Asuswrt-Merlin on Netgear R7000

Discussion in 'Other Firmware Projects' started by XVortex, Mar 27, 2015.

  1. miroco

    miroco Serious Server Member

    You'll find "Nederlands" a tad past the middle of the language list. It's as good as it gets ;)
     
  2. Sl4fko

    Sl4fko Reformed Router Member

  3. clweb

    clweb Network Guru Member

    In 384.10_2 there is no "Netherland".
     
  4. miroco

    miroco Serious Server Member

    You are right. I was taking my references from another device, an Asus device. It appears that Asuswrt does not support Nederlands/Dutch language settings in the rt-ac68u firmware :(
     

    Attached Files:

  5. Token05

    Token05 New Member Member

    Yes you are right, it's the same in my router. It works with the app.
     
    Last edited: May 25, 2019
  6. MrMarcie

    MrMarcie New Member Member

    Since the last 2 updates I cannot see my connected devices anymore. R7000.

    [​IMG]
     
  7. Stimpy88

    Stimpy88 Serious Server Member

    It took you more time to screenshot your router, and post it here, then it would have taken you to read the last 2 pages of this thread... Seriously...
     
    Makaveli likes this.
  8. marlo55

    marlo55 New Member Member

    Hi all.

    I used XWRT Vortex on my R7000 some time ago but was finding the router reset regularly under load.

    I ended up RMAing that model and got a replacement, but I can't flash either the 380.70 version or the newer versions, receiving "error -2". I have already had DD-WRT installed and the DD-WRT wiki explained that modern versions of the Netgear stock firmware have some sort of version check that prevents install.

    I think it is possible to edit the version number to pass the check, as there is a "modified" version of the DDWRT firmware that passes the version check. Is there anything similar for XWRT Vortex, or any other way I can install? I'd rather not use nmrpflash if possible as I've had issues with it in the past.
     
  9. Amgine

    Amgine New Member Member

    I'm having trouble enabling HW acceleration/ CTF on my r7000 with latest 384.11_2 firmware.

    I read through a bunch of earlier posts and have the following settings

    Mode: wireless router
    Jumbo frames: disabled
    Spanning Tree protocol: disabled
    IP traffic (per IP monitoring): disabled
    BWDPI (and thus QoS?): disabled
    AI cloud: disabled
    All firewall settings: disabled

    NAT acceleration: auto
    (but it still says NAT traffic is processed by CPU)

    Under Tools - Network
    HW Acceleration status shows as "Disabled - incompatible with:"
    With nothing after the colon.

    I've tried resetting, turning off and back to auto the NAT acceleration option, and reflashing the firmware all to no effect.

    Is there anything else I'm missing?

    Edit: turns out disabling bwdpi just hides the qos tab and doesn't actually delete it. Had to enable bwdpi and restart and disable qos manually to fix it.
     
    Last edited: May 30, 2019
  10. riksterinto

    riksterinto Networkin' Nut Member

    Where do you get this error -2? Are you flashing from Netgear firmware at http://www.routerlogin.net or still on DD-WRT?
     
  11. rarepupper

    rarepupper Connected Client Member

    After staying in the legacy version I finally upgraded to the latest firmware. All good so far.
    Besides the well known bug for the client list not showing up properly, I've noticed some weird behavior losing the wireless connection at times. Happens on both channels actually; not sure if anyone has experienced this as well.

    Should I wait for a patch to fix the client list or go ahead and upgrade to the CFE?
    Actually, not even sure if I am running a CFE or not (lol)

    Thanks Vortex and team.
     
  12. cracker04

    cracker04 New Member Member

    After upgrading to the latest firmware my client list was also gone (set up as "Wireless Router (Standard)").

    Upgrading CFE solves it, all runs very smooth, thanks Vortex.
     
    Kees17760 and Makaveli like this.
  13. Sl4fko

    Sl4fko Reformed Router Member

    I think, based on such statement, you better NOT try upgrading your CFE...
     
    phalkon30, Makaveli and Stimpy88 like this.
  14. Stimpy88

    Stimpy88 Serious Server Member

    Ok everyone, I'm sorry to do this, but I need some help and advice on flashing the custom CFE...

    I want to flash the CFE so that my client list works, and as of now, I have never done any kind of work with Putty WinSCP, so I'm a complete noob with this aspect of the procedure...

    What I need is a dummies guide on how to copy the new cfe to the router, as well as backing up the original one.

    I simply cannot make heads nor tails from the instructions in the first post, as it assumes a knowledge which I simply do not have. When I try WinSCP, it connects, then disconnects almost instantly, so I'm getting nowhere fast!

    Also, I notice several people here saying that they have customised "every field" in the CFE. What appart from MAC addresses and clock speeds is changeable in a meaningful way?

    Thanks in advance for any help.
     
  15. miroco

    miroco Serious Server Member

  16. LookedPath

    LookedPath New Member Member

    Hello to everyone,
    I was read a few pages of this thread and it allowed me to make everythink work as intended on my R7000.
    The only thing that I have a doubt on is the HW Acceleration because I still haven't understood if our router can only do CTF or if it does support FA.
    I'm asking because I have gigabit fiber and I'm trying to squeeze every Mb/s that I can out of this thing but no matter what I do I can't manage to enable it even after disabling STP and trying to toggle the HW Acceleration on and off.
    I'm currently currently on the latest release (384.11_2) with a CFE and my provider uses PPPOE with Vlan tagging in order to provide the connectivity.
     
  17. perdrix

    perdrix Connected Client Member

    Hi there, I have run into a problem with the OpenVPN client which I don't know how to solve.

    When I am connected to the VPN, most of the time the marksandspencer.com website just doesn't work.

    I thought I'd put in an exception to route the M&S IP address to the WAN. The problem is that it appears that M&S have MANY, MANY IP addresses and I get a different answer almost every time I look them up.

    Is there any way to find out all the registered IPs with netmasks for M&S or to specify to always route a given domain (rather than IP address) to the WAN?

    Alternatively is there any way to get this website to work when I am connected to the VPN?

    PS my VPN provider is PIA.
     
  18. Makaveli

    Makaveli Addicted to LI Member

    i'm on a 1Gbps connection with Fiber on PPP0E with Vlan tagging.

    You will only have access to CTF.

    I was only able to get CTF+FA when on DHCP on a cable connection.

    I have no issues hitting max speed with just CTF.

    Connection is 1Gbps down and 750Mbps up.

    [​IMG]

    I use expressvpn and this site works fine for me.
     
  19. LookedPath

    LookedPath New Member Member

    Oh ok it seeemed like I was hitting a harware limit but I guess it's not my R7000 but the ONT at fault.
    Thanks for the fast reply
     
  20. Makaveli

    Makaveli Addicted to LI Member

    I actually have my ONT pulled out of the ISP provided modem and it goes directly in an Ethernet media converter and then straight into the router.

    [​IMG]
     
  21. LookedPath

    LookedPath New Member Member

    Sadly my ONT is not an SPF one but an all-in-one type made by Nokia (aka Alcatel-Lucent) and I can't change it because there are no ONT compatible with Nokia's implementation. Not even the Ubiquiti ones that can emulate different brands so they can accept different types of configurations from the OLT.
     
  22. Makaveli

    Makaveli Addicted to LI Member


    ahh that's too bad I know some providers go all in one and others go SPF module just luck of the draw.
     
    Last edited: Jun 1, 2019
  23. rarepupper

    rarepupper Connected Client Member

    CFE 1.0.0.0

    Just checked lol
     
  24. Ubimoo

    Ubimoo Serious Server Member

    What does this mean:
    And also this:
    Is this normal? Good? Bad?
     
  25. perdrix

    perdrix Connected Client Member

    I'm having some problems with the marksandspencer.com web-site which doesn't work when I connect via my PrivateInternetAccess VPN (using XWRT-Vortex/OpenVPN on my Netgear r7000).

    So after many trials and tribulations I found what I think is a partial list of IP addresses for marksandspencer.com and I added 23.216.240.0/20, 23.0.0.0/12, 104.111.224.0/19, and 104.64.0.0/10 to the VPN Client routing table routing them to the WAN.

    It seemed to mitigate the problem, BUT AFAICT, now ALL my internet traffic is being routed to the WAN, not the VPN (I connected to privateinternetaccess.com and I told me I'd connected from my WAN IP address, not from the VPN IP). I've only got 18 rows in the routing policy table so can't see that I've breached any limit.

    So two issues:

    1) How to find ALL the M&S IP addresses - I know there are more as I saw at least one 173.?.?.? address
    2) What's wrong with the policy based routing here?

    Thanks
     
  26. aftrglow

    aftrglow New Member Member

    EDIT: It has booted up properly. Sorry got panicked. I pressed the reset button again and that might fix it? I don't know. Apologies for the trouble.

    I am having an issue with my R7000 router. It is constantly rebooting itself. Is there a way to fix it?

    I flashed R7000_384.11_2 firmware today and everything was working fine initially. I tried to setup ddns with asuscomm and when clicked apply, it stated rebooting. Since then it is rebooting.

    I tried unplugging everything, did not work. Reset button is not working.
     
  27. Makaveli

    Makaveli Addicted to LI Member

    Try using another dns service to test it.
    or
    Do a factory reset and configure everything from scratch.
     
    Last edited: Jun 3, 2019
  28. perdrix

    perdrix Connected Client Member

    Running xwrt-vortex 384.11_2 seeing lots of lines on syslog:


    Jun 3 19:40:06 acsd: scan in progress ...
    Jun 3 19:40:07 acsd: scan in progress ...
    Jun 3 19:40:07 acsd: scan in progress ...
    Jun 3 19:40:07 acsd: scan in progress ...
    Jun 3 19:40:07 acsd: scan in progress ...
    Jun 3 19:40:08 acsd: scan in progress ...
    Jun 3 19:40:08 acsd: scan in progress ...
    Jun 3 19:40:08 acsd: scan in progress ...

    Any idea on my openvpn problem raise two posts previously
     
  29. David1

    David1 Serious Server Member

    https://www.snbforums.com/threads/asus-rt-ac68-offered-3-0-0-4-384_45708.55814/page-2#post-475979
     
    Makaveli likes this.
  30. perdrix

    perdrix Connected Client Member

  31. perdrix

    perdrix Connected Client Member

    How can I display the policy based routing that the OpenVPN client is actually using (as distinct from what is displayed in the GUI). I assume there's a command line interface to display this sort of stuff?

    My default setting was to route everything to the VPN, and have exceptions. When I added the additional records

    MandS 0.0.0.0 23.216.240.0/20 WAN
    MandS 0.0.0.0 23.0.0.0/12 WAN
    MandS 0.0.0.0 104.111.224.0/19 WAN
    MandS 0.0.0.0 104.64.0.0/10 WAN


    it all went pear shaped and started to send stuff that should have gone down the tunnel to the WAN????
     
  32. David1

    David1 Serious Server Member

    You need to tell it to route all traffic through the vpn aswell
    either
    0.0.0.0 0.0.0.0 VPN
    or
    "ur netowrk subnet"(192.168.1.0/24) 0.0.0.0 VPN

    atm you have not told any traffic to go through the vpn with ur above policy rules
     
    Last edited: Jun 4, 2019
  33. Kees17760

    Kees17760 Network Newbie Member

    With all respect: If your knowledge is that basic, stay away from it or find someone to do it for you.
     
  34. Kees17760

    Kees17760 Network Newbie Member

    You're talking about the backside small reset button, which you have to press with a pin or matchstick?
    Press it for a few (5) seconds and the router resets itself.
     

    Attached Files:

  35. Stimpy88

    Stimpy88 Serious Server Member

    How to backup/replace/update your routers Bootloader (CFE.BIN) the easy way!

    After finding out that I know nothing about WinSCP and Putty etc, I decided to turn my learning experience into an easy step-by-step guide that anyone without deep networking/hardware knowledge can follow. This knowledge should be shared, especially after the extremely negative responses I got here after simply asking for help!

    So why would you want to do this??? Well, it turns out that due to a change in the latest versions of this firmware, the network client list no longer populates correctly, or at all. From what I have found in my research, this could be down to an earlier version of this firmware corrupting/changing part of the routers Bootloader. Use this guide if you experience this problem and want to fix it, but bear in mind that there are always risks to flashing Bootloaders, which are vital to the operation of your router, and could result in an expensive brick! Saying this, I managed to do it multiple times, with absolutely no issues whatsoever. My R7000 had the original v1.0.0.1 Bootloader (CFE.BIN), and has never been modified before now.

    Thanks go to Makaveli for your help and sanity checks!

    ***You MUST perform a Full Factory Reset after doing this - you WILL lose ALL your settings***

    Still here? OK, then here we go...

    1.) Download the Custom CFE Toolkit file from the Custom CFE (v1.0.2.1) link provided in the OP and decompress it. Customise the included cfe.bin file using the CFEEdit.exe tool by adding your WAN MAC address from the sticker under your R7000. To do this, run CFEEdit.exe, click File, select Open CFE, select cfe.bin, then just type or paste your WAN MAC into the Dumb Mode MAC Address box. Now select Save CFE As and save your customised cfe.bin, overwriting the original file, and close CFEEdit.

    2.) Download WinSCP, and Putty and install them on your computer.

    3.) Use your browser to log into your router, then go to Administration > System > then click Enable SSH, select LAN Only from the drop down menu, then click Apply.

    4.) Now open WinSCP, select SCP as the file protocol then type your routers IP address, use port 22, enter your username and password, then press Login to connect to your router.

    5.) To get ready to backup your existing CFE, first, on the right hand side of the WinSCP screen, navigate to the /tmp/home/root/ directory of your router. This is where all your work will be done on the router itself.

    6.) Now on WinSCPs toolbar in the top left of the screen, press the Open Terminal button and type "cat /dev/mtd0 > original_cfe.bin" without quotes in to the Enter Command box, press Execute, then press close. The file original_cfe.bin should appear in the right hand side window of WinSCP. You may have to press the green refresh button in the toolbar above the top right directory list. This will make the file appear. Drag the original_cfe.bin file from the right window, to the left, so that you have a copy of your stock cfe.bin on your computer for safekeeping.

    Now to copy the new cfe.bin (bootloader) and it's support file to your router...

    7.) In the left window of WinSCP, hold down your ctrl key on your keyboard, and select cfe.bin, and mtd-write files and drag them to the right hand side of the window, this will copy the files to the /tmp/home/root/ directory of your router. You're now finished with WinSCP, and you can close it.

    8.) Now we use Putty. In the Session/Basic Options screen, type your routers IP address in to the Host Name box, use the default Port 22, and select SSH as the Connection Type and press Open to connect. Putty will then open a Terminal Window, asking you to input your routers username and password, after entering that, type or paste "chmod +x ./mtd-write" without quotes, press Enter on your keyboard, then type or paste "./mtd-write -i cfe.bin -d boot" without quotes and press Enter on your keyboard.

    9.) Go to back to your router GUI and perform a full factory reset.

    You're done, and the Client List now works perfectly!
     
    Last edited: Jun 12, 2019 at 11:44 AM
    Vlolwut, Josh Skinner, gxcare and 5 others like this.
  36. Kees17760

    Kees17760 Network Newbie Member


    Even better so. Only thing i've noticed is that the file size of the original "CFE.bin" is twice as big as its replacement. I guess a lot of unneeded things are cut out.
     
  37. Kees17760

    Kees17760 Network Newbie Member

    Error applying nat rules

    At every reboot (R7000 on 384.11_2, CFE 1.0.2.1) i get this error message:

    May 5 07:05:15 nat: apply nat rules (/tmp/nat_rules_vlan2_vlan2)
    May 5 07:05:16 kernel: sd 0:0:0:0: [sda] 15646720 512-byte logical blocks: (8.01 GB/7.46 GiB)
    May 5 07:05:16 kernel: sd 0:0:0:0: [sda] Write Protect is off
    May 5 07:05:16 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
    May 5 07:05:16 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
    May 5 07:05:17 kernel: sda:
    May 5 07:05:17 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
    May 5 07:05:17 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
    May 5 07:05:17 nat: apply nat rules (/tmp/nat_rules_vlan2_vlan2) error!
    May 5 07:05:17 kernel: nf_conntrack_rtsp v0.6.21 loading
    May 5 07:05:17 kernel: nf_nat_rtsp v0.6.21 loading

    Router seems to be working OK.

    Any ideas?
     
  38. perdrix

    perdrix Connected Client Member

    Actually I had that too - it was all working fine until I added those additional rows.

    The first row says "default 192.168.129.0/24 0.0.0.0 VPN"

    the remaining 17 lines are exceptions to route to the WAN.

    David
     
  39. David1

    David1 Serious Server Member


    i dont think what you are trying is going to work, marksandspencer.com is a large site and has multiple ips using anycast
    the ips you are using are 2 broad with others sites on them aswell. Best bet is maybe try figure out y the vpn is not working with marksandspencer.com.

    otherwise try more specific ips
    upload_2019-6-4_12-52-53.png
     
    Makaveli likes this.
  40. perdrix

    perdrix Connected Client Member

    Do you know how to find out what the "real" IPs for markandspencer.com are or how to find that out?

    Every time I do an nslookup it seems I get a different answer!

    As for figuring out why the VPN isn't playing &deity only knows and she isn't telling :(
     
  41. philipc

    philipc Reformed Router Member

    To resolve the 0 client list issue, I need to fallback to 384.10_2 :(
     
  42. Makaveli

    Makaveli Addicted to LI Member

    Or look at page 65 and this page which has a guide 5 post above yours....
     
  43. philipc

    philipc Reformed Router Member

    Are you running 384.11 or 384.11_2?
    If so, are you upgraded from 384.10_2?
     
  44. philipc

    philipc Reformed Router Member

    It seems the CFE version is the cause of the problem (as per many users). Just hoping that the next release would resolve the issue without the need to "touch" the CFE.
     
  45. Makaveli

    Makaveli Addicted to LI Member

    You will have to wait until 384.12 is out and see if it will work with CFE 1.0.0.0.
     
    Last edited: Jun 5, 2019
  46. ringlord

    ringlord Connected Client Member

    I am running 384.11_2.
    My upgrade path = all previous NG versions -> 384.10_2 -> 384.11 -> 384.11_2
    I am on access point mode : all the devices connected are 192.168.1.x and my R7000 also has an ip in that range.
     
  47. philipc

    philipc Reformed Router Member

    Everything exactly the same (upgrade path, ap mode, ip range, etc.), but client list was zero!

    Tried the followings:
    - at 384.11_2, factory reset, no luck
    - fallback from 384.11_2 to 384.11, then factory reset, no luck
    - fallback from 384.11 to 384.10_2, client list was back to normal !
     
  48. philipc

    philipc Reformed Router Member

    Right, will need to wait and see
     
  49. Stimpy88

    Stimpy88 Serious Server Member

    Does anyone else have any problems with the WAN DNS stop working every 12 hours or so? It seems to stop, the WAN shows as disconnected in the GUI, and even restarting the router does not bring it back up... Then after between 8 and 10 mins, it suddenly starts working fine... Nothing in the logs, and using 384.11_2...

    Any ideas?
     
  50. dontasciime

    dontasciime Network Guru Member

    Apologies for this question if it's common knowledge.

    380.70 Is there a QOS setting either visible or hidden away?

    I'm asking the above as well as my FTTC throughput is taking a hit since swapping from a Billion 7800n to the r7000

    2012 Full 79,999Kbps sync 17a profile cab was capable of 104,000 in theory no one else on it

    2019 sync down to 58,000 throughput 55Mbps

    Nov 2018 download speed in steam client 8.6MB/s generally my line goes between 7.4MB/s and 8+Mb/s


    But 12 APR the same day I swapped over to R7000 6.5MB/s. It's been like that for the 52 days uptime of r7000

    Hg612 since apr 12 2019 52 days no drop until yesterday or day before and synced at say 58 or 56 but the throughput has been terrible and 3.4MB/s via steam client and various other tests this last couple of days since the hg 612 dropped connection 1am the other morning.

    Today In desperation I decided to reboot r7000 thinking maybe when it tried 4 or 5 times to get vaild ip when hg 612 was either down or resyncing that maybe it had glitched the r7000. The reboot sorted it and I was now once again getting say the higher level throughput from my syncrate so I observed 6.9MB/s from my sync of 56.93 --- 55.04Mbps.

    Anyway sorry for the waffle but is there qos in this firmware version that maybe got confused or something else to look out for that may be causing low throughput in the scenario,example above. Thanks if anyone can be bothered.
     
  51. Makaveli

    Makaveli Addicted to LI Member

    I had this happen to me once.

    And strangely enough I when I ran troubleshooting on the NIC in windows it says DHCP was disabled corrected it then bam everything came back up. May just be some kinda of random bug.

    And yes rebooting the router does not fix this.
     
    Stimpy88 likes this.
  52. Stimpy88

    Stimpy88 Serious Server Member

    Yeah, it's a strange one... It's happened to me about 4 times in the last week alone. Nothing fixes it, even disabling the WAN connection, or changing DNS servers resolves it, but after 8 mins or so, it suddenly starts working fine.

