    Did you read the OP, especially the part about the problems with the GUI ?!
    I guess, you didn't...
    thanks for the response.
    Why is usb 3.0 unticked? is there issues with it or just preference?

    I read about 15 pages of this thread, I did not associate the issue with a gui issue, rather something I had to enable somewhere. I was looking at the extras tar on the download site thinking maybe I had to do something with that. I looked at ssh system, maybe I had to do something there. I considered maybe an error in this version (would explain why the wifi was open when I first set up, my god what a security oversight!)
    I googled the issue, I watched youtube videos on how to set up tomato, I read massivly outdated guides all before posting my question. After posting the question I continued working on the problem until I couldnt stay awake.
    It had not occurred to me a simple ctrl+f5 would fix.
    Thank you for pointing me in the right direction but could of been done with out the sarcasm
    Sorry, but I said it here probably over 40 times already, so...
    Certainly because you didn't clear the cache of your browser and it was showing old web pages
    I've been caught-out by this before so you're not alone. On the postive side, you should now be able to enjoy a very slick custom FW! :cool:
    yes and no lol
    I got my drive mounted when I chose paragon driver (it was ntfs) read speeds of about 40mb/s write speeds of 10mb/s. this seemed low to me so I decided to format the drive as ext4 using my linux laptop...that was easy :)
    but the drive wont be seen unless I change some thing on the usb page then hit save. The drive shows up at that point. clicking mount results in an error "failed to mount. check the drive is plugged in"

    log says:
    off to google land hopefully easy fix

    Edit 1

    seems the ext4 support on my laptop is neawer than the mount support in the router firmware.... that seems strange to me as my laptop hasnt been updated in a long time, way older than the firmware update age.

    the solution is to format it on the router via ssh

    my password no longer works for ssh...no idea why but got around it by making an ssh key lol (learnt something new yay)

    fdisk -l didnt show the drive until i did the trick of changing a setting and hitting save then it showed as /dev/sda

    i then did mkfs.ext4 /dev/sda and am now waiting for it to finish writing inode tables lol

    EDIT 2

    Same issue. just used fdisk /dev/sda and created its primary partition again. Now reformatting it via mkfs.ext4 hopefully it will work this time, if not I am off to find a quiet corner to rock back and forward in quietly sobbing

    EDIT 3

    trying to format as ext3 since ext4 still shows the same error.
    also selected a corner for quiet sobbing in

    EDIT 4
    IT MOUNTED ! yay
    speed is still way slower than it should be

    NP sorry I got pissy, was a long night last night and still need to get this sorted before work, fuse is a tad frayed.
    Last edited: May 7, 2019
    Anyone having random reset on their router? Since I installed 2019.2 (I have minimal settings, nothing complicated) it seems to reboot every few days by itself, be it 1 day or 4 days.
    Anyway to have the log says the cause of the reset like brown-out or watchdog or something?
    Do you have the in-built Adblock enabled? Running 2019.1, my R7000 would reboot itself exactly as you describe. Since I disabled the in-built Adblock (running the Not So Lean script instead) the router has been up for 45 days.
    I have 2019.2 running on my RT-N16 (MIPSR2 K26 USB AIO) and RT-AC68P (K26ARM USB AIO-64K) Wireless Ethernet Bridges for nearly 10 days now without any connectivity or reboot issue.
    No adblock, nothing, just some static IP, openvpn server, and some access restrictions, same settings I am using for 10 years.
    A couple separate questions.

    1. I currently have AndreDVJ's AdvancedTomato-ARM firmware (tomato-R7000-AT-ARM-3.5-140-AIO-64K_09FEB20). Can I just do the following to move over to FreshTomato?
    • Backup current configuration
    • Restore to default configuration
    • Update/Flash router with FreshTomato initial image via GUI
    • After initial flash, log back in and re-flash with FreshTomato AIO.trx file
    • Restore the configuration I initially backed up from AdvanceTomato firmware? :confused: or will I need to manually reconfigure everything?

