Posted: Wed Oct 05, 2022 5:22 Post subject: New Build - 10/05/2022 - r50357
Welcome to Marvell r50357 beta release thread for reporting, feedback to developers and community benefit.
Please do not flash builds until installation is understood, risks involved and device specificrecovery methods.
Avoid discussions, create threads for questions, general problems or use search; this thread is not for support.
Please list router model & revision, operating & wireless mode(s) and exact filename/firmware image flashed.
Issues, observations, and/or workarounds reported:
• WebUI: Clear history or use a portable. Temporary cache bypass: Ctrl+F5, Cmd+Shift+R or new private window/incognito.
• Please report findings with steps needed to reproduce, configuration, clients, output, logs and important information below!
Important:
• Detail issues & relevant configs, logs: syslog klog 'dmesg' 'cat /tmp/var/log/messages' nvram set console_debug=1, serial.
• Firewall NAT: 'iptables -vnL' 'iptables -t nat -vnL' 'iptables -t mangle -vnL' & 'cat /tmp/.ipt'. Misc: stracetcpdumpwireshark.
• Gremlins: reboot. cold boot. Reset & reconfigure not restore backup. Search Trac & discuss in forum before opening tickets.
• Include operating & wireless modes (e.g. Gateway, Router, AP, SB, WDS, Mesh) and applicable configurations to reproduce.
Router/Version: Linksys WRT1900ACS v1 / r50357
File/Kernel: curl https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2022/10-05-2022-r50357/linksys-wrt1900acs/ddwrt-linksys-wrt1900acs-webflash.bin Previous/Reset: r49681 / No
Mode/Status: Gateway, DNSmasq, OpenVPN Client, FreeRADIUS Server, VLANs, VAPs, WPA3, Radar Detection (DFS), 14 dBm, AutoChannel / Uptime 1:02
Issues/Errors: WPA3 Enterprise last worked on r49681 but it's still broken; WPA2 Enterprise worked on r50308 but it's currently broken; WPA3 Personal was previously broken on r50308 but now it works. I'll take that trade and try to run this for a bit, thanks! Log attached. _________________ My DD-WRT Routers:
Linksys WRT3200ACM - Marvell
Linksys WRT1900ACS - Marvell
Netgear R9000 - Atheros
Netgear R7000 - Broadcom
PC x86-64 VM - Atheros
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Thu Oct 06, 2022 6:53 Post subject:
This build has WireGuard obfuscation, we are still working on it and maybe the definitive implementation will change, so it is not yet in the manual.
But it works and is intended to obfuscate WG traffic so it should be able to pass a blocking firewall.
On the server side enable it and set the password in the tunnel section.
Note the whole tunnel is obfuscated.
On the client (the side which has an endpoint enabled in the peer)
Do the same but it should be set in the Peer section just under the endpoint.
Use the same password.
It will lower throughput.
I have also made an implementation were you set the obfuscation per peer on the server side but in that case you also have to set the Remote listen port, advantage is that a server can have clients with and without obfuscation.
As a follow-up on r50357, only a Win10 PC client could connect on WPA3-Personal, while an Android client erroneously reported it as an open AP and could not connect. EDIT: Oh, that was probably due to an older version of Android and nothing to do with the build; but the build isn't working with WPA2-Enterprise (or WPA3-Enterprise) as noted above.
With respect to WireGuard (WG), although this router is running an OpenVPN client to a provider, I can't easily set it as a WG client just yet due to that provider's limitations. However, I was able to run a WG client on the Win10 PC (inside the router's OpenVPN tunnel), which seemed to work fine. Perhaps I could try to set up both a WG server and a WG client on similar routers once the wifi is fully sorted.
Updated log attached (including both our previously reported and final test sesssions). _________________ My DD-WRT Routers:
Linksys WRT3200ACM - Marvell
Linksys WRT1900ACS - Marvell
Netgear R9000 - Atheros
Netgear R7000 - Broadcom
PC x86-64 VM - Atheros
Ah, thanks! I haven't trusted WPA2-Personal for over a decade, so it's either Enterprise or WPA3-Personal for me. I did a search but haven't yet found which Android devices might support WPA3. If I already have one that might, I could at least try updating from Android 11 to Android 12. Otherwise I'm back to r50308 for a bit since that's the latest release that let all of my critical device types connect (via WPA2-Enterprise in that release).
EDIT: Success with WPA3-Personal to Android 12 (A12) devices! I can confirm that both a Samsung S21 5G and a OnePlus Nord CE2 Lite connect and communicate well. Each was on stock unlocked A12 firmware with the latest security updates. _________________ My DD-WRT Routers:
Linksys WRT3200ACM - Marvell
Linksys WRT1900ACS - Marvell
Netgear R9000 - Atheros
Netgear R7000 - Broadcom
PC x86-64 VM - Atheros