Try replacing your Server and Client configs with these:

Server

    # --- Protocol ---#

##-tls-server may not (shouldn't) be needed, however it's unclear why some have to add it-##
        tls-server
        
        dev         tun
        dev         tun0
        topology    subnet
        proto       udp
        port        xxxx
 
    #--- Routes ---#
        server      10.x.x.0 255.255.255.x
 
    #--- Client Config ---#
#       ccd-exclusive
#       ifconfig-pool-persist    /etc/openvpn/clients/ipp.txt
#       client-config-dir        etc/openvpn/clients/
        ifconfig                 10.x.x.1 255.255.255.x

##-max-clients can be better set via ccd directives & a subnet mask (255.255.255.248 hosts 6 clients)-##
        max-clients                5
 
    #--- Pushed Routes ---#
        push    route 192.168.x.0 255.255.255.x
        push    dhcp-option DNS 192.168.x.1
        push    dhcp-option WINS 192.168.x.1
        push    dhcp-option DNS 8.8.8.8
        push    dhcp-option DNS 8.8.4.4
        push    dhcp-option NTP 129.6.15.30
 
    #--- Encryption ---#
        cipher        AES-192-CBC
        dh            /etc/openvpn/keys/dhxxxx.pem

##-If using a PKCS12 (p12) cert, the next 3 aren't needed-##
#       pkcs12        /etc/openvpn/keys/server.p12

        ca            /etc/openvpn/keys/ca.crt
        cert          /etc/openvpn/keys/server.crt
        key           /etc/openvpn/keys/server.key    
        tls-auth      /etc/openvpn/keys/ta.key 0
 
    #--- Logging ---#
        log            /tmp/openvpn.log
        status         /tmp/openvpn-status.log
        verb           7
 
    #--- Connection Options ---#
        keepalive    10 120
        comp-lzo
 
    #--- Connection Reliability ---#

##-client-to-client allows clients to connect to each other-##
        client-to-client

        persist-key
        persist-tun
 
    #--- Connection Speed ---#    
        sndbuf      393216
        rcvbuf      393216
        fragment    0
        mssfix      0
        tun-mtu     24000
 
    #--- Pushed Buffers ---#
        push sndbuf  393216
        push rcvbuf  393216
 
    #--- Permissions ---#
        user    nobody
        group   nogroup

Client

config openvpn 'xxx'
        option enable    '1'
    
    #--- Protocol ---#
        option client    '1'
        option dev       'tun'
        option dev       'tun0'
        option proto     'udp'
        option port      'xxxx'

    #--- Routes ---#
        option remote    'your.ddns.com'
    
    #--- Encryption ---#
        option auth-nocache      '1'
        option cipher            'AES-192-CBC'

##-If using a PKCS12 (p12) cert, the next 3 aren't needed-##
#       option pkcs12           '/etc/openvpn/keys/client.p12'

        option ca                '/etc/openvpn/keys/ca.crt'
        option cert              '/etc/openvpn/keys/client.crt'
        option key               '/etc/openvpn/keys/client.key'
        option remote-cert-tls   'server'
        option tls_auth          '/etc/openvpn/keys/ta.key 1'

    #--- Logging ---#
        option status    '/tmp/openvpn.status'
        option verb      '5'
    
    #--- Connection Reliability ---#
        option keepalive      '10 120'
        option comp_lzo       'yes'
        option float          '1'
        option nobind         '1'
        option resolv-retry   'infinite'
    
    #--- Connection Speed ---#
        option persist-key    '1'
        option persist-tun    '1'
        option fragment       '0'
        option mssfix         '0'
        option tun_mtu        '24000'

(Last edited by JW0914 on 14 Jul 2015, 05:26)

Please update the WRT1900 Wiki to include essential packages required for a fully functional router with the custom firmware.

It would be of great help for the average user to understand the initial phase of installing, configuring and securing the router.

Thanks,
-JM

@Juni0rM1nt

Essential packages are already included in the firmware image. What other packages would you deem as "essential"?

nitroshift

Wifi driver (again)

Ironically, the router crashed today shortly after posting my 19 day uptime! 

