Since upgrading to r53562, I have hit an issue after every reboot. With the SPI firewall enabled, I cannot reach a web app I self-host on a Synology NAS behind a reverse proxy, even though I have port forwarding configured in DD-WRT. I later learned that port forwarding is reportedly broken in r53562. My workaround has been to disable the SPI firewall, confirm I can access the app from the Internet, then re-enable the SPI firewall. I do not understand why that “kick” helps, but it works until the next reboot. I sometimes forget to do it, so I’m trying to fix this properly.
Used r54569 and I confirm that port forwarding works (without the temporary workarounds).
This brings us to r54569, which I installed recently. While it did solve my port forwarding problem, it created another problem: the samba client is not longer working. I later learned this is due to the kernel change from k4.9 in r53562 (the last k4.9 build) to k6.1 in r54569. Over the past couple of weeks, I have tried to find a build that supports both working port forwarding and a working Samba client.
Separately, I also noticed the Switch Config tab disappears in more recent builds. From what I have read, the Networking tab can replace it for VLAN configuration.
So this leads to my question. For the R7800, is there a build that meets these requirements?
1. Port forwarding works - I guess this rules out k4.9 and hence r53562?
2. The Samba client works - I am starting to suspect it still fails even in r63295, the most recent build as of 2026-01-11, potentially due to the move to k6.1. Can someone confirm whether the Samba client works or will ever work on recent R7800 builds?
3. I can tag WAN traffic via the Switch Config or Networking tabs
If the recommendation is to stay on k4.9 and r53562 (which works for #2 and #3), I would have a follow-up question: can I implement reliable port forwarding another way (for example, via iptables)?
Also, I could stick to r54569, which works for #1 and #3, but would someone be able to suggest a workaround for #2 (Samba client). I've seen NFS and sshfs proposed as workarounds. I tried NFS. While I was able to configure my Synology NAS to accept a connection from a generic Ubuntu host, I haven't managed to make it work with dd-wrt as the client. Here is what I tried on dd-wrt r54569:
Code:
mount.nfs -o nfsvers=3 <Synology NAS IP>:<path to shared folder> <mount point>
mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
With the same error on the Ubuntu host, all I had to do was to use the '-o nolock' argument to get it to work. Unfortunately, when I try the same on dd-wrt, I can't get the mount.nfs command to accept both the nfsvers=3 and nolock arguments together - note that nfsvers=3 or vers=3 are needed on dd-wrt, otherwise the mount command fails. Ubuntu doesn't need the vers=3 argument. I get the following error message with the -o nfsvers=3,nolock argument.
Code:
mount.nfs -o nfsvers=3,nolock <Synology NAS IP>:<path to shared folder> <mount point>
mount.nfs: No such device for <Synology NAS IP>:<path to shared folder> on /tmp/<mount point>
I don't understand why you want your router to be a client to your NAS.
I configure my router to access scripts and configuration files from my NAS, since I use the NAS as the system of record for backups and version control. After I reset the router following a firmware upgrade, I can restore my setup quickly by pointing back to those scripts. For some use cases, I also treat the scripts as documentation-as-code. Here are a few use cases:
1) Under Administration > Commands in dd-wrt, I call scripts stored on the NAS from the Startup, Shutdown, and Firewall sections instead of pasting discrete commands into each section.
2) I run a simple parental control app directly on my R7800. It updates rules in iptables based on the MAC address I want to block and the time of day. I host the CGI script on the NAS so I can back it up and track changes.
3) I keep other router-related files on the NAS as well, such as a bash script that configures static leases programmatically instead of through the GUI. I prefer this approach because I manage a long list.
4) I run a companion script on the router that enables password-based authentication for my DD-WRT OpenVPN server.
5) My bwmon installation is on my NAS. This way, I can more easily restore it when I upgrade to a new build.
Last edited by julienf on Sun Jan 11, 2026 21:42; edited 1 time in total
Posted: Sun Jan 11, 2026 21:01 Post subject: Re: Build with port forwarding and Samba client both working
julienf wrote:
This brings us to r54569, which I installed recently. While it did solve my port forwarding problem, it created another problem: the samba client is not longer working. I later learned this is due to the kernel change from k4.9 in r53562 (the last k4.9 build) to k6.1 in r54569. Over the past couple of weeks, I have tried to find a build that supports both working port forwarding and a working Samba client.
I too have had this SAMBA issue since the upgrade to k6.1 from k4.9 on my XR500 (now retired). I tried re-enabling the SAMBA server on my MX4300 r633257 but still got the "Failed to mount Windows share: Permission denied" error when trying to log-in with Linux Mint. I have been using the ProFTPD Server under the "NAS" Tab. It will give you almost all the same functions. Hope that helps you. Unfortunately, I think that the unable to log-into SAMBA share has moved from bug to feature. LOL _________________ Linksys MX4300 802.11s Primary
Linksys MX4300 802.11s Secondary 1
Linksys MX4300 802.11s Secondary 2
Netgear XR500 - Retired
R6700 v3 - Retired
Last edited by strange on Sun Jan 11, 2026 21:09; edited 1 time in total
Yes, the GUI port forwarding is defective in this build.
Several things are defective.
So it's pure luck when it works as it should.
If you want to stick with this build, I recommend not using the GUI and creating the port forwarding rules manually via CLI. _________________ Quickstart guides:
Joined: 05 Oct 2008 Posts: 852 Location: Helsinki, Finland / nr. Alkmaar, Netherlands
Posted: Mon Jan 12, 2026 10:34 Post subject:
My XR500 has neither samba nor nfs enabled.
I access files on a thumbdrive in of the router's USB ports using sshfs.
I suppose I have had to install sshfs on the router in entware.
SSHFS was proposed on this forum at the time of the samba bug appearing. It was easy to implement as all of my machines run on Linux.
The access is key-based. I just run the commands on my (Linux) workstation and the thumbdrive files become available.
NFS would have worked, but it has no authentication.
Maybe this is something to consider.
Yes, the GUI port forwarding is defective in this build.
Several things are defective.
So it's pure luck when it works as it should.
If you want to stick with this build, I recommend not using the GUI and creating the port forwarding rules manually via CLI.
Thank you for confirming. I'll follow your recommendation and create the port forwarding rules manually via CLI.
ArjenR49 wrote:
My XR500 has neither samba nor nfs enabled.
I access files on a thumbdrive in of the router's USB ports using sshfs.
(...)
Maybe this is something to consider.
Using sshfs on a thumb drive sounds like a good idea. I would lose the ability to back up my scripts easily and automatically, but since I rarely change things once they’re set up, it might be a reasonable compromise. I could also try mounting the thumb drive from my NAS to enable backups. Thank you for the suggestion.
Joined: 21 Aug 2019 Posts: 222 Location: Here, There And Everywhere
Posted: Tue Jan 13, 2026 10:17 Post subject:
@julienf
With respect to Samba client on the router, did you consider using Common Internet File System (CIFS) at the end of the Administration tab? I use it to mount a share on my NAS (with CIFS Automount) for a similar purpose (saving and sharing configuration files), and it works just fine, even on the latest DD-WRT builds.
@matjazk, a long time ago, I used to do the same — use the Common Internet File System (CIFS) at the end of the Administration tab. I stopped at some point, though I don’t remember exactly when. Maybe it was when Synology dropped support for SMBv1. Since I couldn’t pass the vers=2.0 parameter to the Samba client through the GUI, I think that’s when I started mounting the shared folder from the CLI. I may be misremembering the reason, but that’s what comes to mind. Knowing that it works for you, I should try again.
Also, thank you for sharing this data point — Samba through the GUI works in the latest releases of DD-WRT. I would have tested it myself, but with a family of five, I can hardly find a maintenance window for experiments. Now that I know Samba works for you, I might take the risk of upgrading to the latest build. I also need to enable VLAN tagging on the WAN port through the Networking tab. To be honest, I’m a bit nervous about that part not working; it used to be simple in the Switch Config tab. I know it should be just as straightforward through the Networking tab, but I haven’t tried it yet.
Upgrading to the latest version will be a big jump and will likely require some work to get my OpenVPN server running again. I’m trying to weigh the time cost against the benefits. If anyone has thoughts, please share.
In that thread, @ho1Aetoo explains that in the example the “Switch Config” tab is not used at all; it is only shown to illustrate the default settings so users can reset them if needed. In the example, all necessary settings are made in the “Networking” tab.
Hopefully @ho1Aetoo’s instructions still work with the latest release. I will review the link you shared to see if the approach is the same.
