[SOLVED]-PIA DD-WRT issues

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
Author Message
Egotistical
DD-WRT Novice


Joined: 29 Aug 2020
Posts: 10

PostPosted: Sat Aug 29, 2020 16:33    Post subject: [SOLVED]-PIA DD-WRT issues Reply with quote
So, I have installed DD-WRT on a TP-Link AC1750 (Archer A7) and I am attempting to enable my Private Internet Access on the router. I have not had any success up to this point. I have turned off the NTP setting and set the date/time manually through the command window as the NTP failed to pull the correct date and time, no matter how I configured it. I have included screenshots and a pastebin of my log for reference. Any assistance would be greatly appreciated:

https://pastebin.com/embed_js/xtUccn3M

https://imgur.com/ROELVht
https://imgur.com/lu6waQS
https://imgur.com/3ykGSoN


Just to note: I followed the instructions I found on the PIA support website, as well as trying multiple fixes I found while scouring this website and a few others. I have been messing with this for a little over 3 days now and cannot even get a basic connection established with the PIA servers.


Last edited by Egotistical on Tue Sep 01, 2020 21:26; edited 1 time in total
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sat Aug 29, 2020 20:15    Post subject: Reply with quote
Welcome to the forum.

We can help you better if you follow the forum guide lines, link in my signature at the bottom of this post

You are posting in the wrong forum and you do not tell us what build you are using for all we know you are using the crappy build 40559 from the router database Sad

If NTP is not working you have made a setup error so the first thing to do is to get that right.
Enable NTP leave the time server field blank, the DDWRT default should work and check your DNS server.
(well actually the first thing to do is to check if you have a decent build)

I see that they have updated their setup instructions: https://www.privateinternetaccess.com/helpdesk/guides/routers/dd-wrt-v40559-openvpn-setup

the settings are wrong

Just use the 2048 key certificate 4096 is overkill

Do not use the DNS server 10.0.0.242 (this could be the problem of NTP as this is a DNS server which is not publicly available.

You have to enable NAT

Do not use anything in the Additional config

The old PIA instructions were better this is not good

I moved this thread to the right forum

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Egotistical
DD-WRT Novice


Joined: 29 Aug 2020
Posts: 10

PostPosted: Sun Aug 30, 2020 13:07    Post subject: Reply with quote
Sorry for wrong location, I was tired and read "Broadcom" as "Qualcom" for some reason. As far as my build, I thought I got it in my screenshots, but I guess I missed it:

Firmware: DD-WRT v3.0-r44236 std (08/22/20)

I'll go apply the settings you suggest and give it another go. Appreciate the initial assistance and will report back my results.

-----------------------

Okay, been playing with this for a bit now, and I still can't get NTP to play nice. It still sits at startup original time, but adjusts to time zone changes if I adjust that, but never actually pulls the proper time. I should probably have noted sooner that I am using this router to receive WAN through wireless from a local "public" subscription based service. I could go in to more detail if I need to. As of right now, it receives signal from the Wireless and I can access the internet on my laptop using a LAN cable through my router. I did a little google-fu and found that the router attempts to update the time at startup and again 120 seconds later, but no more after that. Is there a way to force a refresh of the NTP? Sometimes I don't have connection to the gateway in under 120 seconds. Even when I do establish connection quickly it still fails to update the time. Would love to get this working.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sun Aug 30, 2020 17:33    Post subject: Reply with quote
Egotistical wrote:
Sorry for wrong location, I was tired and read "Broadcom" as "Qualcom" for some reason. As far as my build, I thought I got it in my screenshots, but I guess I missed it:

Firmware: DD-WRT v3.0-r44236 std (08/22/20)

I'll go apply the settings you suggest and give it another go. Appreciate the initial assistance and will report back my results.

-----------------------

Okay, been playing with this for a bit now, and I still can't get NTP to play nice. It still sits at startup original time, but adjusts to time zone changes if I adjust that, but never actually pulls the proper time. I should probably have noted sooner that I am using this router to receive WAN through wireless from a local "public" subscription based service. I could go in to more detail if I need to. As of right now, it receives signal from the Wireless and I can access the internet on my laptop using a LAN cable through my router. I did a little google-fu and found that the router attempts to update the time at startup and again 120 seconds later, but no more after that. Is there a way to force a refresh of the NTP? Sometimes I don't have connection to the gateway in under 120 seconds. Even when I do establish connection quickly it still fails to update the time. Would love to get this working.


That is why the forum guide lines ask you to give as much information as you can like network setup and the guides you have been using.

So the first thing to do is to get your setup working

You are connecting to a public hotspot so I would advise to use Client mode see:
https://wiki.dd-wrt.com/wiki/index.php/Client_Mode

You can use the other radio for connecting clients or make a VAP on the radio connected to the hotspot later.

Leave the time field blank.

Do as the wiki tells you, reset to defaults first and start from scratch

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087


Last edited by egc on Sun Aug 30, 2020 18:40; edited 1 time in total
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Sun Aug 30, 2020 18:05    Post subject: Reply with quote
have a look here https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=326273 , there was a recent discussion about PIA, with a lot of useful info updated
NTP time is vital, you can use the default DDWRT ntp time, just select time zone
or use an ntp time IP instead or domain name in the NTP box....
for your router use the lower settings 128 bit sha 1, 2048 cert
do not expect performance greater than 10 mbit max

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913


Last edited by Alozaros on Mon Aug 31, 2020 6:15; edited 2 times in total
Egotistical
DD-WRT Novice


Joined: 29 Aug 2020
Posts: 10

PostPosted: Sun Aug 30, 2020 22:52    Post subject: Reply with quote
Okay,... so, I think I figured out the issue with the NTP... and I guess I should probably start over with my descriptions... sorry.

I am trying to get a TP-Link Archer A7 V5 to connect to a wireless network that I can see and is an open network. The network in question uses a captive portal to force purchasing of internet use in time blocks from 1 hr to 30 days, and in speed options of 1-6 meg. The intended final outcome is that my router will connect as a client, and log in to the network behind a Private Internet Access OpenVPN connection.

What I've done so far:

Install DD-WRT with build: v3.0-r44236 std (08/22/20)

played with some stuff for about 3 days,... asked for help,... looked like a noob... reset router to factory and started fresh.

Followed the "Client-Mode" wiki linked above. I can connect to the host router, and send an internet signal to my computer, where I log in using the captive portal. While connected in this manner, the NTP fails to connect and update time, so I cannot connect to PIA

Factory reset, packed everything up, moved to an area with actual open free wifi. Followed the wiki again, connected to the new host wifi, NTP operates as expected, proper time is recieved. Can surf the internet normally.

Followed the guide at: https://www.privateinternetaccess.com/helpdesk/guides/routers/dd-wrt-v40559-openvpn-setup (using a german server due to my current location in the world)
Checked status: says "Connected" is sending and recieving packets as expected, but I lose internet connectivity, all web pages come back as "took too long to respond".

Turn off VPN services and reset settings back, remove all static dns servers I put in while using the guide.

And that's where I am now. So... 2 issues remain: how to get NTP to pool properly from behind a captive portal, get VPN working.



----
Update: Got the internet going again through the VPN, had to adjust a couple settings after finding another post on here about NAT and Compression, all going good so far!

Thanks for all your help guys!
Egotistical
DD-WRT Novice


Joined: 29 Aug 2020
Posts: 10

PostPosted: Mon Aug 31, 2020 14:24    Post subject: Reply with quote
Okay, confirmed my suspicions. Back with the other WiFi that uses captive portal log in and again, the NTP servers are not connecting. Does anyone know of a way to force this to occur? I already have a package from the provider, just need to get the dd wrt to be able to see through it long enough to pull proper time so I can connect to the VPN.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Mon Aug 31, 2020 14:37    Post subject: Reply with quote
As long as you have not logged in to the captive portal the DDWRT router cannot reach the internet.

It is sometimes possible that the DDWRT router can log in to the captive portal but it depends.

see: https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1052889

I have the same problem in my summer residence but was able to track down the url which was used to login and now just execute that url form the router like:

Code:
curl -Lk "http://mon.iciwifi.com/?s=194e2943awefsdkjf68932443840810313ef35d60d&n=dotspot-6212"


There is a recent thread about this I will try to look this up.

I have contacted PIA support their instructions are unbelievably wrong.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Mon Aug 31, 2020 14:39    Post subject: Reply with quote
search for ddwrt auto login

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=142090&postdays=0&postorder=asc&start=30

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Egotistical
DD-WRT Novice


Joined: 29 Aug 2020
Posts: 10

PostPosted: Tue Sep 01, 2020 15:09    Post subject: Reply with quote
Thank you EGC for your support so far! I have been able to set up the auto-login for my local wifi hotspot and now can connect to PIA servers. Just hoping you can assist with the final piece to my puzzle. Is there any way to force the traffic over remote port 53? I'm trying to lift the bandwidth restriction. If you aren't able to assist with this portion, I understand, but would greatly appreciate any assistance you could give me.

I have done a little research on the project and even came across some older settings on the PIA website found here: https://www.privateinternetaccess.com/helpdesk/kb/articles/which-encryption-auth-settings-should-i-use-for-ports-on-your-gateways-2

I just can't seem to get it to connect using anything I found here.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Tue Sep 01, 2020 15:35    Post subject: Reply with quote
Sure, PIA is in a "transitional state" those are the words from their support team.

The old instructions were so so but their new instructions are horribly wrong: https://www.privateinternetaccess.com/helpdesk/guides/routers/dd-wrt-v40559-openvpn-setup

and of course build 40599 is the worst ever (now I am exaggerating)

Besides they have DNS problems, their normal DNS servers 209.222.18.218 and 209.222.18.222 seem no longer publicly available only through the tunnel.

This is really bad

I just today started writing a setup guide for PIA, I will PM you a first draft well actually it is not even half finished but it maybe gives you some clues how to setup.

Please elaborate how you have been able to auto login so that others can profit from your knowledge

Mark the thread as solved.

Start a new thread for the PIA settings

In the new thread send a screenshot of your setup page, OpenVPN setup, all entries in OpenVPN Additional Config and screenshot of OpenVPN status

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Egotistical
DD-WRT Novice


Joined: 29 Aug 2020
Posts: 10

PostPosted: Tue Sep 01, 2020 21:25    Post subject: Reply with quote
Well, to say that I "solved" the auto-login would be a little misleading, I am side-stepping it actually. I found a guide on here about Mac cloning and used it:
https://wiki.dd-wrt.com/wiki/index.php/MAC_Address_Clone

I snagged my cell phone mac and logged in to the web portal, got the dd wrt router ready, disconnected the phone and re-connected the router with the cloned MAC address before the network timed the mac out. This option works for me as I will only have to do this about once a month as my time blocks that I am buying expire. For ISP's or WiFi's that require constant re-logs, this will get very tedious.

I will now go and start a new forum post regarding the PIA settings questions I have. Thank you all!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum