TP-Link WR1043nd - Discussion | [Wifirouter] Discussion of all versions (v1 - v3) router
People, tell me what is the simplest way to assemble from this router and external hard drive NAS? I have 1043 B.1 and the external Winchester Seagate Expansion Desktop on 4 TB, I want it to be delivered to the router and there was access to it with a laptop (to record video there) and from the TV (in order to watch from there).
I read the topic but a silence a lot of extra information, I want someone to advise the firmware that could be installed, connect the screw and everything worked without consoles and teams.
I put the latest factory firmware, there is a charming function through the YUSB, but only 2 of the screw sections can only be rewinding and accessing only from the TV. How to make full-fledged access from any device with the ability to write / read?
I read the topic but a silence a lot of extra information, I want someone to advise the firmware that could be installed, connect the screw and everything worked without consoles and teams.
I put the latest factory firmware, there is a charming function through the YUSB, but only 2 of the screw sections can only be rewinding and accessing only from the TV. How to make full-fledged access from any device with the ability to write / read?
SEE4U, For example, to put OpenWRT and then configure Samba, but if you have never done this, you have to read.See4u @ 06/12/2015, 17:36
I put the latest factory firmware, there is a charming function through the YUSB, but only 2 of the screw sections can only be rewinding and accessing only from the TV. How to make full-fledged access from any device with the ability to write / read?
Otherwise, all the information is in the subject ...
In DD-WRT, for example, everything can be configured from the router settings web interface.
Instruction as I updated my routerWR1043ND V1. before Firmware from GWlim OpenWrt Barrier Breaker 14.07 (R45620) and set Exroot. so that it would be Many free space On the system section, and it was possible to install any SAMBA buns (the ability to make a simple NAS), transmissions (torrent), OpenVPN and any different way.
It was basedinstructionfromdearyohimba With some changes, otherwise I did not immediately work.
P.SH .: I hope that it made little mistakes and someone will come in handy, because 3 pm himself suffered.
fstab.zip(364 bytes)
Post has been editedDREDivan - 20.06.15, 15:43
It was basedinstructionfromdearyohimba With some changes, otherwise I did not immediately work.
How to expand the system partition
To expand the memory used a flash drive (in my case transcend jetflash 600), I broke the USB flash drive to 3Primary section :
I have all the necessary configs are found at the root FTP: Network, DHCP, DDNS, Firewall, Wireless, System,fstab . Used a small FTP server, for example Baby FTP Server .
- Linux EXT4 - 256 MB
- SWAP - 32 MB
- Linux EXT4 - everything else
I have all the necessary configs are found at the root FTP: Network, DHCP, DDNS, Firewall, Wireless, System,fstab . Used a small FTP server, for example Baby FTP Server .
So let's start
- To start, I updated with firmware fromFrom Yohimba OpenWrt Attitude Adjustment 12.09 (R36088 V5), collected 07.02.2015on the firmware fromGWLIM OpenWrt Barrier Breaker 14.07 (R45620).
- Made a reset of settings (you can do in two ways:
- You can speaking through the terminal by speaking the firstboot command and then restart the router with the reboot command
- You can via the Web interface System>Backup / Flash Firmware->Perform Reset)
- You can speaking through the terminal by speaking the firstboot command and then restart the router with the reboot command
- An important point, without which you will not be able to enter the router through the SSH terminal,need to install administrator password .
We go through the Web.http://192.168.1.1System->Administration We enter a password and a password confirmation and clickSave & Apply - Configure a router manually or in my case I restore the configs from FTP
Go to the router through the terminalPuTTYAt 192.168.1.1, SSH protocol, port 22.
We write alternate commands (FTP must be turned on and the configuration files must lie in its root, 192.168.1.100 in my case this address that I assigned a router)cd / etc / config
RM Network DHCP DDNS Firewall Wireless
Wget ftp://192.168.1.100/network
Wget ftp://192.168.1.100/dhcp
Wget ftp://192.168.1.100/ddns
Wget ftp://192.168.1.100/firewall
Wget ftp://192.168.1.100/wireless
reboot - Restart the PUTTY terminal.opkg update
Opkg Install CFDisk E2fsprogs
mkdir / mnt / sda1
MKDIR / MNT / SDA3
Touch / MNT / SDA3 / USB_DISK_NOT_PRESENT - We connect the USB flash drive.
- Connect the Swap section.mkswap / dev / sda2
swapon / dev / sda2 - We re-create the first section of the file system.MKE2FS -B 4096 -T EXT4 -V -L root / dev / sda1
- Create a list of UUID sections of the flash drive, we are interested in SDA1 SDA3 sections.block info>/ etc / config / uuid
- We go to the router through WinSCP and open / etc / config / uuid and see the following:/ dev / mtdblock2: uuid = "59f9547c-70fb4fe1-49f88fc3-25207d37" version = "4.0" type = "SquashFS"
/ dev / mtdblock3: type = "jffs2"
/ dev /sda1 : Uuid = " 73001110-3CF4-4441-872E-C6711A903331. "Label =" root "name =" ext_journal "version =" 1.0 "type =" ext4 "
/ dev / sda2: version = "2" Type = "SWAP"
/ dev /sda3 : Uuid = " F8F7EDBE-1320-CF01-B0B2-EDBE1320CF01 "Label =" sda3 "name =" ext_journal "version =" 1.0 "type =" ext4 " - Swing the FSTAB file attached at the bottom, unpack it into the root of your FTP and replace the UUID-s on your SDA1 and SDA3, respectively.
As a result, it should be like this:config global
option anon_swap '0'
option anon_mount '0'
option auto_swap '1'
option auto_mount '1'
option delay_root '5'
option check_fs '0'
config mount
Option UUID '73001110-3CF4-4441-872E-C6711A903331. '
option enabled '1'
option device '/ dev / sda1'
option fstype 'ext4'
Option Options 'RW, Sync, Noatime, Nodiratime'
option target '/ overlay'
config swap
Option Device '/ Dev / SDA2'
option enabled '1'
config mount
Option Target '/ MNT / SDA3'
Option UUID 'F8F7EDBE-1320-CF01-B0B2-EDBE1320CF01 '
option enabled '1'
Option Options 'RW, Noatime, Nodiratime, Errors = Remount-Ro, Nouser_xattr, Commit = 100, Barrier = 0, Data = WriteBack'
Option Device '/ Dev / SDA3'
option fstype 'ext4' - We replace the FSTAB config.cd / etc / config
MV FSTAB FSTAB.ORIG.
Wget ftp://192.168.1.100/fstab.
/etc/init.d/fstab enable
mount / dev / sda1 / mnt / sda1
TAR -C / OVERLAY -CVF -. | TAR -C / MNT / SDA1 -XF -
reboot - All, Extroot is ready, check, restart the PUTTY terminal.df -h
P.SH .: I hope that it made little mistakes and someone will come in handy, because 3 pm himself suffered.
Attached files
fstab.zip(364 bytes)Post has been editedDREDivan - 20.06.15, 15:43
See4u @ 06/14/2015, 16:36
I read the topic but a silence a lot of extra information, I want someone to advise the firmware that could be installed, connect the screw and everything worked without consoles and teams.
I advise Gargole. Easily put / configured. The screw is elementary connected, you can run DLNA.
One phrase is the entire OpenWRT power with a simple interface.
Post has been editedbizonUa - 15.06.15, 08:12
bizonUa, By the way, do not prompt in the ridge after installing Wi-Fi enabled or as in OpenWRT you need to turn on the handle after the firmware ...
Wi-Fi is not configured, and therefore does not work.
After the first installation with the factory there is a Web access by LAN - 192.168.1.1 - Password -Password.
When you first handle, the firmware asks to change the password.
Then inConnection - Install the mode of operation, WAN, LAN, WIFI.
After installing WAN- inSystem-Plugins. - We click at the bottom of the button Refresh Plugins. - Choose Russian + what else is needed.
Delay, change the topic if you wish. We use.
P.S. I know the exception of the experimental assembly of the Gorgral fromIspyisail - http: //www.gargoyle-ro...wtopic.php? F = 14 & t = 7142 - There is a default WiFi (network name - OpenWRT, no protection).
Post has been editedbizonUa - 17.06.15, 23:48
After the first installation with the factory there is a Web access by LAN - 192.168.1.1 - Password -Password.
When you first handle, the firmware asks to change the password.
Then inConnection - Install the mode of operation, WAN, LAN, WIFI.
After installing WAN- inSystem-Plugins. - We click at the bottom of the button Refresh Plugins. - Choose Russian + what else is needed.
List of available plugins
Plugin List.
Languages
سلاسل اللغة الإنجليزية-أون لواد ويب
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 0.542 Kbytes
English-en Language Strings for Gargoyle Web Interface
Version: 1.0.0-1
Status: Pre-Installed
Deutsche Ãœbersetzung Der WebSchnittstelle
Version: 0.0.1-1
Status: Not Installed
Required Disk Space: 24.033 Kbytes
Norwegian-No Language Strings for Gargoyle Web Interface
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 23.555 Kbytes
POLSKI (PL) Pakiet Językowy Dla Interfejsu Gargoyle
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 24.388 Kbytes
ARQUIVOS DE Idioma PT-Br Para Interface Do Gargole
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 2.221 KBYETES
Russian (RU) Language for Gargoile web interface
Version: 1.0.0-1
Status: Installed
ä¸æ–‡ (简体) ZH-CN LANGUAGE STRINGS FOR GARGOYLE WEB INTERFACE
Version: 1.0.5-20150202.
Status: Not Installed
Required Disk Space: 24.171 Kbytes
Las Cadenas De Idiaoma En Español-es Para Gargoyle Web Interfaz
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 24.174 KBYETES
Themes Installed
Theme by Matei for Gargoyle
Version: 1.7.1-1
Status: Not Installed
Required Disk Space: 7.286 KBYETES
"Dark One" Theme for Gargoile
Based on theme by matei
Created by Tomasz Fornal
Version: 1.7.1-1
Status: Not Installed
Required Disk Space: 4.653 Kbytes
Demantoid Theme for Gargole
NAV MENU BEHIND "GARGOYLE"
For Use with Modern Browsers
Version: 1.2-1
Status: Not Installed
Required Disk Space: 46.233 Kbytes
Green Theme for Gargoyle
Version: 1.7.1-1
Status: Not Installed
REQUIRED DISK SPACE: 13.049 KBYETES
Horchata Theme for Gargoyle
Horizontal Charcoal Theme.