It could be that the iPad and iPhone are down here in the basement with me.  The iPad is normally up on the 3rd floor connected to the airport. 

However, wifi didn't go down.  The network did.  I could still connect to the Access Point, but I had no DHCP and the router's ip wasn't responding.  A reboot fixed it, but I don't think the system actually locked up.  The network just stalled out.

r45222 was a build I was also on for a while.

I've since hopped my way along to trunk r45950 and remained there:
up 29 days, 12:03,  load average: 0.05, 0.02, 0.04

An :

opkg update
opkg list-upgradable

will tell you what's changed since 45222.

There was an openssl security fix just after RC2 was released and they recommended people grab the packages from trunk.

I went to a trunk past RC2 so had that fix.

Note there's since been a SUBSEQUENT openssl fix.  I tried putting the trunk packages on my system but libc didn't like it - trunk's moved on a LOT since my build (and therefore even more since yours, and even RC2)

My advice then would be for you to stick with what you've got and wait for RC3/final, since unless you go to bleeding-edge trunk (which is your only forward option for fixes right now) you won't be guaranteed to be able to install current trunk packages on anything else (including possibly RC2).

(Last edited by DavidMcWRT on 13 Jul 2015, 20:29)

sounds like issue 20 again if I'm not mistaken.

Is there anyone in here that has the ability to get the buildbot in sync? Bot build says 46316 but it is 46314.

@nitroshift,

The question is, whats included with RC2?

Thx!
-JM

That's because commits that move packages to github increment the changeset but the actual build won't see them.

https://dev.openwrt.org/timeline?changeset=on

Everything's fine

(Last edited by DavidMcWRT on 13 Jul 2015, 22:32)

Here's a list from RC2  - snmpd packages I've installed.

base-files    157-r45918
busybox    1.23.2-1
dnsmasq    2.73rc8-1
dropbear    2015.67-1
firewall    5/26/2015
fstools    2015-05-24-09027fc86babc3986027a0e677aca1b6999a9e14
hostapd-common    2015-03-25-1
ip6tables    1.4.21-1
iptables    1.4.21-1
iw    3.17-1
iwinfo    2015-06-01-ade8b1b299cbd5748db1acf80dd3e9f567938371
jshn    2015-05-08-a8e70c6d361967a23977417fb7d6cf56234f8b81
jsonfilter    2014-06-19-cdc760c58077f44fc40adbbe41e1556a67c1b9a9
kernel    3.18.14-1-adf9f1bd0b749182b1bbc1f89de97e69
kmod-ata-ahci    3.18.14-1
kmod-ata-ahci-platform    3.18.14-1
kmod-ata-core    3.18.14-1
kmod-ata-marvell-sata    3.18.14-1
kmod-ata-mvebu-ahci    3.18.14-1
kmod-cfg80211    3.18.14+2015-03-09-3
kmod-crypto-aes    3.18.14-1
kmod-crypto-arc4    3.18.14-1
kmod-crypto-core    3.18.14-1
kmod-gpio-button-hotplug    3.18.14-1
kmod-hwmon-core    3.18.14-1
kmod-hwmon-pwmfan    3.18.14-1
kmod-hwmon-tmp421    3.18.14-1
kmod-i2c-core    3.18.14-1
kmod-i2c-mv64xxx    3.18.14-1
kmod-ip6tables    3.18.14-1
kmod-ipt-conntrack    3.18.14-1
kmod-ipt-core    3.18.14-1
kmod-ipt-nat    3.18.14-1
kmod-ipv6    3.18.14-1
kmod-leds-tlc59116    3.18.14-1
kmod-ledtrig-usbdev    3.18.14-1
kmod-lib-crc-ccitt    3.18.14-1
kmod-lib-lzo    3.18.14-1
kmod-mac80211    3.18.14+2015-03-09-3
kmod-mmc    3.18.14-1
kmod-mvsdio    3.18.14-1
kmod-mwlwifi    3.18.14+10.3.0.1-20150525-1
kmod-nf-conntrack    3.18.14-1
kmod-nf-conntrack6    3.18.14-1
kmod-nf-ipt    3.18.14-1
kmod-nf-ipt6    3.18.14-1
kmod-nf-nat    3.18.14-1
kmod-nf-nathelper    3.18.14-1
kmod-nls-base    3.18.14-1
kmod-ppp    3.18.14-1
kmod-pppoe    3.18.14-1
kmod-pppox    3.18.14-1
kmod-regmap    3.18.14-1
kmod-rtc-marvell    3.18.14-1
kmod-scsi-core    3.18.14-1
kmod-slhc    3.18.14-1
kmod-thermal    3.18.14-1
kmod-thermal-armada    3.18.14-1
kmod-usb-core    3.18.14-1
kmod-usb-storage    3.18.14-1
kmod-usb2    3.18.14-1
kmod-usb3    3.18.14-1
libblobmsg-json    2015-05-08-a8e70c6d361967a23977417fb7d6cf56234f8b81
libc    0.9.33.2-1
libgcc    4.8-linaro-1
libip4tc    1.4.21-1
libip6tc    1.4.21-1
libiwinfo    2015-06-01-ade8b1b299cbd5748db1acf80dd3e9f567938371
libiwinfo-lua    2015-06-01-ade8b1b299cbd5748db1acf80dd3e9f567938371
libjson-c    0.12-1
libjson-script    2015-05-08-a8e70c6d361967a23977417fb7d6cf56234f8b81
liblua    5.1.5-1
libnetsnmp    5.4.4-1
libnl-tiny    0.1-4
libubox    2015-05-08-a8e70c6d361967a23977417fb7d6cf56234f8b81
libubus    2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
libubus-lua    2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
libuci    2015-04-09.1-1
libuci-lua    2015-04-09.1-1
libxtables    1.4.21-1
lua    5.1.5-1
luci    git-15.146.54948-a497fba-1
luci-app-firewall    git-15.146.54948-a497fba-1
luci-base    git-15.146.54948-a497fba-1
luci-lib-ip    git-15.146.54948-a497fba-1
luci-lib-nixio    git-15.146.54948-a497fba-1
luci-mod-admin-full    git-15.146.54948-a497fba-1
luci-proto-ipv6    git-15.146.54948-a497fba-1
luci-proto-ppp    git-15.146.54948-a497fba-1
luci-theme-bootstrap    git-15.146.54948-a497fba-1
mtd    20
netifd    2015-05-26-5990d1126fd33665e106508ebcbadfbb2d703d8e
odhcp6c    2015-05-19-68042ddafe0e1a3498b6c7a57ec8d2d20f25650b
odhcpd    2015-05-21-2ebf6c8216287983779c8ec6597d30893b914a7c
opkg    9c97d5ecd795709c8584e972bfdf3aee3a5b846d-7
ppp    2.4.7-5
ppp-mod-pppoe    2.4.7-5
procd    2015-06-03-94e7ea8b88cb01192a6fb1f1f6a68ada1356763f
procd-nand    2015-06-03-94e7ea8b88cb01192a6fb1f1f6a68ada1356763f
rpcd    2015-05-17-3d655417ab44d93aad56a6d4a668daf24b127b84
snmpd    5.4.4-1
swconfig    10
ubi-utils    1.5.1-2
uboot-envtools    2014.10-2
ubox    2015-05-22-ab5b47397cc143798ba2f367f04579e5b5b82070
ubus    2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
ubusd    2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
uci    2015-04-09.1-1
uhttpd    2015-05-31-daeea305298197bb50c1e63cdd842ee1d9461d80
uhttpd-mod-ubus    2015-05-31-daeea305298197bb50c1e63cdd842ee1d9461d80
usign    2015-05-08-cf8dcdb8a4e874c77f3e9a8e9b643e8c17b19131
wpad-mini    2015-03-25-1

(Last edited by davidc502 on 13 Jul 2015, 23:42)

Thanks for the info.

So is there a reason as to why port forwarding isnt quite working? I have added all the rules I want and I still cant get it to free the ports up.

