unable to connect to wifi with asus RT-AC66U (almost) latest

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Fri Nov 22, 2019 15:35    Post subject: unable to connect to wifi with asus RT-AC66U (almost) latest Reply with quote
Hello,

For several years I already have my asus RT-AC66U router and I had build 25974 on it. It was working good except for some issues with printing and router web ui updates.
Operation was very stable and internet was working perfect both cable and wifi 2.4 and 5.0 ghz

Recently I upgraded it to the latest build at that moment (41517).
At first everything seems to work great and the printing issue and web ui refresh problems are solved.
However after a day or two suddenly clients can't connect anymore to wifi. Clients that are still connected keep on working but it is not possible to connect new ones. Connection refused is a message I got when trying via smartphone. Both 2.4 and 5.0 ghz are affected. When I disconnect a connected client and try to connect again it doesn't want anymore.

Rebooting the router solves the problem and everything works again for a day or two and then the same story again. I notice that I have to disconnect it from power wait 30 seconds or so and then repower it. A software reboot is not always successful because then often it happens that it cannot find the drives connected via the usb port via the name of the router and even sometimes via the ip of the router (\\192.168.1.1). These are samba shares.

Anyone having an idea what the problem could be of not being able to connect to wifi after some time and how to solve it? Should I go back to a previous build and if so which one would be recommended?

Thx,

Peter
Sponsor
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Fri Nov 22, 2019 15:39    Post subject: Reply with quote
And I did a complete clean install by doing a full reset and then configuring the router from scratch so there were no settings hanging from the previous build
jwh7
DD-WRT Guru


Joined: 25 Oct 2013
Posts: 2567
Location: Indy

PostPosted: Fri Nov 22, 2019 18:57    Post subject: Re: unable to connect to wifi with asus RT-AC66U Reply with quote
peno wrote:
Recently I upgraded it to the latest build at that moment (41517).
At first everything seems to work great and the printing issue and web ui refresh problems are solved.
However after a day or two suddenly clients can't connect anymore to wifi. Clients that are still connected keep on working but it is not possible to connect new ones. Connection refused is a message I got when trying via smartphone. Both 2.4 and 5.0 ghz are affected. When I disconnect a connected client and try to connect again it doesn't want anymore.

Rebooting the router solves the problem and everything works again for a day or two and then the same story again.
https://svn.dd-wrt.com/ticket/6723
This issue is discussed quite a bit in the 'new build' threads. Smile Set key renewal in Wireless->Security to 0.

_________________
# NAT/SFE/CTF: limited speed w/ DD # Repeater issues # DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo #
x64 OPNsense 20.7|FT2020.5: EA6900v1.1@1GHz, F7D8302@532|DD 44188: DIR-810L, WNDR4500v2 & 4000@533,
R6300v1, RT-N66U@663, E1500@353, WRT54G{Lv1.1,Sv6}@250
|OpenWRT 19.7.3: RT-ACRH13, R6220, WNDR3700v4
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 6994
Location: Texas, USA

PostPosted: Fri Nov 22, 2019 19:17    Post subject: Reply with quote
At least you didn't do what someone else did using the router database:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=322164

Which I emailed the webmins about fixing that page, since this router doesn't use the K2.4 builds Rolling Eyes

Anyhow, yes, the gtk and radio timer issue is still wreaking havoc, and BS doesn't seem to acknowledge it. But it is also affecting radio scheduling on other hardware, too, I suspect (Atheros), but we don't know shi*t about nothing. I'm at my wit's end with this nonsense. I only have two out of nearly 30 devices I am hands on with that even run this firmware anymore, and they are both here at my 'office'. I am debating on which firmware is going to wind up on this wrt3200acm I got yesterday in the mail after I de-brick it.

_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Sat Nov 23, 2019 11:05    Post subject: Reply with quote
@jwh7 Thanks for giving the tip to set key renewal in Wireless->Security to 0
I have done this and I will see what this gives.
Is there a disadvantage by setting this to 0 instead of keeping the default value of 3600? What will be the effect on wifi?

I also enabled logging to see what happens.
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Sat Nov 23, 2019 12:32    Post subject: Reply with quote
Ok I read about Key Renewal Interval on https://wiki.dd-wrt.com/wiki/index.php/Basic_Wireless_Settings and it has to with an internal key which is refreshed every that time. Fortunately that will not be a problem where I live.
So let's hope that my original problem is solved with this.
Thanks
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 6994
Location: Texas, USA

PostPosted: Sat Nov 23, 2019 17:27    Post subject: Reply with quote
The only (security) issue with setting GTK to 0 is that people can now sniff your wi-fi without interruption a whole lot easier. This is why it was reported to be broken, so it would get fixed, but instead, it's been ignored, because someone doesn't think it's broken, and blames it on the Broadcom drivers. Nope, not the drivers. Other firmware's GTK wouldn't be working properly if it were the drivers. Just seems this firmware is only revolving around certain devices anymore, and none of them are what made this firmware.
_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Sat Nov 23, 2019 18:01    Post subject: Reply with quote
kernel-panic69 wrote:
The only (security) issue with setting GTK to 0 is that people can now sniff your wi-fi without interruption a whole lot easier. This is why it was reported to be broken, so it would get fixed, but instead, it's been ignored, because someone doesn't think it's broken, and blames it on the Broadcom drivers. Nope, not the drivers. Other firmware's GTK wouldn't be working properly if it were the drivers. Just seems this firmware is only revolving around certain devices anymore, and none of them are what made this firmware.


But if you use AES encryption on your wifi then cracking it is almost impossible if I understand well (if your password is not something like "password") so I guess this is quite safe then.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 6994
Location: Texas, USA

PostPosted: Sat Nov 23, 2019 18:08    Post subject: Reply with quote
Even with the current WPA2 ciphers in this firmware, since the GTK is not being refreshed when set to 0, this means someone has all the time they want to crack your wi-fi password and other things. Which is why I can't understand why it's not been fixed so that the connectivity issues are no longer issues. BS made a comment about setting it to 0 not being secure on one of the tickets recently. Well, duh, fix it, silly. It's not 100% fixed.
_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Sat Nov 23, 2019 18:20    Post subject: Reply with quote
kernel-panic69 wrote:
Even with the current WPA2 ciphers in this firmware, since the GTK is not being refreshed when set to 0, this means someone has all the time they want to crack your wi-fi password and other things. Which is why I can't understand why it's not been fixed so that the connectivity issues are no longer issues. BS made a comment about setting it to 0 not being secure on one of the tickets recently. Well, duh, fix it, silly. It's not 100% fixed.


From wikipedia:

Breaking a symmetric 256-bit key by brute force requires 2128 times more computational power than a 128-bit key. Fifty supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×1051 years to exhaust the 256-bit key space.


So I think I am safe...
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 6994
Location: Texas, USA

PostPosted: Sat Nov 23, 2019 18:42    Post subject: Reply with quote
Look up the purpose of GTK renewal.... just my thoughts.
_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Sat Nov 23, 2019 18:53    Post subject: Reply with quote
kernel-panic69 wrote:
Look up the purpose of GTK renewal.... just my thoughts.


Didn't I do that a couple of posts ago... Yes I really did...
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 6994
Location: Texas, USA

PostPosted: Sat Nov 23, 2019 19:48    Post subject: Reply with quote
peno wrote:
kernel-panic69 wrote:
Look up the purpose of GTK renewal.... just my thoughts.


Didn't I do that a couple of posts ago... Yes I really did...


https://mrncciew.com/2014/08/19/cwsp-4-way-handshake/

https://www.dslreports.com/forum/r12397655-What-frequency-for-WPA-key-renewal

If you read those, you will understand why GTK being set to 0 and being broken is a bad thing. Pretty much nullifies the KRACK fixes in this firmware.

_________________
Official Forum Rules, Guidelines, and Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW - TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum.

---------------------------------------------------------

Linux User #377467 counter.li.org / linuxcounter.net
peno
DD-WRT Novice


Joined: 06 Feb 2011
Posts: 19

PostPosted: Sun Nov 24, 2019 7:58    Post subject: Reply with quote
kernel-panic69 wrote:

https://mrncciew.com/2014/08/19/cwsp-4-way-handshake/

https://www.dslreports.com/forum/r12397655-What-frequency-for-WPA-key-renewal

If you read those, you will understand why GTK being set to 0 and being broken is a bad thing. Pretty much nullifies the KRACK fixes in this firmware.


Ok then I will shedule a daily reboot of my rooter to work around that. It does not solve everything but an hourly reboot is not workable. But first look if my problem is solved by setting it on zero. At this moment 23 hours update and no problem yet but need a couple of days before I can be sure of that
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum