Router: Family #1 R7000 (5 SSIDs)
Firmware: DD-WRT v3.0-r37715M kongac (from r36070M)
Kernel: Linux 4.4.163 #609 SMP Wed Nov 14 19:40:59 CET 2018 armv7l
Status: Working with Work-Arounds
Reset: No
Errors: None that effect operation
UpTime: Over 9H
Work-Around #1: custom openvpn client requires modprobe tun at Startup
Work-Around #2: Working 3 VAPs with quarkysg's VAP solution
Router: Family #2 R7000 (4 SSIDs)
Firmware: DD-WRT v3.0-r37715M kongac (from r36070M)
Kernel: Linux 4.4.163 #609 SMP Wed Nov 14 19:40:59 CET 2018 armv7l
Status: Working with Work-Around
Reset: No
Errors: None that effect operation
UpTime: Over 4H
Work-Around: Working 2 VAPs with quarkysg's VAP solution
INTERESTING !! _________________ PROFESSIONAL STUDENT my.Mistakes ∝ my.Learning ... provided I have the patience & persistence to learn
Thanks for curing my ignorance there.
That did it.
Can you tell me if there is a better and/or GUI based way to forward inbound WAN based traffic to my ftp server without going over the VPN besides adding these routes/commands to my firewall commands?
Joined: 18 Mar 2014 Posts: 12887 Location: Netherlands
Posted: Sat Nov 24, 2018 11:35 Post subject:
Glad that we could help.
However this is the build thread, to report success or error and not for getting support.
So you should take your question to the appropriate forum (in this case Advanced Networking) and we will be happy to help you further with questions over there.
Glad that we could help.
However this is the build thread, to report success or error and not for getting support.
So you should take your question to the appropriate forum (in this case Advanced Networking) and we will be happy to help you further with questions over there.
But as I am posting this some pointers which may help:
your FTP server should be outside the PBR range and then you can use normal port forwarding from the GUI.
I would have thought so too, but enabling the VPN seems to kill non-triggered port forwarding on IPs/devices outside the PBR range.
Thanks again.
Yes it is really bothersome that VAP's are MIA and already far too long.
However the hack from @Quarkysg seems to work, it is in the first post of this thread and also mentioned by a previous poster, you can try if it works for you.
This version + Quarky's patch + trial and error = VAPs working. While I had issues in the earlier version, the stability of this build gave me a lot of confidence.
I now have 2 VAPs on the 2.4GHz and 1 on the 5GHz (all bridged). Have configured a new SSID comprising a 2.4 VAP and a 5GHz VAP so that I can get range (when aay from router) & signal strength (when near router). Working fine and has lasted a few reboots.
Maybe Kong / BS can look into why Quarky's patch - and make necessary changes. Quarky has basically given an alternative wlconffile. NAS and dd-wrt wlconf are stopped and then Quarky's wlconf is up and running and NAS is restarted. Does not seem like something which cannot be implemented into the future builds. I do hope one of them is reading this[/b] _________________ PROFESSIONAL STUDENT my.Mistakes ∝ my.Learning ... provided I have the patience & persistence to learn
Yes you did something not quite right.
Never include the routers IP address in the PBR range or you lock yourself out.
So I need to only have .2 to .127 in the range like this?:
192.168.15.2/31
192.168.15.4/30
192.168.15.8/29
192.168.15.16/28
192.168.15.32/27
192.168.15.64/26
If that is the case I might adjust my dhcp range to be .64-.127 and use 192.168.15.64/26 to keep things simple. 25% of the subnet is enough for my needs.
Yes you did something not quite right.
Never include the routers IP address in the PBR range or you lock yourself out.
So I need to only have .2 to .127 in the range like this?:
192.168.15.2/31
192.168.15.4/30
192.168.15.8/29
192.168.15.16/28
192.168.15.32/27
192.168.15.64/26
If that is the case I might adjust my dhcp range to be .64-.127 and use 192.168.15.64/26 to keep things simple. 25% of the subnet is enough for my needs.
Don't forget the top half of the network with a /25--192.168.15.128/25.
I don't follow. Why would I want to do that for the use case I described?
@egc
I am seeing very high CPU utilization after a few hours. Are there any known causes of this?
My google-foo suggested disabling https for the router, and that helped a little. However, I am still seeing the router sit at 80-100% after a few hours when there is little traffic on the network, max of 6 hosts, and only me in the house. Rebooting the router helps, but only for a short time.
I had been seeing ~10-20% utilization when I was running freshtomato firmware.
I am happy to run any commands, get data. Just tell me what you want.
Yes you did something not quite right.
Never include the routers IP address in the PBR range or you lock yourself out.
So I need to only have .2 to .127 in the range like this?:
192.168.15.2/31
192.168.15.4/30
192.168.15.8/29
192.168.15.16/28
192.168.15.32/27
192.168.15.64/26
If that is the case I might adjust my dhcp range to be .64-.127 and use 192.168.15.64/26 to keep things simple. 25% of the subnet is enough for my needs.
Don't forget the top half of the network with a /25--192.168.15.128/25.
I don't follow. Why would I want to do that for the use case I described?
Can't say I fully follow your use case, just saying don't forget about the top half of the network. _________________ R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x https://pi-hole.net/ https://github.com/DNSCrypt/dnscrypt-proxy
Yes you did something not quite right.
Never include the routers IP address in the PBR range or you lock yourself out.
So I need to only have .2 to .127 in the range like this?:
192.168.15.2/31
192.168.15.4/30
192.168.15.8/29
192.168.15.16/28
192.168.15.32/27
192.168.15.64/26
If that is the case I might adjust my dhcp range to be .64-.127 and use 192.168.15.64/26 to keep things simple. 25% of the subnet is enough for my needs.
Don't forget the top half of the network with a /25--192.168.15.128/25.
I don't follow. Why would I want to do that for the use case I described?
Can't say I fully follow your use case, just saying don't forget about the top half of the network.[/
[quote]
I don't follow.
Why would I want to include that? It would break my configuration.