A misunderstanding, there are zero reasons to flash any firmwares designed for different hardware revisions.
You really should consider another VPN provider if StrongVPN cannot help you with a recent DD-WRT release.
When I get home from work, TRY the old version, even if the old version of DD-WRT doesn't work, I can go back to the factory firmware with three reboots. If that doesn't work, I'll try firmware like lede.
I don't want to change the VPN service provider immediately, because I have already bought the VPN service fee for one year before buying this router, There are no refunds after 30 days of use
I have tried both of the two protocols you mentioned, but because I am in China, it is difficult to connect to foreign VPN servers due to the normal WireGuard protocol or OpenVpn protocol due to government blockade.
At present, the VPN clients I use on computers and Android phones are all OpenVpn protocol clients with Scramble function. Only with this special protocol can we successfully connect to foreign VPN servers in China.
But there are many devices at home, so I want to connect to a foreign VPN server through a router. I asked the customer service of strongvpn, and he replied that I can install the OpenVpn client that supports the Scramble function on the DD-WRT router through the command line, but the DD-WRT firmware with the version number between R24698 and R30486 is required to support Scramble Function. For other version numbers, only the OpenVpn client without Scramble can be installed.
I understand but you are going back to a build with known security issues so that is also not that safe.
But indeed you need scrambled traffic to travel through the great firewall
I have already figured out a way to refresh the firmware and returned to the R30471 version, and found that the restart speed of this version is a bit slow, and it takes almost a minute to restart. Both 2.4G and 5G WIFI are connected normally.
After using this firmware for an hour, I found a problem: the WAN side was disconnected twice at random, and then automatically reconnected after a few seconds. No other problems were found.
Joined: 08 May 2018 Posts: 14242 Location: Texas, USA
Posted: Tue Dec 07, 2021 16:25 Post subject:
And this right here is why China has so many security issues. As I posted before, DD-WRT does not implement the patch that works with StrongVPN, which is something we should consider, perhaps *if* current version of OpenVPN will support the patch and work. (HINT, HINT)
I guess it depends on if everything the patch affects has been rewritten in OpenVPN 2.5.x to the point it can no longer be applied and is not present in DD-WRT, which it does not appear to be in either case.
And this right here is why China has so many security issues. As I posted before, DD-WRT does not implement the patch that works with StrongVPN, which is something we should consider, perhaps *if* current version of OpenVPN will support the patch and work. (HINT, HINT)
I guess it depends on if everything the patch affects has been rewritten in OpenVPN 2.5.x to the point it can no longer be applied and is not present in DD-WRT, which it does not appear to be in either case.
I have successfully connected the VPN server with Scramble function on the R30471 firmware of DD-WRT. I compared the router connection VPN with the computer client connection VPN. The router connection VPN speed is about 2/3 of the computer client connection VPN speed (the speed measurement result for the same server).
In addition, I found that after the router is connected to the VPN, all Internet traffic will pass through the VPN tunnel, which causes my access to the domestic local server to slow down a lot, especially when I access domestic video streaming websites occasionally stuck. So I can only manually turn on and off the VPN switch on the router according to my needs.
It would be great if the router could distinguish the traffic of different paths in the future, the domestic traffic would be routed normally, and the foreign traffic would go through the VPN. I thought about it, DD-WRT should be difficult to develop this function, so let's use it like this first.
Joined: 18 Mar 2014 Posts: 12904 Location: Netherlands
Posted: Wed Dec 08, 2021 16:36 Post subject:
The problem is how would you distinguish between foreign and domestic traffic?
You can do is Policy Based Routing e.g. routing based on your clients IP address.
What most users do is they create an unbridged VAP and then only have this VAP use the VPN tunnel, so by switching wireless you switch between VPN and WAN.
Newer builds have IPSET which can work with whole sets of IP addresses and if there is a list with foreign destinations than that could be used.
The problem is how would you distinguish between foreign and domestic traffic?
You can do is Policy Based Routing e.g. routing based on your clients IP address.
What most users do is they create an unbridged VAP and then only have this VAP use the VPN tunnel, so by switching wireless you switch between VPN and WAN.
Newer builds have IPSET which can work with whole sets of IP addresses and if there is a list with foreign destinations than that could be used.
Only one problem most of these features are only available on recent builds
Yes, the biggest problem at the moment is that I cannot upgrade to the latest DD-WRT firmware, otherwise I will lose the Scramble function of the OpenVpn protocol.
However, I am going to slowly try various available methods to upgrade, such as backing up the routing settings and restoring after the upgrade. Maybe a new version of firmware in the future will continue to support the Scramble function of the OpenVpn protocol.
In the future, when I upgrade to a new version of the firmware and still be able to use VPN, I will ask you for more details on differentiating traffic.
What connection speeds are you getting on your router with OpenVPN? What router model do you use? Does this older build support modern routers with hardware AES acceleration of OpenVPN?
What connection speeds are you getting on your router with OpenVPN? What router model do you use? Does this older build support modern routers with hardware AES acceleration of OpenVPN?
My router model is WRT1900ACSV2. On Black Friday in November 2021, I bought it at Amazon.com for $80 (it is a brand new router for unopened use).
Amazon website mailed the router directly to China. After receiving the package, I opened the package and used it and found that its factory firmware version number was 2.0.3.201002, indicating that its production date was only after May 2020.
The firmware version number of the DD-WRT I currently use is R30471. After the router opens the OpenVpn protocol to connect to the VPN server in Japan, the maximum speed test speed is 36Mbps. In contrast, turn off the VPN service of the router and use the VPN client of the computer or the VPN client of the mobile phone to connect to the same Japanese VPN server. The speed test is about 55Mbps to 85Mbps.
My guess is that the older DD-WRT firmware version limits the router’s CPU capacity, so the router’s connection speed to the VPN server is only about 2/3 of that of the computer’s VPN client.
I don't think this Linksys model has built-in hardware acceleration for OpenVPN unlike some of the newer Asus models - correct me if I am wrong. So 36 Mbps is probably pretty good for a router. OpenVPN is very resource hungry. If you want better speed on a router you would have to switch to another protocol. SoftEther still works pretty well in China if you know how to set it up properly (including the server).
However, so far I have not been able to set up the client on the new DDWRT builds. I will play with it a little more. The older kongac DDWRT builds work great though and speed is above 60 Mbps on a low-end Asus router.
You can also try the hnd202 server of StrongVPN with Wireguard. Wireguard is supported by the new builds and you can get speeds in excess of 100 Mbps on a low-grade router but is not 100% reliable because of the great firewall.
Joined: 08 May 2018 Posts: 14242 Location: Texas, USA
Posted: Fri Dec 10, 2021 1:32 Post subject:
Pretty sure 1.6GHz ARM processor with 512MB of RAM can do better than 36Mbit/s with OpenVPN. If a TL-WR1043NDv2 can do better than that using a VPN proxy, that thing should be able to do twice that at the very least. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
I don't think this Linksys model has built-in hardware acceleration for OpenVPN unlike some of the newer Asus models - correct me if I am wrong. So 36 Mbps is probably pretty good for a router. OpenVPN is very resource hungry. If you want better speed on a router you would have to switch to another protocol. SoftEther still works pretty well in China if you know how to set it up properly (including the server).
However, so far I have not been able to set up the client on the new DDWRT builds. I will play with it a little more. The older kongac DDWRT builds work great though and speed is above 60 Mbps on a low-end Asus router.
You can also try the hnd202 server of StrongVPN with Wireguard. Wireguard is supported by the new builds and you can get speeds in excess of 100 Mbps on a low-grade router but is not 100% reliable because of the great firewall.
Yes, because I am in China, there are many restrictions on using vpn. For example, the wireguard protocol you gave an example. I was able to use it normally at the beginning of this year, but it was difficult to connect to wireguard in recent months, or it was severely restricted after it was reluctantly connected.
At present, the only vpn protocol I can use normally is the openvpn protocol with Scramble. My friends in the domestic forum told me that if the broadband service provider at home is changed from China Mobile to China Telecom, the wireguard protocol can continue to be used. But unfortunately, I just signed a two-year contract with China Mobile, and currently I cannot change the network service provider. Therefore, I can only choose the openvpn protocol with Scramble to visit foreign websites and watch 4k videos on YouTube. During the evening peak period, I will encounter network congestion and cause the screen to freeze.
In addition, you just mentioned that the older kongac DDWRT firmware can reach a speed of 60mbps on low-end routers. Does this firmware support Scramble's openvpn? If you support it, you can tell me its download address, thank you
