IPSec Issues

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page 1, 2  Next
Author Message
nolimitz
DD-WRT Guru


Joined: 26 Nov 2010
Posts: 597

PostPosted: Thu Apr 04, 2019 9:23    Post subject: IPSec Issues Reply with quote
hello there,

anyone has IPSec and iOS 12.2 working?

on my R7000 (still running 35550M), IPSec always worked, now iPhone cannot connect.

on R7000P, running 39345M, iOS 12.2 cannot connect as well.

Edit:
rolling back to older builds like 37985M or 35550M, iPhone on iOS 12.2 can connect just fine. so there are two problems:
- on newer builds (tested on 39345M), iOS cannot connect
- for R7000P, builds that IPSec is working (35550M for example), if IPSec is enabled, after a reboot there is no wireless (even WL temperature is not shown).
- R7000 on 35550M worked fine after vpn resetup on iPhone (downloading certs again etc)


Last edited by nolimitz on Mon May 06, 2019 7:17; edited 2 times in total
Sponsor
<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany

PostPosted: Thu Apr 04, 2019 19:50    Post subject: Re: IPSec and iOS 12.2 = Not Working Reply with quote
nolimitz wrote:
hello there,

anyone has IPSec and iOS 12.2 working?

on my R7000 (still running 35550M), IPSec always worked, now iPhone cannot connect.

on R7000P, running 39345M, iOS 12.2 cannot connect as well.


I know that it works on my ipq builds where I already updated strongswan, did you check the log file?

_________________
KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
nolimitz
DD-WRT Guru


Joined: 26 Nov 2010
Posts: 597

PostPosted: Fri Apr 05, 2019 5:30    Post subject: Re: IPSec and iOS 12.2 = Not Working Reply with quote
<Kong> wrote:
nolimitz wrote:
hello there,

anyone has IPSec and iOS 12.2 working?

on my R7000 (still running 35550M), IPSec always worked, now iPhone cannot connect.

on R7000P, running 39345M, iOS 12.2 cannot connect as well.


I know that it works on my ipq builds where I already updated strongswan, did you check the log file?


thanks Kong. i reset and configured from scratch, even formatted JFFS (USB)

here is the log from R7000P:


Code:

Apr 5 08:21:31 R7000P daemon.info : 13[IKE] authentication of 'home' with EAP successful
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] authentication of '******' (myself) with EAP
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] IKE_SA ikev2[3] established between 192.168.1.2[*****]...*******[home]
Apr 5 08:21:31 R7000P authpriv.info : 13[IKE] IKE_SA ikev2[3] established between 192.168.1.2[****]...******[home]
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] scheduling reauthentication in 9999s
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] maximum IKE_SA lifetime 10539s
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] peer requested virtual IP %any
Apr 5 08:21:31 R7000P daemon.info : 13[CFG] sending DHCP DISCOVER to 255.255.255.255
Apr 5 08:21:31 R7000P daemon.info : 05[CFG] received DHCP OFFER 192.168.1.110 from 192.168.1.1
Apr 5 08:21:31 R7000P daemon.info : 13[CFG] sending DHCP REQUEST for 192.168.1.110 to 192.168.1.1
Apr 5 08:21:31 R7000P daemon.info : 13[CFG] sending DHCP REQUEST for 192.168.1.110 to 192.168.1.1
Apr 5 08:21:31 R7000P daemon.info : 13[CFG] sending DHCP REQUEST for 192.168.1.110 to 192.168.1.1
Apr 5 08:21:31 R7000P daemon.info : 10[CFG] received DHCP ACK for 192.168.1.110
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] assigning virtual IP 192.168.1.110 to peer 'home'
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] peer requested virtual IP %any6
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] no virtual IP found for %any6 requested by 'home'
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] received netlink error: No such file or directory (2)
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] unable to add SAD entry with SPI c6ba27ff (FAILED)
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] received netlink error: No such file or directory (2)
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] unable to add SAD entry with SPI 09ad2ed3 (FAILED)
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] unable to install inbound and outbound IPsec SA (SAD) in kernel
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] failed to establish CHILD_SA, keeping IKE_SA
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] deleting policy 192.168.1.110/32 === 0.0.0.0/0 in failed, not found
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] deleting policy 192.168.1.110/32 === 0.0.0.0/0 fwd failed, not found
Apr 5 08:21:31 R7000P daemon.info : 13[ENC] generating IKE_AUTH response 9 [ AUTH CPRP(ADDR DNS DNS DNS) N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(NO_PROP) ]
Apr 5 08:21:31 R7000P daemon.info : 07[NET] received packet: from ******[5157] to 192.168.1.2[4500] (80 bytes)
Apr 5 08:21:31 R7000P daemon.info : 07[ENC] parsed INFORMATIONAL request 10 [ D ]
Apr 5 08:21:31 R7000P daemon.info : 07[IKE] received DELETE for IKE_SA ikev2[3]
Apr 5 08:21:31 R7000P daemon.info : 07[IKE] deleting IKE_SA ikev2[3] between 192.168.1.2[******]...*******[home]
Apr 5 08:21:31 R7000P authpriv.info : 07[IKE] deleting IKE_SA ikev2[3] between 192.168.1.2[*****]...******[home]
Apr 5 08:21:31 R7000P daemon.info : 07[IKE] IKE_SA deleted
Apr 5 08:21:31 R7000P authpriv.info : 07[IKE] IKE_SA deleted
Apr 5 08:21:31 R7000P daemon.info : 07[ENC] generating INFORMATIONAL response 10 [ ]
Apr 5 08:21:31 R7000P daemon.info : 07[NET] sending packet: from 192.168.1.2[4500] to *******[5157] (80 bytes)
Apr 5 08:21:31 R7000P daemon.info : 07[CFG] sending DHCP RELEASE for 192.168.1.110 to 192.168.1.1



