until limiting is disabled. It only remains operational for about 10 seconds between crashes. Is this a known issue, and are there any logs I should post to assist in this getting fixed?

    The build I am using is tomato-E4200USB-NVRAM60K-1.28.0496.1MIPSR2-Toastman-RT-N-Ext
  39. Toastman

    Toastman Super Moderator Staff Member Member

    frojnd - yes, once you have Tomato on the router you can flash .bin or .trx files.

    Herrmoo - This issue has cropped up before on many versions. It doesn't seem to happen here, so I can't help you much with that. But now that the QOS has a better ingress system, I am thinking of removing the bandwidth limiter altogether. Certainly the default limit seems to have had more than its fair share of troubles.
  40. rhdcheme

    rhdcheme Addicted to LI Member

    To answer my own question, a power down reboot got rid of the phantom "XEROX" guest network with MAC all zeroes.
  41. EOC_Jason

    EOC_Jason Networkin' Nut Member

    Hi Toastman & Others,

    Sorry I dropped off from participation a few months ago, sometimes life just keeps you too busy...

    Happy to report that I've been running 1.28.7483 and the router's uptime is: 180 days, 20:54:43

    Been perfectly stable, no reboots (obviously), or anything else. I even go in and make minor changes from time to time.

    Going to get caught up reading the CHANGELOG and some of these threads to see what is new and has changed. Hope I can start to participate again at least on a semi-regular basis. ;)

    Thanks again Toastman for such an excellent firmware.
    BikeHelmet likes this.
  42. mito

    mito LI Guru Member

    Hi EOC_Jason, wellcome back!
    I fully get you, same happens to me, also running Toast 1.28.7493 on my RT-N16 and not a single issue, hope to have time to participate again and keep on learning from the Forum.
    Thx Toast!
  43. Aeon512

    Aeon512 Networkin' Nut Member


    I just flashed 1.28.7496.2 (VLAN) on my E3000 and have to report that OpenVPN seems to be broken.
    There is no problem to access other devices in my local network, but all other outgoing traffic seems to get stuck at the router. Sometimes it's just horrible slowly, mostly I don't get any connection at all. QOS is not activated. Any ideas why?
    I'm happy to help testing different thinks - just let me know.

    With 1.28.7496 (VLAN) everything worked fine,
  44. kthaddock

    kthaddock Network Guru Member

    Have you done a NVRAM reset after update your build and don't use backup file. reconfig by hand.
    Btw, OpenVpn working here, client and sever.

  45. Jaka

    Jaka Networkin' Nut Member

    What is new in this version 1.28.7633.1?
  46. Elfew

    Elfew Addicted to LI Member

  47. Toastman

    Toastman Super Moderator Staff Member Member

    Please ignore it, I was uploading test directories for 4shared staff to fix a bug. I deleted it when finished the test. It shouldn't really have been visible :-(

    The changelog for the real 7633.1 K2.4 MIPSR1 was:

    March 5 2012 - 1.28.7633.1

    - fixed typo in services.c

    - fixed QOS prios

    Mostly, nobody would notice anything, it's not a big change.

  48. Aeon512

    Aeon512 Networkin' Nut Member

  49. chunter2

    chunter2 Addicted to LI Member

    I've got a Rosewill RNX-GX4 running the latest toastman ND load that needs these command entered after I clear nvram to get the WAN port to work.

    nvram set vlan1ports="0 5"
    nvram commit
    This was taken from this post.
    Is this something that could be added to the ND version or is this something that is supposed to be fixed in the CFE?

  50. teaman

    teaman LI Guru Member

    Hey there! I wonder if we might be able to improve things and include this router in the list of 'known' devices supported by Tomato ;) Can you please run the following commands on your router and let us know the output?
    nvram show | egrep 'board|flags|model|boot|melco|vlan0p|vlan1p'
    If you could also provide a complete/full nvram dump, that could be even better (please remove any passwords and/or sensitive information).


    EDIT: it might be a good idea to create a whole new thread devoted/dedicated to discussions about including this router in the list of supported models ;)
  51. chunter2

    chunter2 Addicted to LI Member

  52. frojnd

    frojnd Networkin' Nut Member

    I don't know if this is the right place but still. I have 2 issues.

    a) Yesterday something odd happened on the network. While I wasn't able to browse the internet or navigate to toastman router's ip I could ping it and my torrents on the server were running and connected to the internet.

    Here is the log when this happened: http://paste.pocoo.org/show/565837/

    Can someone explain what migt happened? Is everything fine in the logs? The issue happened around ~19 o'clock

    b) I can't ssh to the router: when I try to ssh to it like this: ssh root@ I get

    Settings under Administration->Admin Access: Enable at Startum [checked], Remote Forwarding [checked], Port [22].

    So I ticked Remote Access [checked] and set port to Remote Port [10024] and it works. But I don't like remote access to the router! Why doesn't work without Remote Access ticked? What might go wrong. Do you need me to put some extra logs in here?
  53. Elfew

    Elfew Addicted to LI Member

    I need help.
    I am using TOASTMAN tomato-K26USB-1.28.7496.2MIPSR2-Toastman-VLAN-RT-VPN-NOCAT on ASUS RT-16N

    1)I have virtual wireless site (multiSSID) for my guests. I need to configure captive portal only for this virtual wireless site, not for my home wireless site... Is that possible? I have no idea how to configure right...

    2)Set priority of this guest site to low and limit its bandwitch...

    3)Schedule turning on/off this virtual wireless site - I dont have this option - I can only turn on or off my home wireless site, not the virtual one...

    Thank you very much,
  54. Mercjoe

    Mercjoe Network Guru Member

    Currently there are several things that are not multi VLAN aware. Things like NOCAT, access restrictions, and QOS are among those.

    Here are a few ideas.

    1) Use the main SSID for the guest network. NOCAT is currently configured to only work with that one. Use the 2nd+ SSID for your main network.

    2) Use the MAC address of the primary wireless to default all source traffic to a lower priority QOS rule thus limiting the amount of bandwidth priority.

    3) No can help there. You can use access restrictions to turn wireless on/off but that kills the whole radio. All wireless functions cease at that point.
  55. Elfew

    Elfew Addicted to LI Member

    So thank you! It would be awesome if Toastman or someone add this things to tomato... I think it is not very difficult... At least QoS and schedule option for virtual wireless...
  56. maple.chick

    maple.chick Networkin' Nut Member

    I wanted to report a possible bug in Virtual Wireless Interfaces. I'm using Toastman's latest K24 release, 1.28.7633.2.

    After following the Multi-SSID tutorial mentioned by teaman and configuring everything under Virtual Wireless Interfaces, I can't seem to 'Delete' the wl0.1 entry. I managed to disable it but can't delete it. All other entries I made in the course of the tutorial, I managed to delete them but nothing happens when I click on 'Delete' button on Virtual Wireless Interfaces.

    I'm using WRT54G-RG, its exactly the same hardware as WRT54G-TM.
  57. kthaddock

    kthaddock Network Guru Member

    Thats right you can only disable not delete when you one time create wl0.1 " that is not a BUG"
  58. maple.chick

    maple.chick Networkin' Nut Member

    Ah, didn't know this was by design but what is the reasoning behind this, kthaddock? Is it to avoid a NVRAM commit?
  59. Bigfleet

    Bigfleet Networkin' Nut Member

    hi toastman,

    I have a e4200v1, currently using linksys fw 1.0.04.

    i want to supercharge my E4200 to the toastman build. i require the 3g usb modem (huawei e353) support and of course the 5ghz signal

    i need to double check with you, is the correct build to use:

    Thank you.
  60. Toastman

    Toastman Super Moderator Staff Member Member

    That one is fine, yes.

    Don't forget to set a fixed IP on your PC ... DHCP is off by default on my builds.
  61. Bigfleet

    Bigfleet Networkin' Nut Member

    thank you for the reply,
  62. teaman

    teaman LI Guru Member

    Please have a look at the 'Notes' section on Advanced -> Virtual Wireless page (advanced-wlanvifs.asp):
    But your question still stands - what would the reasoning behind this? Simple: deleting WLVIFs hasn't been implemented just yet ;)

  63. Toastman

    Toastman Super Moderator Staff Member Member


    March 19 2012 - 1.28.7497 & variants

    There are 2 versions of the firmware.

    STD (stable) build for normal use

    VLAN-GUI (experimental) build for those who like to live on the edge .... :D

    This release sees the addition of PPTP Server & GUI by Teaman. There's also a web GUI to configure and monitor active connections to the PPTP server.

    You should consider the VLAN-GUI / Multi-SSID builds as "experimental" or "work in progress".

    - Minor multiLAN/wireless bugfixes

    - MultiSSID: fixes saving WL VIF settings when net mode is 'n-only' (5GHz radios)

    - Syslogd custom path improvements - rc:
    • preserve /var/log/messages if it's a file at syslogd restart
    • if we have a custom path set, check if it's a symlink (and remove/recreate it if necessary)
    - PPTP Server for Tomato (Ext, VPN Builds) - by Teaman
    • this commit possibly introduces some bugs, but here we go!
    • this version allows up to 6 IPs/users/concurrent connections (ppp4-ppp9)
    • broadcast relay has been included on the webUI, but hasn't been thoroughly tested
    - PPTPD: MPPE and compile bugfixes (batch #1)
    • attempt to fix some random decryption errors causing connections to become unusable. Clients had to disconnect/reconnect manually to fix the problem once it started to happen. The issue seems to be related with some parameters/settings being negotiated between clients and the PPTP server. Hopefully, these changes should prevent these problems from happening. See commit 3ef7e67858ecff04caf8197e381fa8b7c68c668e. Also, this commit should fix some build/compilation issues when merging this code into other branches
    - PPTPD: move webUI pages into 'VPN Tunneling' menu




  64. Dr Strangelove

    Dr Strangelove Networkin' Nut Member

    Doh! Just a few minutes ago, I installed the latest Toastman firmware on my E4200v1, now I check the forum and see there'll be an update.. [*sigh*] :) Oke. it's all good.

    I have a PPTP server on my E4200.. I wonder what'll happen to my existing setup. If that which is to be implemented in the Toastman firmware is as good and stable as what I have already.. that'll be super fan dangly...

    Is this what's been included in the build???? http://tomatousb.org/tut:configuring-a-pptp-vpn. I've manually configured that already. :)
  65. teaman

    teaman LI Guru Member

    Not exactly the same, but quite similar. Here's some key differences:
    * it doesn't require optware, since it's included/embedded in the firmware image
    * there's a web UI to configure and monitor active connections to the PPTP server

  66. though

    though Network Guru Member

    thanks toastman. your work is highly appreciated by many.
  67. Toastman

    Toastman Super Moderator Staff Member Member

    The credit belongs to Teaman, he did the work :)

    Dr. Strangelove, it will be good to get feedback from you as you already have experience with your own setup!
  68. though

    though Network Guru Member

    thanks teaman. you rock!
  69. alfred

    alfred Networkin' Nut Member

    Great! Can it be coexisted together with OpenVPN ?
  70. Mirko Baila

    Mirko Baila Networkin' Nut Member

    thanks teaman!!!
  71. CredoS

    CredoS Networkin' Nut Member

    Toastman Sorry for my English - I use Google translator
    It is like your firmware, but I can not get rid of the problem:
    very often the router CPU loads the process kl2tpd /0
    22 023 2 root SW <0 0% 98% [kl2tpd /0]
    22 021 1 root S 876 1% 1% xl2tpd
    22675 22670 root R 1720 1% 1% top

    then disappears and starts USB FLASH determined only after power off the router. The router at this time only handles torrent 25 files to speed at 3Mbit /c. Install any new firmware does not help solve the problem. Can a private message to tell user name and password from the router, if it helps solve the problem.
  72. Toastman

    Toastman Super Moderator Staff Member Member

    Credos, no other reports of this, maybe it is something new.

    What router and what version of Toastman are you using?

    Before try anything else, please erase NVRAM and reconfigure (do not use config. backup) and see if that fixes the problem.
  73. teaman

    teaman LI Guru Member

    Not entirely sure I understood your question, but here's some thoughts:

    Yes - it is possible to have both OpenVPN and PPTP servers on the same firmware/build and it should be ok to have both OpenVPN and PPTP servers running simultaneously on the same router.
  74. Dr Strangelove

    Dr Strangelove Networkin' Nut Member

    I have both PPTP and OpenVPN servers running on my E4200 OpenVPN server for notebooks and PPTP (Optware) server for Android.
    Both work fine with no problems. Even at the same time.
    So I'd assume the teaman introduction of PPTP server in the firmware will work without any drama along side OpenVPN.

    If I wasn't in bed I'd download it and test it.
  75. dvds_ok

    dvds_ok Networkin' Nut Member

    Hello, Toastman. Sorry for my english, it is not my native language.

    I'm using "Tomato-K26USB-1.28.7496.2MIPSR2-Toastman-RT-VPN-nocat" on an ASUS RT-N16.
    The problem is that anything you put in the 'Run after mounting' in the 'USB Support' is executed twice.
    However, what is in 'Run Before unmounting' only runs once.

    NOTE: this also happens in other FIRMS, for example in Tomato RAF.

    Thank you.
  76. Toastman

    Toastman Super Moderator Staff Member Member

    That's interesting, I will try to find out why.
  77. Toastman

    Toastman Super Moderator Staff Member Member

    Listen guys. There's some minor inconveniences for you getting files from 4shared.

    So what?

    You are getting firmware for free and yet you are bitching about having to enter some email address into the site to get it (once), and are too impatient to wait 20 seconds to download. It is this sort of self-centered nonsense that has driven most of the developers away already.

    Further posts/spam/PM's on this subject will be deleted.
    QSxx, eviltone, kthaddock and 4 others like this.
  78. Dr Strangelove

    Dr Strangelove Networkin' Nut Member

    PPTP Server
    Installed Tomato Firmware v1.28.0497 MIPSR2-Toastman-VLAN-RT-N K26 USB VPN on Linksys E4200v1​
    Selected VPN Tunnel -> PPTP Server​
    Enabled PPTP Server.​
    Entered five IP addresses in a new Remote IP Address Range distinct from my local LAN: -​
    Entered my local DNS Server​
    Added a PPTP Username and Password.​
    Saved settings.​
    The external settings of DDNS and NAT/Port-forwarding I already have set up so all I'm focusing on is the Teaman implementation of PPTP Server in the Toastman firmware.​
    Using my trusty Android phone I was able to connect via the PPTP server to my NAS without problems.​
    OpenVPN server is up and running with no problems as expected.​
    Haven't had a chance to use both PPTP and OpenVPN servers at the same time as my other 3G SIM cards have left the house. :)
    Different processes, different IP subnets, so no reason I can think of that could impact PPTP and OpenVPN working at the same time.​
    Things I noted.​
    1. I have nothing to base this on, but the connection handshake to the PPTP Server does seem faster than my previous Optware USB thumb-drive configuration. Subject to the mysteries of my mobile 3G network provider.​
    2. The usable password characters are more restrictive then I was using before. No biggie, but as PPTP is not the most secure VPN access method, I just liked to increase my odds of not having my password cracked. I had access to a greater range of characters in the POSIX regular expression [: punct:]. Now limited to [:alnum:] and a couple of [: punct:] characters. This is just an observation when compared to Optware and NOT a restriction or problem.​
    3. [big smile] Lots of debugging in the system log.... I'm guessing this'll be reduced in later versions when the requirement is no longer there. Which'll also speed the process up too. Guess I could tool around and take the debug statements out myself, but haye, I see the requirement for them to be there at this time.​
    I sort of think I should say something big and smart, but my PPTP Server requirements in the past were minimal and all I required was for my Android phone to be able to access my NAS in a secure fashion. Using Teaman's implementation of PPTP in Toastman's Tomato firmware this functionality has been retained and simplified. Great job lads.​
    By changing one character in my password, I now have the same service I had in my Optware PPTP server implementation (even same remote IP range) and NONE of the previous setup and configuration hassle to get a quick and basic PPTP server up and running.​
    Great work Teaman. Guess this now frees up your time to start work on an IPSec server... :D [read that as me joking...mind you..]​
    teaman likes this.
  79. Toastman

    Toastman Super Moderator Staff Member Member

    Thank you for that very informative feedback!
  80. chocsoup

    chocsoup Networkin' Nut Member

    I haven't been in this forum very long, so maybe it's not my place to say something like this, but if you are are hassling the selfless Toastman et al, then STFU! You're going to ruin it for all of us!

    Sure, 4shared makes us jump through some hoops, but it's free, OK?. If you think we all deserve better than 4shared then perhaps you could organize a "complainers co-operative FTP". A small bundle of T1s will only cost you a few thousand $$ per month.

    I for one am always amazed and very appreciative that talented, generous, and seemingly selfless people do this kind of thing for free.

    I'm sure it's OK to report bugs, and offer suggestions for improvement, and make requests for new features, but please don't complain. Why would you complain? You are getting more than your money's worth.

    I like my free firmware and I am very grateful for it.


    PS, is there a Paypal for the current Tomato forks? (I couldn't find one). If not, what are the favorite charities of the developers?
  81. PGalati

    PGalati Network Guru Member

    I apologize if this question has been answered already, but I was unable to find the answer. Toastman, do you anticipate providing Teaman's PPTP server into the MIPS1 builds, so that the WRT54G series can participate? Teaman and Toastman, thanks for all the hard work you guys put in to provide us with the functionality way beyond the original intent of the product.
  82. Toastman

    Toastman Super Moderator Staff Member Member

    I will get around to it soon, I expect. It doesn't get the same attention as the RT builds because there aren't so many people using the older routers these days.
  83. teaman

    teaman LI Guru Member

    I've been using a WRT54GL as my 'reference' hardware for development of new features for quite a while. There are some recent builds for MIPSr1 routers available here (if you're willing to give it a try):


    Here's a short tale about the history/origin of Teaman-ND builds: the whole thing got started/kicked-off via this forum, just a few months ago - when I realized others could benefit from some code I wrote for my personal use that was just lying there, on my hard-drive. That would be the VLAN GUI :)

    Over the following weeks/months, Teaman-ND builds sorta took their shape based on... the features I'd be using on my very own routers - as in for my very own/personal use - so, it was never about including every single feature out there (but making sure the things I was using... would also work just fine for others out there). As I said, those could be useful/interesting for other people, so releasing/sharing them sounded like a good idea ;)

    If you're wondering about what's different between Toastman-ND and Teaman-ND builds, this might help:


    It's a bit outdated (referencing vX021 builds), so here's a brief changelog of what's new on vX0023 builds, released just a couple of days ago:

    Hope this helps putting things in 'perspective' - helping people to understand what it is, where it may lead, and what it isn't.


    EDIT: and yes, Toastman and I have been coordinating our efforts/helping each other since the very first/early/experimental versions... so those enhancements should be expected to get into his builds soon.
  84. alfred

    alfred Networkin' Nut Member

    7497 PPTP VPN servers observations @RT-N16:

    1. two RT-N16 are already openvpn bridged, client ovpn = 7496.2 not upgraded.
    2. PPTP VPN server set to single-net.
    3. a laptop openvpn connected, an Android phone pptp simultaneously connected, all work fine.
    4. samba file sharing, windows network neighborhood also work fine on both sites.