Did you get to look at the rc.button code and the inverse settings in the dts file for the gpio buttons?

In trunk, looking at rc.button/reset, it definitely factory resets if you hold it for five seconds.  The broken GPIO states caused the first press to be a released action with SEEN being the timestamp from boot, causing it to trigger the wipe.

root@ZOMGWTFBBQWIFI:/etc/rc.button# cat reset
#!/bin/sh

[ "${ACTION}" = "released" ] || exit 0

. /lib/functions.sh

logger "$BUTTON pressed for $SEEN seconds"

if [ "$SEEN" -lt 1 ]
then
        echo "REBOOT" > /dev/console
        sync
        reboot
elif [ "$SEEN" -gt 5 ]
then
        echo "FACTORY RESET" > /dev/console
        jffs2reset -y && reboot &
fi

Basically Trunk + LuCI.  It's a bare bones build for the most part.

Those wiki's already exist... one just needs to search wiki.openwrt.org.  It's impractical to cover what you're asking on every router OpenWRT supports, as there's hundreds of routers.  With that being said, if you'd like specific wikis linked to on the WRT1900 wiki, you can add them by creating a wiki account, or let me know and I'll add them.

(Last edited by JW0914 on 14 Jul 2015, 05:15)

@Juni0rM1nt

@davidc502 answered your question as I'm running test builds on my devices (currently based on kernel 4.1.2) in order to backport any improvements. Unfortunately I can't reproduce the stalls and lock-ups but then again I don't have any Mac devices (which I believe are the root of the issue ).

nitroshift

(Last edited by nitroshift on 14 Jul 2015, 05:35)

Done: https://forum.openwrt.org/viewtopic.php … 40#p283340

Thank you very much!

I didn't know issue 20 took out the wired lan as well.  My devices on ethernet dropped out their connections as well when this happened.  I hadn't been looking at 20 as I thought 21 was the more serious issue, but 20 is then just as serious as the router effectively dies completely.  I thought it was just wifi. 

I'm very unimpressed with Marvell on this.  There hasn't been an update to the mwlwifi code in 3 weeks.

@nitroshift;
@davidc502

Many thanks guys!

If router halts and you have no network or ping, wired or wireless, then it is issues #21 (https://github.com/kaloz/mwlwifi/issues/21). Wireless networks may still be announced, there will be no ping, I suppose.

I'm hoping to hear back from some that may be using stock 1.1.10, and if this last update fixes the router crashing. Over the past week, I just got everything working like I need with OpenWrt, so there's a little hesitation to going back to stock to test.

Also, there is confusion of if these stock updates are filtered down to OpenWrt from Linksys.

***EDIT****

Just read the following -- I'm assuming it's 1.1.10 because the post was made today 7-14-15

"I have some problem with WRT1900AC (i have the latest firmware) everything work fine but after some days (like 20 days) i cannot connect trough smart wi-fi(i can acces the router outside locally)....erorr cannot connect to router......it's the second time I've enconterd this problem....I did perform hard reset,everything even conntact  support but they are awful...i'm on ip static on the router my ISP has no limit the internet it's up everything works fine except this"

(Last edited by davidc502 on 14 Jul 2015, 18:54)

Agreed ...

I have a ipad and 3 iphones, and plenty of lock-ups :*(    I've tried to talk my family into switching over to Android phones, but that went over like a lead balloon.... as I'm sure you can imagine.

Installing IOS 8.4 on my phone... maybe by blind luck there will be a wifi improvement....

http://forums.imore.com/ios/331269-will … issue.html

(Last edited by davidc502 on 14 Jul 2015, 20:04)

It's been a on-going issue, even in the early days, ie: McWRT

BTY

You could run McWRT and...

EDIT: /etc/config/wireless

config wifi-iface
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'Network_Name'
option encryption 'psk2+ccmp'
option key 'password'
option disassoc_low_ack '0' ---> add this line

reboot

(Last edited by gufus on 14 Jul 2015, 20:35)

Already add the configuration a few weeks ago, but was told this is being ignored by the hardware. It seems to be accurate, but have no way of proving either way.