    2. I've been experiencing the same issue as @mrgreaper above where any ext4 format flash drives can't be mounted. It doesn't seem to work whether I format the drive on the router itself or on a separate linux machine. I'm assuming this is a Tomato fw issue across the board or am I missing something?
    I think you should be able to flash ("upgrade") directly to FreshTomato target build, and either keep the current configuration, or (if you have a complicate setup) check "erase NVRAM" as part of the "upgrade" and manually reconfigure everything.
    So what is "works as intended"??? I can't see any explanation for this "feature", can you explain?

    I have RT-N16 running FreshTomato Firmware 2019.2 MIPSR2 K26 USB Mega-VPN that will randomly disconnect from WAN and then reconnect. Nothing is enabled in Scheduler/AdBlock or anywhere else I can see that would cause a reboot/disconnect. Previously this router ran Toastman for years overclocked to 532MHz without issue. My cable modem shows no problems and shows being connected for days. I have reset this router back to 480MHz to see if the connection problem disappears.

    Does anybody else have a suggestion on what is happening?

    Thanks ahead of time.
    As I mentioned It works as intended meaning, Looking at the "Status" then "Device list" selecting "Wifi Filter" will take you to the "Wireless Filter page" there you add that device, select save goto "Virtual Wireless Interface" and under "WFilter" you have three choices, save which ever you need done and that's it. I found it work as it block the device or allowed the device to have wireless access. You can look in the search here in the forum or just follow the prompts as I did without knowing if there is documentation.
    I am also seeing random router reboots on the latest build. The logs aren't helpful as they seem to reset with the router so nothing indicates what the cause is. Any suggestions from the devs for troubleshooting?
    Thank you.

    I was able to do this:
    • Backup current configuration
    • Restore to default configuration
    • Update/Flash router with FreshTomato .trx file directly via GUI and checked erase NVRAM as part of the upgrade. (No need for initial .chk file, I guess that's only needed when first flashing to a tomato firmware).
    • I did not try restoring the configuration, I played it safe by just manually reconfiguring everything.
    I was having this exact same issue. Does no one else use ext4 formatted drives with their Tomato routers?

    Anyway, taking a look at the log I saw the following error(s) whenever a drive mount was attempted:
    kern.err kernel: EXT4-fs (sda1): couldn't mount RDWR because of unsupported optional features (400)

    Some brief googling led me to find the following topics/solutions: here, here and here

    The end/resulting solution is to format the drive using the following command:
    mkfs.ext4 -O ^metadata_csum /dev/path/to/disk
    This command creates the filesystem formatted as ext4 without the metadata_csum feature, the caret ^ signifies "disable feature".

    Unfortunately this means directories will not be protected by a checksum because the 2.6.36 kernel of the Tomato firmware does not support ext4 metadata checksums.

    Hopefully in the future if it is supported, we may be able to mount the drive onto a linux machine thats has tune2fs, so that it can be enabled without completely reformatting the drive on the Tomato router (unless they also add tune2fs to the firmware). Then follow the instructions below:

    Last edited: May 12, 2019
    R8000 boot-looping with 2019.2

    I have been using FreshTomato with R7000 with no problems.

    Just bought a used R8000
    1. reset it to factory defaults
    2. reboot
    3. flashed it with the latest stock image
    4. reboot
    5. reset it to factory defaults
    6. reboot
    7. flashed with the FreshTomato initial image freshtomato-R8000-2019.2-initial-64K.zip
    8. reboot
    9. flashed it with the FreshTomato 2019.2 AIO image at freshtomato-R8000-ARM-2019.2-AIO-64K.zip
    10. reboot
    The device never came back up.

    Continuous ping to periodically shows about 5 responses with TTL = 100 (waiting for image?).
    I tried the TFTP method (from windows and linux) at different phases of boot with the latest stock image at "How-to-upload-firmware-to-a-NETGEAR-router-using-TFTP-client" with no success: as soon as the power LED turns from orange to off, as soon as all the LEDs flash, as a soon as I get the first ICMP response, etc. TFTP put fails every time. (The power LED never changes from orange to flashing as mentioned in that article).

    I'd appreciate any ideas on how I can recover the R8000.
    I'm hoping I don't have to the USB-TTL route ....

    One thing I found when attempting a tftp upload is that you have to use the smaller initial image or the factory firmware. I have never had success using the larger AIO image with tftp. It also usualy takes me several trys to get it to work.
    Thanks for the quick reply.
    I have been trying the stock/factory firmware.
    I'll try the initial image shortly ...
    Can the power LED not going from orange to blinking/flashing be ignored ? Or is there something else going on ?

    The LEDs don't matter. What matters is that you start the TFTP request as soon as the device start to ping on power-up.
    I keep two CLI windows open. One pinging, and the other with the TFTP command pre-typed so I can hit enter quickly.
    I'm using 2019.2 on Tenda AC-15 and works well without reboot.
    How long did you let it go?

    My experience below may / may not be relevant.

    When I originally flashed from defaults to AdvancedTomato on my R7000, I ran into a similar boot loop issue. I let it go for a maybe 10-20 mins noticing that it just kept looping. I started to panic and eventually decided to try using the TFTP-client to reload firmware (over and over). I never had success, similar as you mentioned. Eventually I think I just let it run on its own while I got distracted with something else and I think eventually it came up on its own to a weird page in the browser (not the normal landing page). I had to guess the appropriate .html or .asp pages to finish the setup or reach the default page for some reason. This happened quite a while ago so I don't remember much detail about it.
    No luck with stock or initial. I'm now at about 50-60 tries. There's gotta be an easier.
    New observations:
    1. When I press and hold the reset button at boot, I get more ping responses (10 or so) than without (6 or so)
    2. Wireshark shows no responses from the R8000 (other that ICMP replies).
    3. nmap shows the following
    $ sudo nmap -v -sU -p 69
    Starting Nmap 7.60 at 2019-05-13 21:23 EDT
    Initiating ARP Ping Scan at 21:23
    Scanning [1 port]
    Completed ARP Ping Scan at 21:23, 0.23s elapsed (1 total hosts)
    Initiating Parallel DNS resolution of 1 host. at 21:23
    Completed Parallel DNS resolution of 1 host. at 21:23, 0.01s elapsed
    Initiating UDP Scan at 21:23
    Scanning [1 port]
    Completed UDP Scan at 21:23, 0.25s elapsed (1 total ports)
    Nmap scan report for
    Host is up (0.0021s latency).
    PORT   STATE         SERVICE
    69/udp open|filtered tftp
    MAC Address: B0:7F:B9:7F:F4:E0 (Netgear)
    Read data files from: /usr/bin/../share/nmap
    Nmap done: 1 IP address (1 host up) scanned in 0.66 seconds
               Raw packets sent: 3 (84B) | Rcvd: 1 (28B)
    I'm running out of ideas now ...
    Initially, I probably let it go for not more than 10 minutes. Right now, it has been up for over an hour. I'll try to let it run(boot-loop) overnight.
    My R7000 works like a charm :(
    Should I be trying R8000-back-to-ofw.trx?
    Also, does the file itself have anything to do with whether the tftp succeed ? I was expecting to see some transfer progress regardless of the file I was using.
    I tried to minimize delays by
    1. Disabling NetworkManager on my linux box
    2. Adding static ARP entries for the router on my linux box.
    3. Keeping all the commands entered and read to "put"
    Still no luck.
    Here are my tftp parameters
    $ tftp
    tftp> verbose
    tftp> trace
    tftp> rexmt 1
    tftp> binary
    tftp> put initial.chk
    putting initial.chk to [octet]
    sent WRQ <file=initial.chk, mode=octet>
    I noticed, when im connected to the router with VPN thru PPTP server everytime im saving settings on the router I cannot acces the interface anymore. The VPN connection is not dropped. I have to disconnect the connection and connect again and it works until another save.
    I also noticed when using RDP thru VPN connection often freezes. And I have to disconnct VPN and connect again to work.
    Last edited: May 14, 2019
    wanted to ask if all leds working? stealth mode?
    thx & BR
    Could you please post the output cat /proc/mtd
    All leds working. Only 5GHz WiFi not blink when data is transferred.
    In stealth mode only 2,4GHz WiFi not turn off.
    This is only "cosmetic bugs", but i wait for fix it.