    The router, and all it's clients are still connected to the internet, downloads in progress continue, I can ping IP addresses etc, so it's definitely something to do with the WAN DNS.
     
  53. Makaveli

    Makaveli Addicted to LI Member

    I watching a stream on twitch when I noticed it the stream stayed up but I couldn't access any websites etc.
     
    Stimpy88 likes this.
  54. rarepupper

    rarepupper Connected Client Member

    Will this also work on Linux? What do?
     
  55. ozioh19

    ozioh19 New Member Member

    This started happening recently. I use always VPN and "Block routed clients if tunnel goes down" option is always selected on.
    Yesterday, I checked my IP and although VPN was off i was able to access to the internet. My IP number was just a regular assigned IP by the ISP.

    My version: 384.11_2
    CFE: 1.0.2.1
    Today, it happened again, VPN is down, and I can actually write this message. Here is my logs.
    I havent restarted VPN yet.

    I think VPN went down around june 5th , 19:40 pm
    and june 6th, around 16:20.





    Here is my logs:

    Jun 5 19:09:12 acsd: scan in progress ...
    Jun 5 19:09:12 acsd: scan in progress ...
    Jun 5 19:09:12 acsd: scan in progress ...
    Jun 5 19:09:12 acsd: scan in progress ...
    Jun 5 19:09:13 acsd: selected channel spec: 0xe06a (100/80)
    Jun 5 19:09:13 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 5 19:09:13 acsd: selected channel spec: 0xe06a (100/80)
    Jun 5 19:16:03 WLCEVENTD: eth1: Assoc XX.XX.xX.XX.XX
    Jun 5 19:16:03 dnsmasq-dhcp[1375]: DHCPREQUEST(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 5 19:16:03 dnsmasq-dhcp[1375]: DHCPACK(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 5 19:17:02 WLCEVENTD: eth2: Assoc XX.XX.xX.XX.XX
    Jun 5 19:17:02 dnsmasq-dhcp[1375]: DHCPDISCOVER(br0) XX.XX.xX.XX.XX
    Jun 5 19:17:02 dnsmasq-dhcp[1375]: DHCPOFFER(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 5 19:17:02 dnsmasq-dhcp[1375]: DHCPREQUEST(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 5 19:17:02 dnsmasq-dhcp[1375]: DHCPACK(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 5 19:17:55 ovpn-client1[8965]: TLS: tls_process: killed expiring key
    Jun 5 19:17:56 ovpn-client1[8965]: TLS: soft reset sec=0 bytes=1337412330/-1 pkts=2560168/0
    Jun 5 19:17:56 ovpn-client1[8965]: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=
    Jun 5 19:17:56 ovpn-client1[8965]: VERIFY OK: nsCertType=SERVER
    Jun 5 19:17:56 ovpn-client1[8965]: VERIFY X509NAME OK: C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-1552-1a, emailAddress=
    Jun 5 19:17:56 ovpn-client1[8965]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-1552-1a, emailAddress=
    Jun 5 19:17:56 ovpn-client1[8965]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
    Jun 5 19:17:56 ovpn-client1[8965]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
    Jun 5 19:17:56 ovpn-client1[8965]: Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Jun 5 19:32:07 miniupnpd[29092]: remove port mapping 11749 UDP because it has expired
    Jun 5 19:32:07 miniupnpd[29092]: remove port mapping 11749 TCP because it has expired
    Jun 6 13:44:40 acsd: scan in progress ...
    Jun 6 13:44:40 acsd: scan in progress ...
    Jun 6 13:44:45 acsd: scan in progress ...
    Jun 6 13:44:46 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 13:44:46 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 13:44:46 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 13:59:51 acsd: scan in progress ...
    Jun 6 13:59:51 acsd: scan in progress ...
    Jun 6 13:59:52 acsd: scan in progress ...
    Jun 6 13:59:52 acsd: scan in progress ...
    Jun 6 13:59:52 acsd: scan in progress ...
    Jun 6 13:59:52 acsd: scan in progress ...
    Jun 6 13:59:53 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 13:59:53 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 13:59:53 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 14:00:15 hour_monitor: dpi engine doesn't exist
    Jun 6 14:14:55 acsd: scan in progress ...
    Jun 6 14:14:55 acsd: scan in progress ...
    Jun 6 14:15:00 acsd: scan in progress ...
    Jun 6 14:15:01 acsd: scan in progress ...
    Jun 6 14:15:01 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 14:15:01 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 14:15:01 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 14:30:03 acsd: scan in progress ...
    Jun 6 14:30:03 acsd: scan in progress ...
    Jun 6 14:30:03 acsd: scan in progress ...
    Jun 6 14:30:04 acsd: scan in progress ...
    Jun 6 14:30:04 acsd: scan in progress ...
    Jun 6 14:30:04 acsd: scan in progress ...
    Jun 6 14:30:04 acsd: scan in progress ...
    Jun 6 14:30:05 acsd: scan in progress ...
    Jun 6 14:30:05 acsd: scan in progress ...
    Jun 6 14:30:05 acsd: scan in progress ...
    Jun 6 14:30:05 acsd: scan in progress ...
    Jun 6 14:30:06 acsd: scan in progress ...
    Jun 6 14:30:06 acsd: scan in progress ...
    Jun 6 14:30:06 acsd: scan in progress ...
    Jun 6 14:30:06 acsd: scan in progress ...
    Jun 6 14:30:07 acsd: scan in progress ...
    Jun 6 14:30:07 acsd: scan in progress ...
    Jun 6 14:30:07 acsd: scan in progress ...
    Jun 6 14:30:07 acsd: scan in progress ...
    Jun 6 14:30:08 acsd: scan in progress ...
    Jun 6 14:30:08 acsd: scan in progress ...
    Jun 6 14:30:08 acsd: scan in progress ...
    Jun 6 14:30:08 acsd: scan in progress ...
    Jun 6 14:30:09 acsd: scan in progress ...
    Jun 6 14:30:09 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 14:30:09 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 14:30:09 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 14:45:10 acsd: scan in progress ...
    Jun 6 14:45:16 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 14:45:16 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 14:45:16 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 15:00:15 hour_monitor: dpi engine doesn't exist
    Jun 6 15:00:23 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 15:00:23 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 15:00:23 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 15:15:30 acsd: scan in progress ...
    Jun 6 15:15:30 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 15:15:30 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 15:15:30 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 15:30:37 acsd: scan in progress ...
    Jun 6 15:30:37 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 15:30:37 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 15:30:37 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 15:45:38 acsd: scan in progress ...
    Jun 6 16:00:51 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:00:51 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 16:00:51 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:15:52 acsd: scan in progress ...
    Jun 6 16:15:58 acsd: scan in progress ...
    Jun 6 16:15:58 acsd: scan in progress ...
    Jun 6 16:15:58 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:15:58 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 16:15:58 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:21:48 WLCEVENTD: eth1: Assoc XX.XX.xX.XX.XX
    Jun 6 16:21:48 dnsmasq-dhcp[216]: DHCPDISCOVER(br0) XX.XX.xX.XX.XX
    Jun 6 16:21:48 dnsmasq-dhcp[216]: DHCPOFFER(br0) 192.168.1.125 XX.XX.xX.XX.XX
    Jun 6 16:21:48 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.125 XX.XX.xX.XX.XX
    Jun 6 16:21:48 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.125 XX.XX.xX.XX.XX
    Jun 6 16:21:56 WLCEVENTD: eth1: Assoc XX.XX.xX.XX.XX
    Jun 6 16:22:05 WLCEVENTD: eth1: Assoc XX.XX.xX.XX.XX
    Jun 6 16:22:07 dnsmasq-dhcp[216]: DHCPDISCOVER(br0) XX.XX.xX.XX.XX
    Jun 6 16:22:07 dnsmasq-dhcp[216]: DHCPOFFER(br0) 192.168.1.16 XX.XX.xX.XX.XX
    Jun 6 16:22:07 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.16 XX.XX.xX.XX.XX
    Jun 6 16:22:07 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.16 XX.XX.xX.XX.XX
    Jun 6 16:31:05 acsd: scan in progress ...
    Jun 6 16:31:05 acsd: scan in progress ...
    Jun 6 16:31:05 acsd: scan in progress ...
    Jun 6 16:31:05 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:31:05 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 16:31:05 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:38:35 WLCEVENTD: eth1: Disassoc XX.XX.xX.XX.XX
    Jun 6 16:39:10 WLCEVENTD: eth1: Assoc XX.XX.xX.XX.XX
    Jun 6 16:39:11 WLCEVENTD: eth1: Assoc XX.XX.xX.XX.XX
    Jun 6 16:39:11 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:11 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:12 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:12 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:13 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:13 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:14 WLCEVENTD: eth1: Assoc XX.XX.xX.XX.XX
    Jun 6 16:39:14 dnsmasq-dhcp[216]: DHCPDISCOVER(br0) XX.XX.xX.XX.XX
    Jun 6 16:39:14 dnsmasq-dhcp[216]: DHCPOFFER(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 6 16:39:14 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 6 16:39:14 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.45 XX.XX.xX.XX.XX
    Jun 6 16:39:15 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:15 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:19 dnsmasq-dhcp[216]: DHCPREQUEST(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:39:19 dnsmasq-dhcp[216]: DHCPACK(br0) 192.168.1.239 XX.XX.xX.XX.XX
    Jun 6 16:46:11 acsd: scan in progress ...
    Jun 6 16:46:12 acsd: scan in progress ...
    Jun 6 16:46:12 acsd: scan in progress ...
    Jun 6 16:46:12 acsd: scan in progress ...
    Jun 6 16:46:12 acsd: scan in progress ...
    Jun 6 16:46:13 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:46:13 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 16:46:13 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 16:54:04 kernel: nvram: consolidating space!
    Jun 6 17:00:15 hour_monitor: dpi engine doesn't exist
    Jun 6 17:01:14 acsd: scan in progress ...
    Jun 6 17:01:20 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 17:01:20 acsd: Adjusted channel spec: 0xe06a (100/80)
    Jun 6 17:01:20 acsd: selected channel spec: 0xe06a (100/80)
    Jun 6 17:06:04 kernel: nvram: consolidating space!
    Jun 6 17:07:33 kernel: nvram: consolidating space!
     
  56. ozioh19

    ozioh19 New Member Member

    I made sure that Redirect Internet traffic set to policy rules (strict).
    But as I said, vpn is not on and I can get to internet.
     
  57. David1

    David1 Serious Server Member

    Here is something which could work for what you want

    https://www.snbforums.com/threads/route-certain-domains-through-client-vpn.49451/#post-439430

    https://github.com/Xentrk/x3mRouting#load_dnsmasq_ipset_ifacesh
     
    Last edited: Jun 9, 2019
  58. Stimpy88

    Stimpy88 Serious Server Member

    I guess you will have to find Linux equivolents to the programs used. However I dont think there is a tool to edit the CFE file in Windows... Maybe use a virtual PC with Windows instead.

    You do not need a licence to trial Windows, and it can be downloaded freely from Microsoft themselves.
     
  59. Sparky2900

    Sparky2900 New Member Member

    I know this may be a dumb question, but because of this being closed source how do i know they aren't stealing any of my information when i use this?
     
  60. lancethepants

    lancethepants Network Guru Member

    You can't. You must blindly trust them. It's very simple to publish, so it brings into question their motivations. Can't know until you can see the code and commit history, full stop.
     
    phalkon30 likes this.
  61. Sparky2900

    Sparky2900 New Member Member

    That's a shame. i wanted to use this so i could get gigabit speeds with PPPOE :(
     
  62. Stimpy88

    Stimpy88 Serious Server Member

    How do you know that the Netgear firmware, and the Broadcom drivers are not phoning home? I don't think anyone has ever done a long term study on exactly what any of this equipment is doing at all times.

    You have no privacy anyway, that's the very nature of being online, especially these days. The encryption we use on consumer devices was broken years ago, and is now breakable in real time, so even if your networking equipment is totally secure, the pipe will leak elsewhere.
     
    Makaveli likes this.
  63. Makaveli

    Makaveli Addicted to LI Member

    i've been using this firmware since 2015!

    if something bad was going to happen to me and my data they wouldn't have waited this long to cause damage. I've had no issues in 4 years.
     
    Last edited: Jun 9, 2019
  64. XVortex

    XVortex Addicted to LI Member

    Dozens of the ASUSWRT code is provided as closed source anyway (Asus "Secret" features, Trend Micro DPI, Broadcom wlan drivers, etc). So what about open code are you talking about? I have a reasons for not opening the XWRT repo just because of my modifications (patches) of the closed code. If it makes life happier for you, I'm too lazy to put a malware into the my work ;-)
     
    Stimpy88, edusodanos, duceyaj and 2 others like this.
  65. Sparky2900

    Sparky2900 New Member Member

    Thanks for the reply. and you're definitely right, so i'm gonna try it out!
     
  66. Pierre Chartrand

    Pierre Chartrand Network Newbie Member

    Just finished process posted earlier

    How to backup and replace your routers Bootloader (CFE.BIN)...
    replacing CFE in R7000 router.
    **** Worked great ****
    Can now see all user of lan and wireless

    Decided to check MAC address of wan port in original CFE with CFEedit.

    It is different than what is on sticker for my router.

    used MAC address from sticker.

    Did anyone else see this.
     
    Stimpy88 likes this.
  67. Makaveli

    Makaveli Addicted to LI Member

    Yes when the NG build was first released anyone who updated to it had the MAC address changed from the original.

    I also changed mine to match what was on the box after updating my CFE.
     
  68. Kees17760

    Kees17760 Network Newbie Member

    Me too. Changed MAC address to the one on the sticker.
    Changed pci/1/1 to MAC address (as on sticker)
    Changed pci/2/1 to MAC address (as on sticker) +1
    XWRT will change the latter two to those values anyway, regardless of what you put in there
     
    Last edited: Jun 9, 2019
  69. dontasciime

    dontasciime Network Guru Member

    Throughput of my FTTC once again dropped to 38mbps from a manual reboot of r7000 which i presume then initiated a new PPPoE session but locked down throughput to 38mbps and once again a further reboot of the r7000 using 380:70 firmware reset my throughput back to 55Mbps

    Has anyone else witnessed this behavior with 380.70 and an hg-612 80/20 connection (ECI) cab I was told in 2012 that it was a Huawei cab and I took the engineers word for it turn out he was full of it as It's definitely an ECI cab.

    Anyway seems to me that my r7000 with 380.70 using IPv6 Native / PPP when either the modem re syncs and the r7000 negotiates a connection again then locks my throughput to 38Mbps for whatever reason or when my throughput is 55Mbps and I manually reboot the r7000 once it drops my throughput to 38Mbps and 1 more reboot brings it back to 55Mbps.

    Anyone have any ideas what's going on or a remedy. I will have to try another firmware but both my xbox 1 nat open is required so hopefully any other FW still achieves that without glitches oddities etc
     
  70. Makaveli

    Makaveli Addicted to LI Member

    How about you move up to a firmware on the newer code base there isn't many people on here still using that old firmware.
     
  71. dontasciime

    dontasciime Network Guru Member

    Looks like I will have to but when everything appeared to be working fine especially my requirement for open nat on 2 or more xb1 just a little reluctant to be possibly hit with a different issue.
     
  72. roadcarver

    roadcarver New Member Member

    Thank you for this! Been a long time lurker. Had to register to just thank you for this patch/fix!

    Works now!

    Before I did anything, I also backed up my CFG and JFFS files. Once I've done the patch, and did a factory reset, I restored the backed up files.

     
    Stimpy88, slidermike and Makaveli like this.
  73. dontasciime

    dontasciime Network Guru Member

    Now on 384.11_2 and still 2nd* reboot drops my throughput to 39Mbps

    Updated R7000 to 384.11_2 and throughput was 56Mbps This update broke my client list so had to update cfe to 1021 and then factory reset and throughput 38/39Mbps.. I disconnected wan via interface and reconnected wan/ apply, still 38/39. I powered it off, took out power adapter and powered back on still 38/39 throughput

    Rebooted R7000 again and back to 56Mbps as it is now and will remain until., i reboot r7000 again or the PPPoE sessions stops(i think) or my Hg-612 negotiates with vlsam and new sync rate

    Same behavior I witnessed using 380.70. I have no idea why this is doing this maybe my hg-612 is broken but it's just very odd behavior that I can replicate time and time again.

    [edit this is using IPv6]
     
    Last edited: Jun 10, 2019
  74. Kees17760

    Kees17760 Network Newbie Member

    Bump!
     
  75. bitpixl

    bitpixl Serious Server Member

    Perfect clear instructions, tyvm.

    I have a DNS config question, how do you setup the DNS on the router?
    right now in DHCP I left the DNS servers blank (per description: DNS request will be processed by router), 'Advertise router's IP in addition to user-specified DNS' is set to 'No'.

    In the WAN DNS Settings I set 'Connect to DNS Server automatically' to 'No' and put in an external DNS server.

    Is this the best way or do you recommend configuring the router ip + external dns ip in DHCP or only configure the external dns ip in dhcp and enable the option 'Advertise router's IP in addition to user-specified DNS'?
     
    Last edited: Jun 11, 2019
    Stimpy88 likes this.
  76. Stimpy88

    Stimpy88 Serious Server Member

    Thank you for the thanks!

    And yes, I personally always put my own DNS servers in the WAN page, not DHCP. I also select "No" to Advertise router's IP in addition to user-specified DNS in the DHCP page, as this makes no sense when setting the DNS in WAN.
     
  77. red566

    red566 New Member Member


    Hey , is there a way you could give an access link on your site to beta profiles for testing like on the official Merlin site ?
    I wouldn't mind being a test patient lol.. I have plenty of routers to mess with .
     
  78. XVortex

    XVortex Addicted to LI Member

    I did not compile an every alpha/beta. I do it only when the major difs are coming.
    Icoming R12 is not this case.
     
    Stimpy88 and Makaveli like this.
  79. bitpixl

    bitpixl Serious Server Member

    Is it possible to save my current config/settings and use it on another router that supports this firmware?
     
  80. slidermike

    slidermike Addicted to LI Member

    Sure you can as long as the other router is identical and you want both routers to have the same config.
     
    Makaveli likes this.
  81. lirwin4

    lirwin4 New Member Member

    Anyone having any issues with the latest 384.11_2 firmware on the R7000? On the "Network Map" page, all my clients have disappeared. Nothing I do seems to get them back. I had to revert back to version 384.10_2.
     
  82. juched

    juched Serious Server Member

    Seems 384.11 needs the update CFE (see first post) for the client list to function.


    Sent from my iPhone using Tapatalk
     
    lirwin4 and Makaveli like this.
  83. slidermike

    slidermike Addicted to LI Member

    lirwin4, Stimpy88 and Makaveli like this.
  84. Gregow

    Gregow New Member Member

    @XVortex. Thanks for this firmware for the R7000! Any chance that a future update will restore Network Map functionality without having to tamper with the CFE? Nothing I am feeling comfortable to do, and probably the same for others as well.
     
    lirwin4 and Ubimoo like this.
  85. clweb

    clweb Network Guru Member

    I updated the CFE and with 384.11_2 the network map works great (6 days uptime).
    Updated CFE with 384.10_2 did not solve the Network Map problem.
     
    Makaveli and Stimpy88 like this.
  86. XVortex

    XVortex Addicted to LI Member

    The reason for which to proper work of Network Map requires a custom (Asus native) CFE is unknown to me.
    asus could do some checks or some netgear CFE parameters turned out to be incompatible with XWRT.
    So if you want to continue to use the XWRT, it is better to flash the compatible CFE.
     
  87. juched

    juched Serious Server Member

    Based on this I decided today to install the CFE 1.0.2.1 with my original MAC (it had changed during 380 to 384). And I resetup all settings from scratch again. Client list is working well.

    I had been dirty upgrading since 384.5 and it has been very stable. I did notice that around 384.9 or 384.8 that the client list wasn’t showing the same number. It was lower and missing some. That seems to be better now.
     
    Makaveli likes this.
  88. ringlord

    ringlord Connected Client Member

    Does anybody also see a SSID = HT_APO (that uses the same channel as my 2.4Ghz SSID)?
    Already since a long time (so not related to a recent firmware) I see this additional SSID and I don't know where it is coming from.
     
  89. slidermike

    slidermike Addicted to LI Member

    No to the extra SSID.
     
  90. clweb

    clweb Network Guru Member

    Today I noticed that 'Traffic monitor' only work in Real time. When selecting 24h, daily or monthly, the graphs and tables are empty.
    Version 3.11_2 and CFE 1.0.2.1. Router is R7000.
    The statistics seem to work well.
     
  91. slidermike

    slidermike Addicted to LI Member

    I am not sure since I don't use that feature but to store graphs wouldn't you have to format and use a usb drive as a place to store the historical graph data?
    I think by default the router is using system ram for traffic monitor.
    Again, I could be wrong.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice