Status: bad
Reset: no
Errors: everything works fine except for openvpn server is not starting. when I get back home I'll try the newer firmware out to see if that resuscitates it.
What build did you have previously?
ovpn server works fine on EA8500 w/r33375 and also on r33413.
If you came from r33006 or earlier build it is possible you are using keys that are no longer compatible with newer openssl.
Keys must be made using RSA security.
The older md5 security is no longer valid.
Also if you was using AES-512-CBC in server config it is also no longer good w/ new openssl
great point. I think my old certs were probably too insecure--1024 bit? in any case, I regenerated with more up to date inputs and it worked fine in this build as well as the newer build. I didn't get a chance to post yet on the other thread, but I'll do that now to say it works well
Thanks mrjcd!
Yea the size doesn't matter 1024 / 2048 /4096 that depends on who you talk to as to what they say is secure.
The old Easy RSA default was to generate keys using the md5 security method and that is considered not secure these days by most everywhere you look and new openSSL won't support it. Most updated android ovpn clients also will not work with it.
As long as RSA method is used any keypair bit size should be ok.
I made 1024, 2048 & 4096 all with at least 7 client keys each when I had to do new. They all work ok --- but I'll tel ya, it is kinda hard to squeeze 4096 keys onto a 32 KB nvram WRT54G router ha --ha .. the stupid things we do
Posted: Mon Oct 02, 2017 3:56 Post subject: Rosewill rnx-n150rt build 33375
Router model: Rosewill rnx-n150rt
Status: works OK (except touching VLAN settings sometimes hangs the GUI), but the big problem, as observed by users with other routers, is that once this build is on the router it can't be upgraded or downgraded. Here's what I've tried:
(1) GUI: tried to revert to previously installed build 21061; counts down for about 5 seconds, then reboots with build 33375 still installed. Same for upgrade attempt to build 33413.
(2) Telnet: scp'd firmware to /tmp and tried
Code:
root@DD-WRT:/tmp# write rosewill-RNX-N150RT-webflash_21061.bin linux
function stop_snmp not found
function stop_pppoeserver not found
function stop_openvpn not found
function stop_openvpnserver not found
function stop_freeradius not found
Image too big for partition: linux
linux: Invalid argument
root@DD-WRT:/tmp#
(3) tftp: This router is similar to a TP-Link WR741ND, but as far as I can tell (watching with wireshark during power up with reset pressed), it doesn't have the tftp client feature that might enable a recovery from this situation by pulling a file from a tftp server. Also tried pushing from tftp client, following the dd-wrt tftp install procedure, but had no luck with that either.
Any suggestions on workarounds would be much appreciated. For instance, is there any modification that can be accomplished from a shell session on a running instance of dd-wrt to get around this? If the problem is just the size of the image, is there something similar to the micro Broadcom builds for these Atheros-based routers?
Joined: 06 Jun 2006 Posts: 7492 Location: Dresden, Germany
Posted: Wed Oct 11, 2017 20:42 Post subject:
please watch the thread for the newest firmware. i posted a problem description in it. and i posted also a solution for it, but only as solution description since there are no universal commands for each individual device since the bootloader on each device might have a different size. _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
Joined: 06 Jun 2006 Posts: 7492 Location: Dresden, Germany
Posted: Wed Oct 11, 2017 23:21 Post subject:
just follow it and be carefull. you have to understand the instructions before starting to avoid any brick _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
Posted: Thu Oct 12, 2017 4:28 Post subject: Rosewill rnx-n150rt unstuck
I was able to get off build 33375 on a Rosewill rnx-n150rt using the procedure referred to by BrainSlayer above, which he posted in the thread for build 33492.
Posted: Thu Oct 12, 2017 8:32 Post subject: WRT160NL Flash problem
flash WRT160NL
I have see that most firmware 3.0 flashed by web GUI will brick the router (The startup log show "bad checksum").
but the same firmware programmed by tftp work perfetly..
Can be a problem in web server flashing routine?
thanks
If I could help you I would. But I don't understand how this happened considering your post of almost a month ago.
"PostPosted: Wed Sep 20, 2017 6:59 am Post subject: State of the DD-WRT project Reply with quote Edit/Delete this post Delete this post View IP address of poster
I've been using DD-WRT for years. Lately, the amount of testing going in before releasing new builds appears to be exactly zero.
- builds bricking devices left and right
- builds that just have no chance of even fitting on the device
- builds just AWOL (broadcom_K26 has been missing anything but the mini builds since 07-19-2017-r32753)
- you file tickets for them to get completely ignored
- documentation so outdated that it's basically useless
- I won't even mention the router "database", that's so bad that it should not be accessible at all, outright dangerous.
- last stable release 9 years ago.
- no support for x86/amd64 (no, noone with a bit of brain left is going to pay for alpha testing of this)
Towel thrown in?
Switched most of the remaining hardware to LEDE, will garbage whatever is not usable there.
R.I.P. " _________________ I am far from a guru, I'm barely a novice.