    > cat /proc/mtd                                                                               
    dev:    size   erasesize  name                                                               
    mtd0: 00040000 00010000 "boot"                                                               
    mtd1: 00fb0000 00010000 "linux"                                                               
    mtd2: 00e0c6ec 00010000 "rootfs"                                                             
    mtd3: 00010000 00010000 "nvram"   
    Thank you for posting, but I'd like to ask kille72,pedro311 if spi has to do with how mtd partition is structured here, as I see no board_data. I have a seen an output for the ac18 with 128mb flash, I don't think that what is being used may not properly partition the ac18 model and show flash size or nvram usage properly show properly on tomato gui either, or that something how the ac18 would be ported to sources? regards
    I had the same issue. I personally think the FreshTomato initial files for the R8000 cause this issue. I ended up having to use the TTL route (note: you don't have to take apart the case assuming your R8000 has the headers -- you can put the cables through the top holes if your patient enough).

    Once recovered, I used Shibby's initial file, followed by his latest build, then upgraded to latest FreshTomato. It was a bit of a journey, but worked fine in the end.
    I tried latest FreshTomato and I've had quite a lot of random reboots and issues with my AC3200. I couldn't even setup basic networking and router identification without reboot (no saved values). I did nvram reset and every thing was done from scratch.

    I'm now cherry-picking commits for AT 3.5-141 to see which is causing issues.
    Hi..part of the problem is that the Tenda AC15 only has three LAN ports, while Tomato expects four. LAN1-LAN3 map to LAN2-LAN4 in Tomato. Something seemed off with the way the VLAN section behaved, but I did get it working with the WAN and LAN1 ports being my two WAN ports. Something I found out the hard way: Don't use VLAN0, and make sure that the LAN (main) network is VLAN1.
    Interesting because my main router is AC3200 and I do not have even the slightest problems with 2019.2...(?)
    Interesting indeed. I tried 2x nvram reset, reflashing from init, every thing... When I clicked save 3/5 times the router rebooted without saving any data. Also when coming back it went into "rescue" mode and then booted back. Once back it was running fine, but after few days again reboot. No reason, no log, nothing... Device is fine as I'm running AT/Shibby without any reboots or issues
    @Jacky444 did you use 64K or 128K Version for your AC3200 ? maybe that could be the problem
    And remember to clean your browser cache and/or use Ctrl+F5 to get rid of problems with GUI.
    I did install 128K so that could truly be an issue. Interesting
    System commands shell does not work in Internet Explorer. Can this somehow be fixed for this browser?
    Removing all downloads was intentional. I'd still offer builds for R7000/R8000, but I don't see a point compiling builds for many routers and further fragmenting TomatoUSB community at this point.

    About AT GUI, I only maintain because I use it myself. Otherwise it's a very slow process, because many things aren't an easy merge, and I don't have much time anymore.
    A couple of questions I've had on my mind for a while:

    - What exactly are the differences between the VPN and AIO versions? I'd like to better understand what packages, services, etc that the AIO version includes in comparison with VPN, I haven't been able to find any sort of good comparison between the two other than "AIO" includes everything - what is "everything" in this case?

    - Is there a reason why from a default configuration, Wireless is set with no Encryption / Open Wireless? This seems like a terrible idea. If it's to allow wireless users to get back in after a default config, first it seems like a terrible idea to do that over wireless instead of being hardwired, second I can't help but think at the very least it would be advantageous to decide some sort of default password to be used for some level of security through obscurity until you get a chance to set your own. But of course I believe setting Wireless down by default would definitely be the optimal configuration here, for the default configuration.
    I am also having the random reboots (every few days or so, inconsistent and random for how many days). I have an R7000.