    Please help to confirm:
    IPT traffic pages not work for the PPTP clients, but it does work for openvpn clients.
    Also please check Bandwith/Last 24Hrs graphic page, if it worked for ppp4...?

    Teaman, Toastman, Thank you for your efforts,

    keep on observing....

    ------- edit:
    pptp clients were not found in the Status/device List.
  85. CredoS

    CredoS Networkin' Nut Member

    ToastmanAgain, sorry for my english.
    I've been trying to deal with this problem.
    not once did 30/30/30 and prescribed all over again, changing the firmware for different versions tomato sauce. The latter is steadily working on tedybear 20.
    the problem is not only me,
    My router is N16 , L2TP
    Your latest firmware flashed on 20.30.2012 with a full cleaning, set up only the parameters of the provider, DHCP disabled, USB Flash is not mounted, all traffic monitors are turned off, QOS turned off, firewall, and scripts are turned off. Connect a computer with torrents, 25 files in the distribution of CPU load 3Mbit/c-
    Load average: 1.51 1.54 1.50 3/35 3968
    3245 2 root SW <0 0% 67% [kl2tpd / 0]
    3966 3962 root R 1720 1% 1% top
    3243 1 root S 876 1% 0% xl2tpd
    There are any ideas? or is it all right for such a load?
  86. SNR

    SNR Networkin' Nut Member


    Just wanted to say that this firmware has been incredibly useful in helping me to get my magicJack PLUS working on a four user network with no "chopiness". So much so that I just donated to the project via the "Make a Donation" button in the firmware. But after doing so it seems that this might not actually be going to either you or Teaman? If so, please let me know of a better way to send some ducats your way.

    Thanks also for supporting the venerable WRT54G series. These are good solid workhorse units and 802.11g is not about to go away anytime soon.

    Q. I've got tomato-WRT54GS-1.28.7633.2-Toastman-IPT-ND-Std.bin loaded on my WRT54G-TM. Where's the best place to report apparent bugs related to QoS classification? In this thread or somewhere else?

    Thanks again...
  87. javilin

    javilin Addicted to LI Member

    As a script I can add another dns3 ... for example non-ip

    Dynamic DNS 1
    Dynamic DNS 2
  88. BikeHelmet

    BikeHelmet Networkin' Nut Member


    I love it. I really do! The QOS is so much better than Tomato's original QOS. Thanks for all your hard work, Toastman/Teaman/Shibby/whoever!

    Hey, has anyone considered adding an NTP server to the firmware? I feel kinda bad about having lots of devices that all separately poll NTP servers.
  89. dvds_ok

    dvds_ok Networkin' Nut Member

    I use the file /etc/fstab in order to mount HD partitions at specific points (not /mnt). While testing, I saved that file again in the NVRAM and it seems that the problem has been fixed.

    Thank you.
  90. Monk E. Boy

    Monk E. Boy Network Guru Member

    An NTP server has been discussed a lot, going back to even before there was a Tomato build.

    The problem with installing an NTP server on these routers is that, to have any kind of accuracy, the router would have to poll it's NTP source very regularly since the internal clock has a massive drift rate. Is having a few devices poll a server (or, better yet, a pool of servers - like 0.pool.ntp.org) every day or so better than having one device poll a server several times a day?

    I believe there is an Optware NTP server available (or, at least, source available to compile an NTP server for Broadcom routers). But it'd be far easier/better to just setup a PC on the network with Linux (even Windows, once you hack the registry to enable the NTP server in the Windows Time service) and use that as the NTP server.
  91. w4rh4wk

    w4rh4wk Networkin' Nut Member

    Toastman & Teaman,
    THANKYOU THANKYOU THANKYOU for the pptp gui! I had been using the command line version of PPTP for a while now. I just happen to flash the lastest version on a test router and saw "PPTP server". So far its running on 3 E3000s and two RT-N16s. I've also tested it with Mac and PC platforms, as well as on 3 different ISPs: Comcast, Charter, & ATT. No disconnects or random reboots. I was running Tomato Firmware 7486 MIPSR2 RT K26 USB VPN prior. I did notice that with Tomato Firmware v7497 MIPSR2-RT K26 USB VPN my Teamspeak traffic was getting flagged as P2P (uTP, UDP) in QoS and set to "Crawl". I went back and saw that 7486 had P2P rule set to disable were the 7497 version had it as active. I just shut the rule off for now. Again thanks for the great work guys!
  92. Toastman

    Toastman Super Moderator Staff Member Member

    Bikehelmet - as Monk E. boy said, a local NTP server is really a somewhat pointless thing to have on a router. Your PC's don't poll NTP very often, and you should not feel any guilt over it. NTP servers serve time to almost every PC on the planet, that is their only function and the very reason for their existence. Every PC polls for time automatically within the OS, why make it more complicated for no reason ?

    w4rh4wk - Yep. You did the right thing. If there is no rule to specifically allow UDP for Teamspeak, it would of course fall into the CRAWL class. See if you can figure out how to classify Teamspeak traffic and give it some priority.
  93. Softcox

    Softcox Networkin' Nut Member

    Toastman/Teaman: Thank you kindly for the work on the PPTP server, very useful for people with iOS devices who can't use OpenVPN! I had the optware method set up and working but this is much "neater" :)
  94. BikeHelmet

    BikeHelmet Networkin' Nut Member

    It's awkward typing cryptic names like 0.north-america.pool.ntp.org into every device when it would be so much easier to remember my main router's IP. :p

    I figured if it was easy to implement, then why not? But if it's too much hassle and not enough gain, then that's fine.

    Thanks for the feedback. :)
  95. jsmiddleton4

    jsmiddleton4 Network Guru Member

    Trying xx97 and I can't see any files on my USB attached drive. I can see the folders but no files in each folder.....
  96. Toastman

    Toastman Super Moderator Staff Member Member

    Checked and all USB storage seems normal here. MiniDLNA was updated, do you mean that? However, that seems to work here too :confused:
  97. bucher

    bucher Networkin' Nut Member

    New firmwares should be called "Tea and Toast" :)
    airdrummingfool likes this.
  98. Rising68

    Rising68 Networkin' Nut Member

    Hi, thanks for all your work. I just updated a Linksys E2000 (converted from 320N) with firmware "tomato-E2000-NVRAM60K-1.28.0497MIPSR2-Toastman-RT-N-VPN". However, there is no PPTP server, just the client.

    I also installed the same version 1.28.0497 on an E3000, and here the PPTP server is available.

    So do not all releases feature the PPTP VPN server? Is there a firmware for E2000 (no USB) that features the PPTP server?

    Thanks again!
  99. w4rh4wk

    w4rh4wk Networkin' Nut Member

    Ok I figured out how to get Teamspeak 3 server and client out of the the "P2P (uTP, UDP)" classifications in QoS.

    Step one: See Photo on settings


    Step 2: This is important. Make sure the teamspeak classification has a lower "#" than the "P2P (uTP, UDP)" classifications. See Photo for an example.


    Lastly, here is the proof.


    Let me know if you guys cant see the photos, some ISPs block content from the no-ip.com domain.
  100. jsmiddleton4

    jsmiddleton4 Network Guru Member

    "do you mean that?"

    Nope. Mean that I can not see any files, only folder names.

    Edit: Actually if I go to the client that put the file on the attached USB drive, I can see it. Used to see any files from any client as I use the USB drive as a shared drive.

    Edit: And folders made by one client are not visible to other clients. Did not change any settings. All sharing, etc., still on with no passwords in the firmware just as before.

Share This Page