Posted: Thu Apr 06, 2023 0:46 Post subject: Best Way to Upgrade to a Stable Build for WRT1900 v1
Hello and thanks in advance for your assistance. Sometime back in 2020, I flashed my WRT 1900AC v1 with build v3.0-r44715 std (11/03/20), kernel version Linux 4.9.241 #2175 SMP and played around with it, but never did anything. Fast forward to today and I know find myself needing put this router to good use. I noticed that when I go to the router datbase, it still shows the same build I downloaded in 2020 as the one to use. After browsing around, it's clear that there is a new build being released almost weekly it seems. I'm not interested in the latest, but would like to upgrade to a stable build and would like to ask what would be the safest way to proceed.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Thu Apr 06, 2023 1:09 Post subject:
Ignore the router database, as it is not really maintained.
Right now, the best stable choice is 51937. Just after that build, some wifi changes appeared that are still requiring adjustment/fixes, so things may take a little time to settle down yet. Your alternative is to read the new-build threads in the Marvell forum as they come up to watch for the problems to go away. The consensus seems to be that we are close but not quite there yet.
You are coming from an old build and so will need to reset immediately after the upgrade, followed by re-entering your configuration manually. This is very important, as some key variable names changed internally (like the names of the wifi interfaces!) and an old config isn't going to play. Don't use the drop-down menu on the upgrade page to ask for a reset. Upgrade with no built-in reset, and then either reset in the CLI with "nvram erase && reboot" or just hold in the reset button on the back panel (recessed and orange or red on my router) for several seconds, until the panel lights begin to flash. It will reboot with a default dd-wrt configuation, and you can configure from there.
You'll love the new build. Things have improved a great deal from your build. Security is better, the VPN systems are greatly improved, etc.
Good luck! _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Thanks for the reply, I’m in the same boat. Mines back in 2019 and has been in operation since.I’ve been reluctant to upgrade just to not take the home network down but it’s time. I have open vpn running on it, do i just need to copy the keys so when i reset the router i can easily get my vpn back up? Rest of my setting are pretty basic.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Mon May 29, 2023 16:02 Post subject:
The OpenVPN system in dd-wrt largely comes from the official OpenVPN project outside of dd-wrt, and our devs do a great job of tweaking, configuring, and fitting it into dd-wrt. But the ouside code base has come a long way since 2019, esp re security and speed. There are some modest interface changes as well, but whether those require changes on your end is going to depend on yoir VPN provider and your particular setup. If you happen to use AirVPN, I can give pretty specific advice. Otherwise, others will have more to say that's useful.
So let's start with this: Take a look at the new OpenVPN guide thread at the top of the Advanced Networking forum. It has grown and improved greatly over recent years, and the client setup guide there will likely tell you everything you need to know. Just find a little time for a patient read.
If you have zero patience, the thing to try is to copy your old setup but with a default MTU setting and leaving out anything you have in Additional Config that is not specific to your setup. The defaults are so much better now that you don't need a bunch of stuff there just to get things working at a basic level. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Wireless Security check two boxes only WPA2 Personal and CCMP-128 (AES) and set passwords while you are there.
Save on each page, ignore apply button. After channel widths configure save, channels, save, SSIDs finished reboot.
After the build reconfig from scratch, verify both advanced wireless settings antenna chains are correct (1+2+3+4).
1200 series with two antennas is 1+2. The rest of Linksys Marvell WRT 1900AC/ACS(v1v2), 3200ACM/32X are four.
With four WRT1900 router variants be sure to check the label on bottom. Label is in upper-right corner, 'Model No.'
No other label location is reliable only 'Model No.' Ignore FCC ID and IC info, also front-facing router label as well.
These variants are AC (V1), AC V2, ACS (V1), ACS V2 so match yours accordingly to the correct download folder.
Thanks guys, was pretty painless. Beyond my OpenVPN server. For some reason, when i use tls auth like the guide says and how i originally had it configured, the server doesn’t come up. If i delete the key, set tls to none server comes up fine. My client also connect no issue with tls set to none. I am not sure if I should worry or not with not having tls set.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Wed May 31, 2023 18:56 Post subject:
I'm tied up dealing with a bad linux kernel update on one of my laptops at the moment, so this will be quick.
First, thanks to blkt for adding some nice info.
Then on the TLS thing... go for the newer tls-crypt setup rather than the older tls-auth approach if you can generate the right key for it. Adds some security for sure, but I'll leave that to you to research if curious. Your provider's guide may suggest tls-auth because, like most such guides, it's out of date. Re dd-wrt's drop-down menu to choose encryption for the TLS process, leaving it None should be fine, as that just means the two ends of the connection will negotiate the best choice they both support. Have a look at the OpenVPN log (GUI > Status > OpenVPN) to confirm that this is leading to some reasonable TLS cipher. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
FWIW, 1900ACv1 here, just upgraded from 52894 to 53323. When I did the upgrade, 52894 had been up 35 days. That one seems pretty stable. 20+ devices and OpenVPN.