    This behavior also occurred for me while using AndreDVJ's AT-ARM-3.5-140-AIO-64K_09FEB20 before I recently switched to FreshTomato.
    The attached Shibby's builds definition might be dated but should still be helpful.

    Seems like it would really be nice if someone made a new comparison chart, that's very hard to read and inconclusive with how many different "VPNs" there - just two columns a VPN and AIO would be nice.

    Appreciate your assistance though! Just an observation as a user, and someone wanting to learn and better understand.
    At one time, there was so little flash available on most routers, it became necessary to create numerous builds. But in modern times, there's so much flash available (esp. w/ ARM), the need for all those builds has dropped dramatically. And so now the decision process has become so binary, no one is detailing the differences. If you have the necessary flash, you install the AIO build, or else the VPN build. In either case, you'll quickly find out what's in each.

    I'm not trying to be flip about it, but just explaining the rationale I believe that's lead to this lack of detail. Years ago having to do install all these builds just to determine the feature set would have been far more laborious.

    Just my thoughts on the matter, fwiw.

    Last edited: May 20, 2019 at 6:08 AM
    Good morning. Wndr3400v2.
    I have fresh sources and debian 9.7.0 with all depends.
    After compiling, I cant save openvpn changes(save button is light, but after pressing nothing is changed). Browser was cleared. Tested in Mozilla, Chrome, Edge, Explorer - the same problem is repeating.
    I cant add links on screenshots because of forum limits

    Upd: Video about this problem is above
    what's the amount of NVRAM free you have?
    Total / Free NVRAM:64.00 KB / 35.24 KB (55.06%)
    I think its enough
    Just managed to watch the video properly. it seems like you have no security (keys/certificates) defined. OpenVPN is likely to fail because of that. Increase the verbosity level but you should be already be able to see the reason in the logs.
    Mips, linksys e2500v3, which was compiled an hour ago. Openvpn has different choices and saves correctly.
    In previous video u can see JS problems in Mozilla debugger. Its not nvram problem, not problem of empty keys and certificates. But I dunno how to fix this

    Upd: After 30\30\30 no changes.
    Last edited: May 20, 2019 at 2:25 PM
    Apologies, but what are you precisely looking to fix here?
    How are you expecting this to work any ways if you don't have Keys defined?
    What's in your log?
    Second video is an example "how it should works"(linksys e2500ve). First video shows general problem.(wndr3400v2)
    As you can see, in first video I havent "generate keys\ generate dh" columns. Also, debugger shows error in vpn-server.asp and tomato.js
    Ill repeat, these 2 modeles are mips and were compiled almost at the same time.

    Update: I can save changes in linksys e2500v3 with empty keys.
    Could I make a suggestion? How 'bout we create a new forum for FreshTomato issues (perhaps even separate ones for ARM vs. MIPS) rather than having everything buried in this one thread. Because I don't know about everyone else, but it's a major pain to have one issue after another dumped into this one single thread. Now anytime there's a new issue, we have to sift through the entire thread to find it. I'm not even aware of it unless every day I forced myself to check this thread. So let's just create a new sub-forum and post individual problems as new threads in that forum. That's what Merlin does over at SNB for his own firmware. Because if we don't, one day this thing is going to be 300 pages long, and useless to anyone who hasn't been following it since day one.


    P.S. And if we do create a new sub-forum, let's lock this thread to force everyone to use the new sub-forum.
    Last edited: May 21, 2019 at 1:18 PM
    //EDIT: @KtbKtb, as I said in PM -> open new thread.
    Last edited: May 21, 2019 at 10:00 AM
    I am attempting to compile tunsafe userspace wireguard client/server for freshtomato since the kernel wireguard module will never work due to the old kernel. Tunsafe client also supports obfuscation which maybe useful for people in certain countries. I managed to setup the build environment and I attempted to compile it with the broadcom toolchain in hndtools-arm-linux-2.6.36-uclibc-4.5.3 but it turns out that it requires -std=c++11 and that is not supported by the ancient g++ used in the toolchain.

    So my next step, is that I will attempt to compile a newer toolchain targeting same kernel version and same uclibc version but with newer compiler that supports -std=c++11.

    If this works, I hope that someone will develop a frontend for tomato interface and integrate it in the work tree.
    Thank you very much.
    I succeeded in building it and documented the config / scripts needed.

    Check GitHub gist notsure2/cd0636579f0184d1c0d83a7ad7388f30

    I hope this helps bring tunsafe into freshtomato firmware.
    Good Evening.
    I am trying to flash freshtomato on my Xiaomi R1D but it kinda fails on one of the first steps. After looking up several tutorials and guides I tried to gain access to ssh on the router but the paring process keeps failing with the android app.
    There some hints in this thread on how to pair/link the device to your account and they helped me to get to the point where the app actually finds the device while being logged into my account but after entering the admin password it fails the pairing process.
    So I wonder if someone here have the knowledge and is willing to share it with me on how to flash freshtomate on the Xiaomi R1D router. Thank you very much in advance!
    This was somehow discussed in the past. Few votes in total I admit but the overall view from forum members appears to be: let's not change anything


    I guess we can start asking users to open new threads adding [Freshtomato] as a title header... but behavioural change is always tedious and will not affect new users. Plus expect lots of resistance.

    P.S. you should have opened a new thread for this (lol just kidding :D)
    All I can do is ask. I know for myself, my interest in this forum is beginning to wane because it's becoming increasingly difficult to deal w/ all the nested conversations in this one thread. At some point it gets ridiculous. What's the point of having a forum if everything ends up dumped in one thread?

    What really got me on this bandwagon is that I'm noticing that new posts are starting to dry up in the forum. Or at least it sure seems that way. I don't even seem to get much response from the developers when I post a new thread. I'm starting to think that unless I follow the current scheme and post in this thread too, nothing will get addressed.

    If we don't nip this in the bud NOW, it's going to get so bad that no one except those diehards who live within this thread on a daily basis will be able to follow it. I know when I see a thread of 50, 100, etc., pages, my heart sinks because I know I now have to spend hours sifting through it all in hopes of finding something relevant to my problems. How ppl can find that an acceptable situation baffles me.

    If it continues, I suppose I'll just have to move on to the Merlin firmware and the SNB forums, where things are more normal (I've already increased my activity there substantially).
    HorseCalledHorse likes this.
    I totally agree and that's why I originally posted that thread with vote included. The thing is: it's not up to you or me unfortunately... and it seems like most of the people don't want a split from a single thread structure and it's a real shame (if you ask me). Perhaps locking this thread would automatically resolve?
    It's a great idea.
    Even if I wrote my question in this thread as well because I couldn't find any sub forum dedicated to problems and freshtomato and it seemed like the way it is done here. It would have helped me a lot finding some guides and tutorials instead of clicking though every page of this thread.
    Thanks Wizardknight. Unfortunately, I don't know how I would go about writing such a job. Any help you wish to provide would be much appreciated.
    I thought I will have more time in recent time to create newest AT builds, but heck I got super busy again. I did apply a lot of security stuff for my personal build, but I also messed up some merges to bring updates to ARM so I just kinda failed and postponed every thing again! Again and again and again DAMN TIME! :p
    Why has nobody just made the AT GUI a compile time option, that way @Jacky444 @AndreDVJ could just focus on updating just the GUI and not everything else with each new release?
    The solution to everybody posting in one thread is easy but will require a couple of things, either or both

    1. The ability (should be option/plugin in forum software, is it @Toxic ?) and willingness to be able to lock the threads you start.

    2. A few moderators willing to just lock/move threads, and have a thick enough skin when the complainers complain.

    I'd prefer both options.
