Posted: Sat Sep 26, 2020 18:54 Post subject: Reasons to use dd-wrt on wrt routers?
I have a linksys wrt1900acs and was wondering if people might give me insight as to what advantages DD-wrt has over the stock firmware?
I've been reading some of the threads and it appears VPN use would be one big plus for me. The comments about dd-wrt not having access to propriety wifi drivers is concerning. Is there much of a difference in wifi performance between stock firmware and dd-wrt? Linksys's last firmware update for my router is 2 years ago.
The 1900acs series does seem to not suffer much in regards to non existent wireless support from Linksys.
Those devices usually just work, compared to their little 1200x and bigger 32xx relatives which often suffer on wireless.
I use dd-wrt, because I a) cannnot stand stock lack of everything / openWRTs GUI is a PitA and b) it is always up to date with security, used tools etc.
Maybe c) it was the first open firmware I tried 10+years ago, it just worked and still does.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Sun Sep 27, 2020 19:50 Post subject:
What Zyxx said. Up-to-date security, way newer kernel versions than in any stock firmware, and super capable vpn setup with both OpenVPN and wireguard available. Re the latter, I run three VPN clients in mine now: for routine use an OpenVPN tunnel to a server selected by the provider using DNS tricks when I boot, a super-fast wireguard tunnel to a domestic server that I use for fast software downloads and for DNS, and a second wireguard tunnel that routes through the OpenVPN tunnel to an EU server so I can get the less-snooping benefit of GDPR for news browsing. Re DNS I use DNSCrypt access to Quad9 routed through a wireguard tunnel, which means Quad9 doesn't know my IP and my wireguard VPN provider doesn't see my queries. A second, backup DNSCrypt DNS provider is accessed via the OpenVPN tunnel. All DNS queries are first screened against a list of about 150,000 malware/ad/tracking/snooping domains in the router, with the list built from eight online sources at boot time. My four LAN ports are split into two VLANs, so that I can run a traditional home network for the less-secure devices (I have a click-on-everything spouse) segmented away from a secure network for work-related devices. My IoT devices on the less-secure network are not permitted internet access. Using the two wifi interfaces plus four virtual access points (VAPs), I broadcast six SSIDs through which I can connect to various subnetworks and get various VPNs and security levels.
Is this excessive? Of course! It's outrageous! But cooking it up in stages over a long period of time was something interesting to do and a good way to learn a little about networking, and it does show how powerful this little WRT1900ACSv2 with dd-wrt is. It's a pretty amazing little box.
And I agree with Zyxx that this model has not had wifi issues like the earlier/later ones in the WRT series. The only real issue with it is that I have found it needs a USB fan blowing up through the case. Otherwise it can occasionally get squirrely from the heat. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Thank you both.
I successfully installed build 44048 as that seems to have gotten the best reviews in the build threads lately. I don't notice a difference in the wifi signal so all is good.
I've been running wireguard on my main PC rather than the router. I noticed when I try to access the router it gives me a message saying the connection is blocked. Is there any way around that other than shutting the vpn down?
-and your router is on 192.168.1.1 (standard), your requests will be tunneled through wireguard into the other sides net. They will not reach your router.
Delete "192.168.1.0/24, " in your configuration then, this will allow your PC to connect to your router again.
If your VPN Provider just inserted "0.0.0.0/0, ::/0"
You are at a loss.
In this case you either set each and every subnet except yours by hand (might take a while) or insert your VPN Configuration file into your router, to use it as Wireguard Endpoint.
If your VPN Provider just inserted "0.0.0.0/0, ::/0"
You are at a loss.
In this case you either set each and every subnet except yours by hand (might take a while) or insert your VPN Configuration file into your router, to use it as Wireguard Endpoint.
Thanks again. That's what my provider did. It shows as 0.0.0.0/0
It's not that big a deal anyway. I can turn the vpn off on my PC if i need to access the router. I was just curious why it blocked it and your explanation gave me the answer. I've been noticing a lot more sites are blocking vpn's anyway. Even Google searches are making me click the "I am not a robot" messages more and more often.