this is where it fails it seems:

Code:
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] peer requested virtual IP %any6
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] no virtual IP found for %any6 requested by 'home'
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] received netlink error: No such file or directory (2)
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] unable to add SAD entry with SPI c6ba27ff (FAILED)
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] received netlink error: No such file or directory (2)
Apr 5 08:21:31 R7000P daemon.info : 13[KNL] unable to add SAD entry with SPI 09ad2ed3 (FAILED)
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] unable to install inbound and outbound IPsec SA (SAD) in kernel
Apr 5 08:21:31 R7000P daemon.info : 13[IKE] failed to establish CHILD_SA, keeping IKE_SA


i cannot check the R7000 now but will do tomorrow. i will re-download the certs and try. re-downloading the certs on R7000P doesn't help.
spaceghost
DD-WRT User


Joined: 08 Jun 2010
Posts: 109
Location: New Zealand

PostPosted: Sun Apr 21, 2019 4:40    Post subject: IPSec not working in r39575M Reply with quote
I suspect iOS 12.2 is not the issue as I have been having problems for several months with IPSec on Kong builds and my devices are on 12.1.1.

I suspect that something happened after 37985M builds which is leading to this problem with IPSec.Personally, I'm on an Asus RT-AC3200.

I posted my issue in a previous @Kong release thread a couple of months ago

At that time, I could manage to get it working by Disable IPSec, save settings, apply, re-enable, save settings, apply.

But now in 39575M I can't get it to work at all and my IPSec fails and shows similar log errors to yours.

If I revert back to 37985m everything starts working again.

