OpenWrt Forum Archive

Topic: Fully featured OpenWrt build for the WNDR3700 (NO LONGER MAINTAINED)

The content of this topic has been archived between 13 Apr 2013 and 6 May 2018. Unfortunately there are posts – most likely complete pages – missing.

Changing /etc/init.d/boot like below enabled my 5GHz so fix works again.

                                                                                                                 
        killall -q hotplug2                                                                                      
        [ -x /sbin/hotplug2 ] && /sbin/hotplug2 --override --persistent \                                        
                      --set-worker /lib/hotplug2/worker_fork.so \                                                
                      --set-rules-file /etc/hotplug2.rules \                                                     
                      --max-children 1 >/dev/null 2>&1 &                                                         
                                                                                                                 
        load_modules /etc/modules.d/*                                                                            
                                                                                                                 
        /sbin/wifi detect > /tmp/wireless.tmp                                                                    
        [ -s /tmp/wireless.tmp ] && {                                                                            
                cat /tmp/wireless.tmp >> /etc/config/wireless                                                    
        }                                                                                                        
        rm -f /tmp/wireless.tmp                                                                                  
                                                                                                                 
        apply_uci_config                                                                                         
        config_load system                                                                                       
        config_foreach system_config system                                                                      
                                                                                                                 
        # killall -q hotplug2                                              
        # [ -x /sbin/hotplug2 ] && /sbin/hotplug2 --override --persistent \
        #               --set-worker /lib/hotplug2/worker_fork.so \     
        #               --set-rules-file /etc/hotplug2.rules \                                   
        #               --max-children 1 >/dev/null 2>&1 &

i also want to install a vpn-solution in order to access securely my samba-shares and my internal network (192.168.1.0/24) from outside my home. what solution fits best with the router and is a good tradeoff between performance and security? thanks

(Last edited by rymn on 5 Nov 2011, 14:41)

@gmcms

1. What do you mean luci didn't take into account vrrpd configuration? As far as I know there is no vrrp module for luci.
2. What's stopping you from doing so? http://wiki.openwrt.org/doc/uci/system look for log_file

It's a good idea to look through the available documentation if you are wondering about something.

@rymn

Why don't you read the first page? My builds offer both PPTP and L2TP/IPsec ready to go.

Build r28753 is coming up with the 5GHz issue fixed. Also some adjustments to the way ntpd/aiccu is started, if anybody have problems with those let me know.

That's strange, how can it be off by only 304 seconds if it hasn't been synced? The router does not have a hardware clock. Mine syncs fine and aiccu runs.

(Last edited by arokh on 6 Nov 2011, 13:50)

Hi Arokh,

Just flashed my router with the newest version r28753, i noticed that in the System the Time Synchronization does not keep the option Enable builtin NTP server after checking it and saving the changes.
I already putted in the NTP server candidates as you wrote in an earlier thread.
Maybe there is a bug in the Time Synchronization settings?

Thank you for your help!

Cheers,
Eric

Is your time synced?

arokh wrote:

Is your time synced?

Hi arokh,

No the time is not synced.

Cheers,
Eric

Check that ntpd is running and if not try to run it manually with the init script.

arokh wrote:

Check that ntpd is running and if not try to run it manually with the init script.

sysntpd is not running, also aiccu and umount are not running. Must all 3 services be running?
How can i run it manually with the init script?

Cheers,
Eric

Ok, I've reproduced the time sync and aiccu issues now and fixed it. New build coming up.

Also, iptables policy matching module was missing from the alternate build causing a problem with the l2tp rule. Fixed in next build.

(Last edited by arokh on 6 Nov 2011, 22:33)

Yeah, removed the latest build. It wasn't built from a clean tree, rebuilding now to see if that was the issue.

ferob wrote:

The other thing is, since a few builds if you tftp the factory image the old settings remain.

+After every system upgrade it duplicates the led configs in /etc/config/system and the vnstat interface settings in /etc/config/vnstat.

config 'led' 'wan_led'
        option 'name' 'WAN LED (green)'
        option 'sysfs' 'wndr3700:green:wan'
        option 'default' '0'
...

I noticed the duplicated LED settings a few builds ago in my own build, but haven't really investigated the exact cases where the duplication happens (flash with keeping settings, without preserving settings, TFTP flash, ...). I think that the LED definitions are added on "first run initialization" after flash. And that process was recently changed: https://dev.openwrt.org/changeset/28704

If the LED definitions really get duplicated in a TFTP flash, it sounds like a bug.

This might also be related to the same 28733 system init change, which caused the 5 GHZ radios to get disabled. (That checkin changed the timing of applying uci-defaults).  https://dev.openwrt.org/changeset/28733

There is actually an old bug about that LED definition duplication, so the issue may have been there for some time: https://dev.openwrt.org/ticket/8716 . (That ticket would implicate to me that the duplication should happen when flashing while keeping settings.)

(Last edited by hnyman on 7 Nov 2011, 09:04)

Yeah I found the issue, some SSL changes to uhttpd in trunk has caused an issue in my build. Looking into it.

I have a question and I really hope someone could help me with my router problem.

I flashed openWRT to my WNDR3700 V2 and it seemed to work fine (I think it was whiterussian)

But then a few months ago I saw a newer version RC5 of the backfire firmware. So I flashed it on my router and it worked fine, but then I noticed that I could not use the internet on my (android) Phone.

The strange thing is, if I connect to my 2G network from my laptop it all works great. If I connect to it from my phone I do get a normal IP, I can access my NAS and mediaplayer. But I cant connect to the internet.

I did found a workaround, I made a guest network that can only access the WAN and not LAN. This works, but I really would like to access my LAN aswell (I like to use my phone as a remote for my mediaplayer).

I could not find much information about this specific problem, so any help would be welcome.

ps. I also have the same problem on my girlfriends phone (so I don't think my phone is the problem).

pps. I just flashed RC6 but it did not fix my issue...

(Last edited by derek83 on 7 Nov 2011, 18:25)

r28799 is up with luci working again.

@derek83

Did you try a trunk build? I know there are people with android phones using my build.

Hi,
can somebody tell me if the new buil works on OSX Lion.
I know it worked on OSX Snow Leopard with some workarounds but with Apple using NetaTalk 2.2 and DHX2 protocol it's broken now.
Thanks

The  L2TP/IPSec VPN packages are no longer in the latest release(28799).  Any reasons?  -

@green0153

It works, I use netatalk 2.2.1.

@fidonet

Read first page.

@arokh

I used build from the trunk a whila ago but then I could not access the router anymore. So I used TFTP to get back to a working version. Could it be that a version on the trunk is without Lucie (or any other web interface)?

arokh wrote:

@fidonet

Read first page.

Nov  8 20:29:15 OpenWrt daemon.info racoon: INFO: Adding remote and local NAT-D payloads.
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: /etc/racoon/psk.txt has weak file permission
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: failed to open pre_share_key file /etc/racoon/psk.txt
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: couldn't find the pskey for MY IP HERE.
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: /etc/racoon/psk.txt has weak file permission
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: failed to open pre_share_key file /etc/racoon/psk.txt
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: couldn't find the the default pskey either.
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: failed to process ph1 packet (side: 1, status: 4).
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: phase1 negotiation failed.
Nov  8 20:29:47 OpenWrt daemon.info racoon: ERROR: no configuration found for MY IP HERE.
Nov  8 20:29:47 OpenWrt daemon.info racoon: ERROR: failed to begin ipsec sa negotication.


rule from the first page as : "all you need is a user in /etc/ppp/chap-secrets like "user * password *" and a PSK in /etc/racoon/psk.txt."  was followed

mmhorda wrote:

Nov  8 20:29:15 OpenWrt daemon.info racoon: INFO: Adding remote and local NAT-D payloads.
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: /etc/racoon/psk.txt has weak file permission
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: failed to open pre_share_key file /etc/racoon/psk.txt
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: couldn't find the pskey for MY IP HERE.
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: /etc/racoon/psk.txt has weak file permission
Nov  8 20:29:15 OpenWrt daemon.info racoon: ERROR: failed to open pre_share_key file /etc/racoon/psk.txt
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: couldn't find the the default pskey either.
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: failed to process ph1 packet (side: 1, status: 4).
Nov  8 20:29:15 OpenWrt daemon.info racoon: [MY IP HERE] ERROR: phase1 negotiation failed.
Nov  8 20:29:47 OpenWrt daemon.info racoon: ERROR: no configuration found for MY IP HERE.
Nov  8 20:29:47 OpenWrt daemon.info racoon: ERROR: failed to begin ipsec sa negotication.


rule from the first page as : "all you need is a user in /etc/ppp/chap-secrets like "user * password *" and a PSK in /etc/racoon/psk.txt."  was followed

from the error code it sounds like you just need to change permission on psk.txt. I think I had a similar error when I tried; if you ssh into the router and change psk.txt permission (i.e. "chmod 0700 /etc/racoon/psk.txt") it might fix things...

dakh7 wrote:

rule from the first page as : "all you need is a user in /etc/ppp/chap-secrets like "user * password *" and a PSK in /etc/racoon/psk.txt."  was followed
from the error code it sounds like you just need to change permission on psk.txt. I think I had a similar error when I tried; if you ssh into the router and change psk.txt permission (i.e. "chmod 0700 /etc/racoon/psk.txt") it might fix things...

yeah.. i tried with chmod 740 was the same but with 700 seems to help but suddenly some other type of errors smile

Nov  8 22:41:07 OpenWrt daemon.info racoon: INFO: Adding remote and local NAT-D payloads.
Nov  8 22:41:07 OpenWrt daemon.info racoon: [HERE IS MY IP remote] ERROR: couldn't find the pskey for HERE IS MY IP remote.
Nov  8 22:41:07 OpenWrt daemon.info racoon: [46.135.60.253] NOTIFY: Using default PSK.
Nov  8 22:41:07 OpenWrt daemon.info racoon: INFO: NAT-T: ports changed to: HERE IS MY IP remote[27933]<->HERE IS MY IP router[4500]
Nov  8 22:41:07 OpenWrt daemon.info racoon: INFO: KA list add: HERE IS MY IP router[4500]->HERE IS MY IP remote[27933]

mmhorda wrote:

yeah.. i tried with chmod 740 was the same but with 700 seems to help but suddenly some other type of errors smile

Nov  8 22:41:07 OpenWrt daemon.info racoon: INFO: Adding remote and local NAT-D payloads.
Nov  8 22:41:07 OpenWrt daemon.info racoon: [HERE IS MY IP remote] ERROR: couldn't find the pskey for HERE IS MY IP remote.
Nov  8 22:41:07 OpenWrt daemon.info racoon: [46.135.60.253] NOTIFY: Using default PSK.
Nov  8 22:41:07 OpenWrt daemon.info racoon: INFO: NAT-T: ports changed to: HERE IS MY IP remote[27933]<->HERE IS MY IP router[4500]
Nov  8 22:41:07 OpenWrt daemon.info racoon: INFO: KA list add: HERE IS MY IP router[4500]->HERE IS MY IP remote[27933]

Oh, I had similar errors also! but unfortunately I'm not sure how I resolved it.

I was on an earlier build (< r287xx), and had gotten it working (when the permissions issue showed up, fixed with the chmod described previously), then I upgraded to 28717 and thats when I started getting problems like you describe now. I finally upgraded to 28799 and now its working fine for me.

Are you using the latest alternative build? Also make sure the format is right, I used some more instructions from arokh's tutorial about L2TP over IPsec , particularly about the format of the psk.txt.

I accidentally took out the esp rule a build or two ago I believe. Make sure you have this in firewall config:

# IPsec/ESP
config 'rule'
        option 'target' 'ACCEPT'
        option '_name' 'IPsec ESP'
        option 'src' 'wan'
        option 'proto' 'esp'

Fixed in next build.

Sorry, posts 2076 to 2075 are missing from our archive.