For Modern Browsers.
Version: 1.1-1
Status: Not Installed
Required Disk Space: 22.019 KBYETES
Light Theme for Gargoyle
Version: 1.7.1-1
Status: Not Installed
REQUIRED DISK SPACE: 13.058 KBYETES
XEYE THEME FOR GARGOYLE
Version: 1.7.1-1
Status: Installed
Packages Installed
Services Manager for Gargoyle
Version: 20130903.
Status: Installed
Logread for Gargoyle
Version: 20120724-4
Status: Installed
DLNA Support for Gargoyle
Version: 20130707-1
Status: Installed
OpenVPN Support for Gargoyle
Version: 1.7.1-1
Status: Pre-Installed
Ping Watchdog
Version: 20131030.
Status: Installed
PPTP Support for Gargoyle
Version: 20131020-2
Status: Installed
Tor Anonymizer Support for Gargoile
Version: 1.7.1-1
Status: Not Installed
Required Disk Space: 668.609 KBYETES
USB Printer Support for Gargoyle
Version: 1.7.1-1
Status: Pre-Installed
USB Storage Support for Gargoile
Version: 1.7.1-1
Status: Pre-Installed
Webcam Support for Gargoyle
Version: 20130630-1.
Status: Installed
WebShell for Gargoyle
Version: 20130302-1
Status: Installed
WIFI SCHEDULING FOR GARGOYLE
Version: 1.1.2-2
Status: Installed
Languages
سلاسل اللغة الإنجليزية-أون لواد ويب
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 0.542 Kbytes
English-en Language Strings for Gargoyle Web Interface
Version: 1.0.0-1
Status: Pre-Installed
Deutsche Ãœbersetzung Der WebSchnittstelle
Version: 0.0.1-1
Status: Not Installed
Required Disk Space: 24.033 Kbytes
Norwegian-No Language Strings for Gargoyle Web Interface
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 23.555 Kbytes
POLSKI (PL) Pakiet Językowy Dla Interfejsu Gargoyle
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 24.388 Kbytes
ARQUIVOS DE Idioma PT-Br Para Interface Do Gargole
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 2.221 KBYETES
Russian (RU) Language for Gargoile web interface
Version: 1.0.0-1
Status: Installed
ä¸æ–‡ (简体) ZH-CN LANGUAGE STRINGS FOR GARGOYLE WEB INTERFACE
Version: 1.0.5-20150202.
Status: Not Installed
Required Disk Space: 24.171 Kbytes
Las Cadenas De Idiaoma En Español-es Para Gargoyle Web Interfaz
Version: 1.0.0-1
Status: Not Installed
Required Disk Space: 24.174 KBYETES
Themes Installed
Theme by Matei for Gargoyle
Version: 1.7.1-1
Status: Not Installed
Required Disk Space: 7.286 KBYETES
"Dark One" Theme for Gargoile
Based on theme by matei
Created by Tomasz Fornal
Version: 1.7.1-1
Status: Not Installed
Required Disk Space: 4.653 Kbytes
Demantoid Theme for Gargole
NAV MENU BEHIND "GARGOYLE"
For Use with Modern Browsers
Version: 1.2-1
Status: Not Installed
Required Disk Space: 46.233 Kbytes
Green Theme for Gargoyle
Version: 1.7.1-1
Status: Not Installed
REQUIRED DISK SPACE: 13.049 KBYETES
Horchata Theme for Gargoyle
Horizontal Charcoal Theme.
For Modern Browsers.
Version: 1.1-1
Status: Not Installed
Required Disk Space: 22.019 KBYETES
Light Theme for Gargoyle
Version: 1.7.1-1
Status: Not Installed
REQUIRED DISK SPACE: 13.058 KBYETES
XEYE THEME FOR GARGOYLE
Version: 1.7.1-1
Status: Installed
Packages Installed
Services Manager for Gargoyle
Version: 20130903.
Status: Installed
Logread for Gargoyle
Version: 20120724-4
Status: Installed
DLNA Support for Gargoyle
Version: 20130707-1
Status: Installed
OpenVPN Support for Gargoyle
Version: 1.7.1-1
Status: Pre-Installed
Ping Watchdog
Version: 20131030.
Status: Installed
PPTP Support for Gargoyle
Version: 20131020-2
Status: Installed
Tor Anonymizer Support for Gargoile
Version: 1.7.1-1
Status: Not Installed
Required Disk Space: 668.609 KBYETES
USB Printer Support for Gargoyle
Version: 1.7.1-1
Status: Pre-Installed
USB Storage Support for Gargoile
Version: 1.7.1-1
Status: Pre-Installed
Webcam Support for Gargoyle
Version: 20130630-1.
Status: Installed
WebShell for Gargoyle
Version: 20130302-1
Status: Installed
WIFI SCHEDULING FOR GARGOYLE
Version: 1.1.2-2
Status: Installed
Delay, change the topic if you wish. We use.
P.S. I know the exception of the experimental assembly of the Gorgral fromIspyisail - http: //www.gargoyle-ro...wtopic.php? F = 14 & t = 7142 - There is a default WiFi (network name - OpenWRT, no protection).
Post has been editedbizonUa - 17.06.15, 23:48
Hello everyone, today I will tell you how I mad my router, namely I installed itOpenVPN server. In order to have access to home network of any places Where is the Internet.
So that everything turned outYou must have a permanent IP address or working Dynamic DNS .
I did all this after I putExroot.on the router.
port 1194 # server port
Proto UDP # Connection Protocol may be TCP or UDP
Dev Tun # Tunnel Type
Settings of keyway tracks and certificates
CA /etc/openvpn/ca.crt.
cert /etc/openvpn/my-server.crt.
Key /etc/openvpn/My-server.Key.
DH /etc/openvpn/dh2048.pem.
#IP address and virtual network mask
Server 10.0.0.0 255.255.255.0.
# Select the SubNet topology, allows you to allocate the client / 32 network (in two words each client can be assigned any address from 10.0.0.2 and up to 10.0.0.255, if everything understood everything)
TOPOLOGY SUNNET.
# Redirect the default gateway to the VPN server
PUSH "REDIRECT-GATEWAY DEF1"
# We will ask the route that we pass the client and the subnet mask, so that he "saw" the OpenVPN server network
Push "Route 192.168.1.0 255.255.255.0" # Change This To Your Network
# Indicate the path where files are stored with the customer IP address settings
Client-Config-DIR / ETC / OpenVPN / CCD
# Add a route server-client
Route 10.0.0.0 255.255.255.0.
# The parameter allows you to see each other's customers
client-to-client
# Hash algorithm
AUTH MD5.
# Indicate encryption algorithm
Cipher AES-128-CBC
# Check communication every 10 seconds. If within 120 seconds there will be no answer, it is believed that the channel fell
Keepalive 10 120.
# Compression traffic vpn tunnel using LZO library
comp-lzo
# The parameter indicates not to re-read the key files when restarting the tunnel.
persist-key
This option leaves without changing the TUN / TAP device when restarting OpenVPN.
persist tun
# Specifies the path to the status file that contains information about current connections and Tun / Tap interface information.
status /mnt/sda3/openvpn/openvpn-status.log.
# Indicate log file
log /mnt/sda3/openvpn/openvpn.log.
# Level of debug information
Verb 3.
Post has been edited-SunLion- - 29.06.15, 16:55
So that everything turned outYou must have a permanent IP address or working Dynamic DNS .
I did all this after I putExroot.on the router.
Instruction (carefully so many letters)
- We go to the router through the PUTTY terminal at 192.168.1.1, SSH protocol, port 22.
- We update the repository and install OpenVPN.opkg update
Opkg Install OpenVPN-OpenSSL OpenVPN-Easy-RSA - The terminal is not closed, go through WinScp to the router at 192.168.1.1, SCP protocol, port 22.
Editing the file/ ETC / Easy-RSA / VARS .
These parameters are editing as you want:EXPORT KEY_COUNTRY = "UA"
EXPORT KEY_PROVINCE = "KIEV"
Export key_city = "kiev"
Export Key_org = "OpenWRT"
Export Key_Email = "[email protected]"
EXPORT KEY_OU = "OFFICE"
Export Key_name = "KeyName" - Create Server CertificatesPkitool --initca.
PKITOOL --Server MY-Server
Build-Dh. - Copy server certificates in folder/ etc / openvpn MKDIR -P / ETC / OpenVPN
cp /etc/easy-rsa/keys/ca.crt /etc/easy-rsa/keys/my-server.* /etc/easy-rsa/keys/dh*.pem / etc / openvpn - Customize tunnel.
Open via Winscp/ etc / config / network And add a line to the end of the file:Config Interface 'VPN0'
option ifname 'tun0'
option proto 'none' - Customize Firewall.
Open via Winscp/ etc / config / firewall And add a line to the end of the file:config rule
Option Name 'Allow-OpenVPN-INBOUND'
option target 'ACCEPT'
option src '*'
option proto 'udp'
Option Dest_Port '1194'
config zone
option name 'vpn'
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
Option Network 'VPN0'
option masq '1'
config forwarding
option dest 'lan'
option src 'vpn'
config forwarding
option dest 'wan'
option src 'vpn' - Apply Changes B./ etc / config / network and / etc / config / firewall without reboot. /etc/init.d/network reload
/etc/init.d/firewall reload - Now configure the OpenVPN server.
Open via Winscp/ Etc / config / openvpn And bring it to this species:config openvpn custom_config
option enabled 1
Option Config / etc / OpenVPN / OpenVPN - Through WinSCP, create a text file/ etc / OpenVPN / OpenVPN port 1194 # server port
Proto UDP # Connection Protocol may be TCP or UDP
Dev Tun # Tunnel Type
Settings of keyway tracks and certificates
CA /etc/openvpn/ca.crt.
cert /etc/openvpn/my-server.crt.
Key /etc/openvpn/My-server.Key.
DH /etc/openvpn/dh2048.pem.
#IP address and virtual network mask
Server 10.0.0.0 255.255.255.0.
# Select the SubNet topology, allows you to allocate the client / 32 network (in two words each client can be assigned any address from 10.0.0.2 and up to 10.0.0.255, if everything understood everything)
TOPOLOGY SUNNET.
# Redirect the default gateway to the VPN server
PUSH "REDIRECT-GATEWAY DEF1"
# We will ask the route that we pass the client and the subnet mask, so that he "saw" the OpenVPN server network
Push "Route 192.168.1.0 255.255.255.0" # Change This To Your Network
# Indicate the path where files are stored with the customer IP address settings
Client-Config-DIR / ETC / OpenVPN / CCD
# Add a route server-client
Route 10.0.0.0 255.255.255.0.
# The parameter allows you to see each other's customers
client-to-client
# Hash algorithm
AUTH MD5.
# Indicate encryption algorithm
Cipher AES-128-CBC
# Check communication every 10 seconds. If within 120 seconds there will be no answer, it is believed that the channel fell
Keepalive 10 120.
# Compression traffic vpn tunnel using LZO library
comp-lzo
# The parameter indicates not to re-read the key files when restarting the tunnel.
persist-key
This option leaves without changing the TUN / TAP device when restarting OpenVPN.
persist tun
# Specifies the path to the status file that contains information about current connections and Tun / Tap interface information.
status /mnt/sda3/openvpn/openvpn-status.log.
# Indicate log file
log /mnt/sda3/openvpn/openvpn.log.
# Level of debug information
Verb 3.
This is the server configuration fi
On this server settings are completed.
We proceed to creating customer profiles. I will create a profile in * .ovpn format in which the key and certificates will be inscribed (by the fact that it is more convenient for me to transfer by mail only one client.ovpn file, and not to drag about yet ca.CRT, client.crt, client.key , client.ovpn). - Create keys for customers, depending on how much profiles you needPKITOOL USER1.
PKITOOL User2.
I need only 2 - For convenience, a small script was found on the Internet which he himself creates * .OVPN profile
Via WinSCP go through the way/ ETC / Easy-RSA / Keys And create a file with the name client.sh (create a file by pressing the SHIFT + F4 key) and insert the following lines in advance after the address of your server address under the asterisk:#! / bin / sh
[$ # -ne 1] && EXIT 1
CONF = $ 1.OVPN
Test -R $ CONF && EXIT 1
Echo "Client.
Dev Tun.
Proto UDP.
remote***** 1194
RESOLV-RETRY INFINITE
nobind
AUTH MD5.
Cipher AES-128-CBC
comp-lzo
Keepalive 10 120.
<ca>
$ (cat ca.crt)
</ ca>
<cert>
$ (Cat $ 1.CRT)
</ cert>
<key>
$ (Cat $ 1.Key)
</ key>
persist tun
persist-key
Verb 3 ">$ Pwd / $ conf - We generate * .ovpn profiles for customers
through the terminal Putty.CD / ETC / EASY-RSA / KEYS
Sh Client.sh User1
SH Client.sh User2. - Checking whether profiles were createdLS -L * .OVPN
- Create a CCD folder along the path / etc / openvpn / and the settings of each client will not be stored, in this case, the permanent IP addresses will beMKDIR -P / ETC / OpenVPN / CCD
- Through WinSCP, create a text file User1 along the way/ ETC / OpenVPN / CCD IFCONFIG-PUSH 10.0.0.2 255.255.255.0
- Through WinSCP, create a USER2 text file on the way/ ETC / OpenVPN / CCD IFCONFIG-PUSH 10.0.0.3 255.255.255.0
- Turn on OpenVPN and put it in autoload./etc/init.d/openvpn enable
/etc/init.d/openvpn start
If everything is fine, then through WinSCP on the way/ ETC / Easy-RSA / Keys Copy my user1.ovpn and user2.ovpn computer.
Now, for example, copy one of the profiles on the Android phone, install the OpenVPN CONNECT client, import the profile and check.
Examples of configuration files changed in instructions
/ ETC / Easy-RSA / VARS
# Easy-RSA Parameter Settings
# Note: If You Installed from An RPM,
# DON'T EDIT This File in Place in
# / usr / Share / OpenVPN / Easy-RSA -
# INSTEAD, You Should Copy The Whole
# Easy-RSA Directory To Another Location
# (Such As / etc / OpenVPN) So that your you
# EDITS WILL NOT BE WIPED OUT BY A FUTURE
# OpenVPN Package Upgrade.
# THIS Variable Should Point To
# THE TOP LEVEL OF THE EASY-RSA
# Tree.
EXPORT EASY_RSA = "/ ETC / EASY-RSA"
#
# THIS Variable Should Point To
# THE REQUESTED EXECUTABLES
#
export OPENSSL = "openssl"
export PKCS11TOOL = "pkcs11-tool"
export GREP = "grep"
# THIS Variable Should Point To
# The Openssl.cnf file included
# WITH EASY-RSA.
Export key_config = `/ usr / sbin / WhichOplenslcnf $ Easy_RSA`
# Edit this Variable to Point To
# Your Soon-to-Be-Created Key
# Directory.
#
# Warning: Clean-All Will Do
# A RM -RF On this Directory
# SO Make Sure You Define
# It Correctly!
export KEY_DIR = "$ EASY_RSA / keys"
# Issue Rm -rf Warning
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $ KEY_DIR
# PKCS11 Fixes
export PKCS11_MODULE_PATH = "dummy"
export PKCS11_PIN = "dummy"
# INCREASE THIS TO 2048 IF You
# ARE PARANOID. This Will Slow.
# DOWN TLS NEGOTIATION PERFORMANCE
# AS Well As The One-Time DH Parms
# Generation Process.
export KEY_SIZE = 2048
# In How Many Days Should The Root Ca Key Expire?
export CA_EXPIRE = 3650
# In How Many Days Should Certificates Expire?
export KEY_EXPIRE = 3650
# THESE ARE THE DEFAULT VALUES FOR FIELDS
# Which Will Be Placed in the Certificate.
# DON'T LEAVE Any of These Fields Blank.
EXPORT KEY_COUNTRY = "UA"
EXPORT KEY_PROVINCE = "KIEV"
Export key_city = "kiev"
Export Key_org = "OpenWRT"
Export Key_Email = "[email protected]"
EXPORT KEY_OU = "OFFICE"
Export Key_name = "KeyName"
# X509 Subject Field
export KEY_NAME = "EasyRSA"
# PKCS11 Smart Card
# EXPORT PKCS11_MODULE_PATH = "/ USR / LIB / CHANGEME.SO"
# EXPORT PKCS11_PIN = 1234
# If You'D Like to Sign All Keys With the Same Common Name, Uncomment The Key_cn Export Below
# You Will Also Need to Make Sure Your OpenVPN Server Config Has The Duplicate-CN Option Set
# EXPORT KEY_CN = "COMMONNAME"
# Note: If You Installed from An RPM,
# DON'T EDIT This File in Place in
# / usr / Share / OpenVPN / Easy-RSA -
# INSTEAD, You Should Copy The Whole
# Easy-RSA Directory To Another Location
# (Such As / etc / OpenVPN) So that your you
# EDITS WILL NOT BE WIPED OUT BY A FUTURE
# OpenVPN Package Upgrade.
# THIS Variable Should Point To
# THE TOP LEVEL OF THE EASY-RSA
# Tree.
EXPORT EASY_RSA = "/ ETC / EASY-RSA"
#
# THIS Variable Should Point To
# THE REQUESTED EXECUTABLES
#
export OPENSSL = "openssl"
export PKCS11TOOL = "pkcs11-tool"
export GREP = "grep"
# THIS Variable Should Point To
# The Openssl.cnf file included
# WITH EASY-RSA.
Export key_config = `/ usr / sbin / WhichOplenslcnf $ Easy_RSA`
# Edit this Variable to Point To
# Your Soon-to-Be-Created Key
# Directory.
#
# Warning: Clean-All Will Do
# A RM -RF On this Directory
# SO Make Sure You Define
# It Correctly!
export KEY_DIR = "$ EASY_RSA / keys"
# Issue Rm -rf Warning
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $ KEY_DIR
# PKCS11 Fixes
export PKCS11_MODULE_PATH = "dummy"
export PKCS11_PIN = "dummy"
# INCREASE THIS TO 2048 IF You
# ARE PARANOID. This Will Slow.
# DOWN TLS NEGOTIATION PERFORMANCE
# AS Well As The One-Time DH Parms
# Generation Process.
export KEY_SIZE = 2048
# In How Many Days Should The Root Ca Key Expire?
export CA_EXPIRE = 3650
# In How Many Days Should Certificates Expire?
export KEY_EXPIRE = 3650
# THESE ARE THE DEFAULT VALUES FOR FIELDS
# Which Will Be Placed in the Certificate.
# DON'T LEAVE Any of These Fields Blank.
EXPORT KEY_COUNTRY = "UA"
EXPORT KEY_PROVINCE = "KIEV"
Export key_city = "kiev"
Export Key_org = "OpenWRT"
Export Key_Email = "[email protected]"
EXPORT KEY_OU = "OFFICE"
Export Key_name = "KeyName"
# X509 Subject Field
export KEY_NAME = "EasyRSA"
# PKCS11 Smart Card
# EXPORT PKCS11_MODULE_PATH = "/ USR / LIB / CHANGEME.SO"
# EXPORT PKCS11_PIN = 1234
# If You'D Like to Sign All Keys With the Same Common Name, Uncomment The Key_cn Export Below
# You Will Also Need to Make Sure Your OpenVPN Server Config Has The Duplicate-CN Option Set
# EXPORT KEY_CN = "COMMONNAME"
/ etc / config / network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option ifname 'eth0.1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
Option Hostname 'Kyivstar'
option peerdns '0'
option dns '8.8.8.8 8.8.4.4'
config switch
Option Name 'RTL8366RB'
option reset '1'
option enable_vlan '1'
config switch_vlan
Option Device 'RTL8366RB'
option vlan '1'
Option Ports '1 2 3 4 5t'
config switch_vlan
Option Device 'RTL8366RB'
option vlan '2'
Option Ports '0 5t'
Config Interface 'VPN0'
option ifname 'tun0'
option proto 'none'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option ifname 'eth0.1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
Option Hostname 'Kyivstar'
option peerdns '0'
option dns '8.8.8.8 8.8.4.4'
config switch
Option Name 'RTL8366RB'
option reset '1'
option enable_vlan '1'
config switch_vlan
Option Device 'RTL8366RB'
option vlan '1'
Option Ports '1 2 3 4 5t'
config switch_vlan
Option Device 'RTL8366RB'
option vlan '2'
Option Ports '0 5t'
Config Interface 'VPN0'
option ifname 'tun0'
option proto 'none'
/ etc / config / firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80 :: / 10'
option src_port '547'
option dest_ip 'fe80 :: / 10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbor-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbors-advertisement'
option limit '1000 / sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000 / sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option target 'ACCEPT'
option src 'wan'
option proto 'tcp udp'
OPTION NAME '1111'
Option Dest_Port '1111'
config rule
option target 'ACCEPT'
option src 'wan'
Option Dest_Port '80'
OPTION NAME '80'
option proto 'tcp udp'
config include
option path '/etc/firewall.user'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
Option Family 'Any'
option reload '1'
config rule
Option Name 'Allow-OpenVPN-INBOUND'
option target 'ACCEPT'
option src '*'
option proto 'udp'
Option Dest_Port '1194'
config zone
option name 'vpn'
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
Option Network 'VPN0'
option masq '1'
config forwarding
option dest 'lan'
option src 'vpn'
config forwarding
option dest 'wan'
option src 'vpn'
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80 :: / 10'
option src_port '547'
option dest_ip 'fe80 :: / 10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbor-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbors-advertisement'
option limit '1000 / sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000 / sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option target 'ACCEPT'
option src 'wan'
option proto 'tcp udp'
OPTION NAME '1111'
Option Dest_Port '1111'
config rule
option target 'ACCEPT'
option src 'wan'
Option Dest_Port '80'
OPTION NAME '80'
option proto 'tcp udp'
config include
option path '/etc/firewall.user'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
Option Family 'Any'
option reload '1'
config rule
Option Name 'Allow-OpenVPN-INBOUND'
option target 'ACCEPT'
option src '*'
option proto 'udp'
Option Dest_Port '1194'
config zone
option name 'vpn'
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
Option Network 'VPN0'
option masq '1'
config forwarding
option dest 'lan'
option src 'vpn'
config forwarding
option dest 'wan'
option src 'vpn'
/ Etc / config / openvpn
config openvpn custom_config
option enabled 1
Option Config / etc / OpenVPN / OpenVPN
option enabled 1
Option Config / etc / OpenVPN / OpenVPN
/ etc / OpenVPN / OpenVPN
port 1194 # server port
Proto UDP # Connection Protocol may be TCP or UDP
Dev Tun # Tunnel Type
Settings of keyway tracks and certificates
CA /etc/openvpn/ca.crt.
cert /etc/openvpn/my-server.crt.
Key /etc/openvpn/My-server.Key.
DH /etc/openvpn/dh2048.pem.
#IP address and virtual network mask
Server 10.0.0.0 255.255.255.0.
# Select the SubNet topology, allows you to allocate the client / 32 network (in two words each client can be assigned any address from 10.0.0.2 and up to 10.0.0.255, if everything understood everything)
TOPOLOGY SUNNET.
# Redirect the default gateway to the VPN server
PUSH "REDIRECT-GATEWAY DEF1"
# We will ask the route that we pass the client and the subnet mask, so that he "saw" the OpenVPN server network
Push "Route 192.168.1.0 255.255.255.0" # Change This To Your Network
# Indicate the path where files are stored with the customer IP address settings
Client-Config-DIR / ETC / OpenVPN / CCD
# Add a route server-client
Route 10.0.0.0 255.255.255.0.
# The parameter allows you to see each other's customers
client-to-client
# Hash algorithm
AUTH MD5.
# Indicate encryption algorithm
Cipher AES-128-CBC
# Check communication every 10 seconds. If within 120 seconds there will be no answer, it is believed that the channel fell
Keepalive 10 120.
# Compression traffic vpn tunnel using LZO library
comp-lzo
# The parameter indicates not to re-read the key files when restarting the tunnel.
persist-key
This option leaves without changing the TUN / TAP device when restarting OpenVPN.
persist tun
# Specifies the path to the status file that contains information about current connections and Tun / Tap interface information.
status /mnt/sda3/openvpn/openvpn-status.log.
# Indicate log file
log /mnt/sda3/openvpn/openvpn.log.
# Level of debug information
Verb 3.
Post has been edited-SunLion- - 29.06.15, 16:55
Reason for editing: In the header
Help please, I do not know what a rake is, but the port cannot be restored through the series.
Router of the second revision, tried on this instructionhttp://portax.com.ua/f...wtopic.php?f=34&t=400,
and for thishttp://rutracker.org/f...iewtopic.php?t=4282529.Do not download the firmware file and the process does not go.
This is what I seehttps: //www.dropbox.co...22%2012.32.10.png? dl = 0
Renamed the firmware file, pointed out the catalog itself and the root of TFTPD32 - Naturally, too, does not go, and everyone, please advice, 2 weeks waited from China TV series, tormented without a router ...
Post has been editedCemenovich - 22.06.15, 13:11
Router of the second revision, tried on this instructionhttp://portax.com.ua/f...wtopic.php?f=34&t=400,
and for thishttp://rutracker.org/f...iewtopic.php?t=4282529.Do not download the firmware file and the process does not go.
This is what I seehttps: //www.dropbox.co...22%2012.32.10.png? dl = 0
Renamed the firmware file, pointed out the catalog itself and the root of TFTPD32 - Naturally, too, does not go, and everyone, please advice, 2 weeks waited from China TV series, tormented without a router ...
Post has been editedCemenovich - 22.06.15, 13:11
Cemenovich, So it can't find the code.bin file, did you put it in the server folder? In the server settings, chose the root folder?
And you used the value of the RAM 0x81000000 and it is necessary 0x80060000
Post has been editedDREDivan - 22.06.15, 13:23
And on this instruction did it toohttp://portax.com.ua/f...wtopic.php?f=34&t=400,There is just this value, the firmware lies in the root directory with the TFTPD32 program.
Now renamed the firmware file again and pointed the path, does not want to download and that's it.
https: //www.dropbox.co...22%2013.46.17.png? dl = 0
P.s firewall is turned off and not to interfere.
Post has been editedCemenovich - 22.06.15, 13:52
Now renamed the firmware file again and pointed the path, does not want to download and that's it.
https: //www.dropbox.co...22%2013.46.17.png? dl = 0
P.s firewall is turned off and not to interfere.
Post has been editedCemenovich - 22.06.15, 13:52
It was stitched in XP but somehow not to the end, in the Putty the last inscription was Starting Kernel and now there are three light bulbs on the router, I can't go through the putty, I tried to overload nothing, help please.
The log does not go and the Putty window does not withdraw anything at all. It seems the router remained in some kind of mode and does not want to go out with him.
Post has been editedCemenovich - 22.06.15, 18:02
Post has been editedCemenovich - 22.06.15, 18:02
If you launch a standard hyperterminal program (hypertrm.exe), create a new connection with the desired Som port, run, turn on the router and see the download log.
You can also with PUTTY on any Windows only in the settings you need to pick up (com-port, ANSI terminal - by analogy with the default settings of the hyperterminal).
And the hyperterminal can be copied to 7 and enjoy (+ copy a file next to Hypertrm.exe from the Windows / System32 xp).
Post has been editedbizonUa - 22.06.15, 18:12
You can also with PUTTY on any Windows only in the settings you need to pick up (com-port, ANSI terminal - by analogy with the default settings of the hyperterminal).
And the hyperterminal can be copied to 7 and enjoy (+ copy a file next to Hypertrm.exe from the Windows / System32 xp).
Post has been editedbizonUa - 22.06.15, 18:12
Athrs_SGMII_RES_CAL: CAL VALUE = 0x1
No valid address in Flash. Using fixed address
No valid address in Flash. Using fixed address
ATH_GMAC_ENET_INITIALIZE: RESET MASK: C02200
Scorpion ---->S17 PHY *
Athrs17_Reg_init: Complete.
: CFG1 0x80000000 CFG2 0x7114
eth0: ba: be: fa: ce: 08: 41
eth0 up
Athrs17_reg_init_wan Done
SGMII IN FORCED MODE
Athr_gmac_sgmii_setup SGMII Done
: CFG1 0x800c0000 CFG2 0x7214
eth1: ba: be: fa: ce: 08: 41
eth1 up
eth0, eth1
Setting 0x18116290 to 0x50a1a14f
AUTO UPDATE FIRMWARE: is_auto_upload_firmware = 0!
Autobooting in 1 seconds
## Booting image at 9f020000 ...
Uncompressing Kernel Image ... OK
Starting kernel ...
No valid address in Flash. Using fixed address
No valid address in Flash. Using fixed address
ATH_GMAC_ENET_INITIALIZE: RESET MASK: C02200
Scorpion ---->S17 PHY *
Athrs17_Reg_init: Complete.
: CFG1 0x80000000 CFG2 0x7114
eth0: ba: be: fa: ce: 08: 41
eth0 up
Athrs17_reg_init_wan Done
SGMII IN FORCED MODE
Athr_gmac_sgmii_setup SGMII Done
: CFG1 0x800c0000 CFG2 0x7214
eth1: ba: be: fa: ce: 08: 41
eth1 up
eth0, eth1
Setting 0x18116290 to 0x50a1a14f
AUTO UPDATE FIRMWARE: is_auto_upload_firmware = 0!
Autobooting in 1 seconds
## Booting image at 9f020000 ...
Uncompressing Kernel Image ... OK
Starting kernel ...
I have now tried to enter TPL Putti waiting for a team, but why did he put in this regime, and not stitched?
So he writes that it cannot find a new firmware -
After successfultpl for 2 revisions Enter (code.bin - the name of the new firmware)
Post has been editedbizonUa - 22.06.15, 18:41
Cemenovich @ 06/22/2015, 17:15
AUTO UPDATE FIRMWARE: is_auto_upload_firmware = 0!
After successfultpl for 2 revisions Enter (code.bin - the name of the new firmware)
TFTPBoot 0x80060000 Code.bin.
erase 0x9f020000 + 0x7c0000
cp.b 0x80060000 0x9f020000 0x7c0000
bootm
erase 0x9f020000 + 0x7c0000
cp.b 0x80060000 0x9f020000 0x7c0000
bootm
Post has been editedbizonUa - 22.06.15, 18:41
©savagemessiahzine.com2005-2021 All rights reserved.
savagemessiahzine.com®- registered trademark.
Terms of Use | Denial of responsibility | Advertising placement
savagemessiahzine.com®- registered trademark.
Terms of Use | Denial of responsibility | Advertising placement