Apr 21 16:15:00 DD-WRT daemon.info : 06[IKE] authentication of '*********' with EAP successful
Apr 21 16:15:00 DD-WRT daemon.info : 06[IKE] authentication of '***********.ddns.net' (myself) with EAP
Apr 21 16:15:00 DD-WRT daemon.info : 06[IKE] IKE_SA ikev2[7] established between xxx.xx.131.237[***********.ddns.net]...xx.xxx.233.35[*********]
Apr 21 16:15:00 DD-WRT authpriv.info : 06[IKE] IKE_SA ikev2[7] established between xxx.xx.131.237[***********.ddns.net]...xx.xxx.233.35[*********]
Apr 21 16:15:00 DD-WRT daemon.info : 06[IKE] scheduling reauthentication in 10208s
Apr 21 16:15:00 DD-WRT daemon.info : 06[IKE] maximum IKE_SA lifetime 10748s
Apr 21 16:15:00 DD-WRT daemon.info : 06[IKE] peer requested virtual IP %any
Apr 21 16:15:00 DD-WRT daemon.info : 06[CFG] sending DHCP DISCOVER to 192.168.1.1
Apr 21 16:15:03 DD-WRT daemon.info : 06[CFG] sending DHCP DISCOVER to 192.168.1.1
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPDISCOVER(lo) 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPOFFER(lo) 192.168.1.147 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info : 09[CFG] received DHCP OFFER 192.168.1.147 from 192.168.1.1
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPDISCOVER(lo) 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPOFFER(lo) 192.168.1.147 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPDISCOVER(lo) 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPOFFER(lo) 192.168.1.147 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info : 06[CFG] sending DHCP REQUEST for 192.168.1.147 to 192.168.1.1
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPREQUEST(lo) 192.168.1.147 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info : 06[CFG] sending DHCP REQUEST for 192.168.1.147 to 192.168.1.1
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPACK(lo) 192.168.1.147 7a:a7:9e:db:09:ee *********
Apr 21 16:15:03 DD-WRT daemon.info : 06[CFG] sending DHCP REQUEST for 192.168.1.147 to 192.168.1.1
Apr 21 16:15:03 DD-WRT daemon.info : 13[CFG] received DHCP ACK for 192.168.1.147
Apr 21 16:15:03 DD-WRT daemon.info : 06[IKE] assigning virtual IP 192.168.1.147 to peer '*********'
Apr 21 16:15:03 DD-WRT daemon.info : 06[IKE] peer requested virtual IP %any6
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPREQUEST(lo) 192.168.1.147 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info : 06[IKE] no virtual IP found for %any6 requested by '*********'
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPACK(lo) 192.168.1.147 7a:a7:9e:db:09:ee *********
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPREQUEST(lo) 192.168.1.147 7a:a7:9e:db:09:ee
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPACK(lo) 192.168.1.147 7a:a7:9e:db:09:ee *********
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] received netlink error: No such file or directory (2)
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] unable to add SAD entry with SPI c6f7a0bb (FAILED)
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] received netlink error: No such file or directory (2)
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] unable to add SAD entry with SPI 0525fab7 (FAILED)
Apr 21 16:15:03 DD-WRT daemon.info : 06[IKE] unable to install inbound and outbound IPsec SA (SAD) in kernel
Apr 21 16:15:03 DD-WRT daemon.info : 06[IKE] failed to establish CHILD_SA, keeping IKE_SA
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] deleting policy 192.168.1.147/32 === 0.0.0.0/0 in failed, not found
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] deleting policy 192.168.1.147/32 === 0.0.0.0/0 fwd failed, not found
Apr 21 16:15:03 DD-WRT daemon.info : 06[ENC] generating IKE_AUTH response 9 [ AUTH CPRP(ADDR DNS DNS DNS NBNS) N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(NO_PROP) ]
Apr 21 16:15:03 DD-WRT daemon.info : 06[NET] sending packet: from xxx.xx.131.237[4500] to xx.xxx.233.35[42927] (208 bytes)
Apr 21 16:15:03 DD-WRT daemon.info : 15[NET] received packet: from xx.xxx.233.35[42927] to xxx.xx.131.237[4500] (80 bytes)
Apr 21 16:15:03 DD-WRT daemon.info : 15[ENC] parsed INFORMATIONAL request 10 [ D ]
Apr 21 16:15:03 DD-WRT daemon.info : 15[IKE] received DELETE for IKE_SA ikev2[7]
Apr 21 16:15:03 DD-WRT daemon.info : 15[IKE] deleting IKE_SA ikev2[7] between xxx.xx.131.237[***********.ddns.net]...xx.xxx.233.35[*********]
Apr 21 16:15:03 DD-WRT authpriv.info : 15[IKE] deleting IKE_SA ikev2[7] between xxx.xx.131.237[***********.ddns.net]...xx.xxx.233.35[*********]
Apr 21 16:15:03 DD-WRT daemon.info : 15[IKE] IKE_SA deleted
Apr 21 16:15:03 DD-WRT authpriv.info : 15[IKE] IKE_SA deleted
Apr 21 16:15:03 DD-WRT daemon.info : 15[ENC] generating INFORMATIONAL response 10 [ ]
Apr 21 16:15:03 DD-WRT daemon.info : 15[NET] sending packet: from xxx.xx.131.237[4500] to xx.xxx.233.35[42927] (80 bytes)
Apr 21 16:15:03 DD-WRT daemon.info : 15[CFG] sending DHCP RELEASE for 192.168.1.147 to 192.168.1.1
Apr 21 16:15:03 DD-WRT daemon.info dnsmasq-dhcp[1354]: DHCPRELEASE(lo) 192.168.1.147 7a:a7:9e:db:09:ee

_________________
RT-AX86U MerlinWRT & RT-AC68U DD-WRT
nolimitz
DD-WRT Guru


Joined: 26 Nov 2010
Posts: 597

PostPosted: Sun Apr 21, 2019 7:04    Post subject: Re: IPSec not working in r39575M Reply with quote
spaceghost wrote:
I suspect iOS 12.2 is not the issue as I have been having problems for several months with IPSec on Kong builds and my devices are on 12.1.1.

I suspect that something happened after 37985M builds which is leading to this problem with IPSec.Personally, I'm on an Asus RT-AC3200.

I posted my issue in a previous @Kong release thread a couple of months ago

At that time, I could manage to get it working by Disable IPSec, save settings, apply, re-enable, save settings, apply.

But now in 39575M I can't get it to work at all and my IPSec fails and shows similar log errors to yours.

If I revert back to 37985m everything starts working again.


its good to know i am not alone. hopefully Kong can do something about it.
<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany

PostPosted: Sun Apr 21, 2019 17:53    Post subject: Reply with quote
I just checked it, on both dd-wrt and openwrt, only lan access works, wan access through ipsec does not work, ios does not even send any request through the tunnel in case of a wan access, thus very sure this is an ios bug.
_________________
KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
quarkysg
DD-WRT User


Joined: 03 May 2015
Posts: 323

PostPosted: Sun Apr 21, 2019 21:21    Post subject: Reply with quote
Try disabling SFE and see if IPSec traffic starts routing over WAN. I have the same issue with IPSec routing over my VPN tunnels with SFE turned on. I had to patch the SFE code to bypass accelerating IPSec traffic to make it to work.
<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany

PostPosted: Sun Apr 21, 2019 21:29    Post subject: Reply with quote
quarkysg wrote:
Try disabling SFE and see if IPSec traffic starts routing over WAN. I have the same issue with IPSec routing over my VPN tunnels with SFE turned on. I had to patch the SFE code to bypass accelerating IPSec traffic to make it to work.


Nothing to do with SFE, config is still the same and it has been working all the time, just now ios is not using the correct route.

_________________
KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
spaceghost
DD-WRT User


Joined: 08 Jun 2010
Posts: 109
Location: New Zealand

PostPosted: Wed Apr 24, 2019 19:47    Post subject: Reply with quote
<Kong> wrote:
I just checked it, on both dd-wrt and openwrt, only lan access works, wan access through ipsec does not work, ios does not even send any request through the tunnel in case of a wan access, thus very sure this is an ios bug.


I'm a bit confused here. My iOS won't even initiate a VPN connection on current Kong builds. But I have no problem whatsoever on 37985?

Can someone who knows more than me explain these log entries I see when my attempt to get the VPN up and running in current Kong builds fails? This seems to be where the problem is where I can't even get a VPN session initiated.

Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] received netlink error: No such file or directory (2)
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] unable to add SAD entry with SPI c6f7a0bb (FAILED)
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] received netlink error: No such file or directory (2)
Apr 21 16:15:03 DD-WRT daemon.info : 06[KNL] unable to add SAD entry with SPI 0525fab7 (FAILED)
Apr 21 16:15:03 DD-WRT daemon.info : 06[IKE] unable to install inbound and outbound IPsec SA (SAD) in kernel

Is it possible there is a missing module, dependency, component? The 'No such file or directory' seems like the culprit?

_________________
RT-AX86U MerlinWRT & RT-AC68U DD-WRT
spaceghost
DD-WRT User


Joined: 08 Jun 2010
Posts: 109
Location: New Zealand

PostPosted: Tue Apr 30, 2019 21:17    Post subject: Reply with quote
<Kong> wrote:
quarkysg wrote:
Try disabling SFE and see if IPSec traffic starts routing over WAN. I have the same issue with IPSec routing over my VPN tunnels with SFE turned on. I had to patch the SFE code to bypass accelerating IPSec traffic to make it to work.


Nothing to do with SFE, config is still the same and it has been working all the time, just now ios is not using the correct route.


Any chance you can comment on my prior post. I don't think there is an iOS bug in my situation as everything works on your December build which suggests iOS is not having bugs/issues.

I would be curious to know your thoughts on the errors in the log I sited in my prior post.

_________________
RT-AX86U MerlinWRT & RT-AC68U DD-WRT
nolimitz
DD-WRT Guru


Joined: 26 Nov 2010
Posts: 597

PostPosted: Sun May 05, 2019 11:22    Post subject: Reply with quote
so i rolled back to 35550M, re-gen certs and re-setup iphone vpn and iOS 12.2 will connect fine.

now my only problem on R7000P is that if i enable IPSec and reboot, i have no wifi, so i have to enable manually IPSec after a completed reboot.
spaceghost
DD-WRT User


Joined: 08 Jun 2010
Posts: 109
Location: New Zealand

PostPosted: Sun May 05, 2019 20:03    Post subject: Reply with quote
nolimitz wrote:
so i rolled back to 35550M, re-gen certs and re-setup iphone vpn and iOS 12.2 will connect fine.

now my only problem on R7000P is that if i enable IPSec and reboot, i have no wifi, so i have to enable manually IPSec after a completed reboot.


Try running 37985M - I was having some issues on builds earlier to that where I had to manually disable, renable IPSec after a reboot. However, on 37985M I don't have that problem.

Again this really suggests, contrary to Kong's post, that the issue is NOT iOS 12.2 related, I believe. Which kind of makes the title of this thread misleading. I am running iOS 12.1 and iOS 12.1.1 beta 3 and can't get IPSec to work on builds after 37985M

EDIT: Also, Kong, if you read this, I love your builds and all you do for the community. It just seems something is a bit twitchy with IPSec lately

_________________
RT-AX86U MerlinWRT & RT-AC68U DD-WRT


Last edited by spaceghost on Mon May 06, 2019 7:26; edited 1 time in total
superdupe
DD-WRT Novice


Joined: 23 Jul 2018
Posts: 6

PostPosted: Mon May 06, 2019 0:44    Post subject: Reply with quote
spaceghost wrote:
nolimitz wrote:
so i rolled back to 35550M, re-gen certs and re-setup iphone vpn and iOS 12.2 will connect fine.

now my only problem on R7000P is that if i enable IPSec and reboot, i have no wifi, so i have to enable manually IPSec after a completed reboot.


Try running 37985M - I was having some issues on builds earlier to that where I had to manually disable, renable IPSec after a reboot. However, on 37985M I don't have that problem.

Again this really suggests, contrary to Kong's post, that the issue is NOT iOS 12.2 related, I believe. Which kind of makes the title of this thread misleading. I am running iOS 12.1 and iOS 12.1.1 beta 3 and can't get IPSec to work on builds after 37985M


This is my experience also... I love the Kong builds and this is in no way a complaint about his work, but I had to revert back to 38580 as the newer builds broke IPSEC. Even though I'm on a build that works, I find that if I make any changes to the system, I have to disable and re-enable IPSEC for it to work both in IOS and Windows 10 clients.

I definitely believe the problem is in the builds as I cannot not connect from Windows on the newer builds also. That would indicate it is not an IOS issue... Again, many thanks to Kong for helping me get IPSEC up and running in the first place.
nolimitz
DD-WRT Guru


Joined: 26 Nov 2010
Posts: 597

PostPosted: Mon May 06, 2019 7:20    Post subject: Reply with quote
spaceghost wrote:
nolimitz wrote:
so i rolled back to 35550M, re-gen certs and re-setup iphone vpn and iOS 12.2 will connect fine.

now my only problem on R7000P is that if i enable IPSec and reboot, i have no wifi, so i have to enable manually IPSec after a completed reboot.


Try running 37985M - I was having some issues on builds earlier to that where I had to manually disable, renable IPSec after a reboot. However, on 37985M I don't have that problem.

Again this really suggests, contrary to Kong's post, that the issue is NOT iOS 12.2 related, I believe. Which kind of makes the title of this thread misleading. I am running iOS 12.1 and iOS 12.1.1 beta 3 and can't get IPSec to work on builds after 37985M


i updated thread title, i also edited first post to add a section for the actual problem, newer builds have issues connecting, older builds will connect fine with no issues on my R7000, while wireless will not work on R7000P.

i tried build 37985M and IPSec will work, but wifi will not work after reboot on R7000P, same behavior of build 35550M.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Mon May 06, 2019 14:25    Post subject: Reply with quote
The R7000P was misidentified in a couple of builds, it was identified as an R6400 and thus Wifi was not working.

Problem existed between build 36816 and 37713, if you have used builds in that range do "nvram erase" to clean/clear

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum