Then the problem is at your Windows machine, like I said. The fact that u can reach other machines proves it.

But this is with all 10 of my windows systems, what does openvpn do with the traffic ping and browse.. unless I know how it is routing the traffic it is hard to track it down and I cannot see in the firewall logs that anything is being blocked on the windows systems.. this seems to be a problem with openvpn and windows systems using a tune interface.  My ppptp works fine and I can ping and communicate just fine when using that VPN so I know it is not the windows systems blocking imp and other traffic, it only has issues when I involve openvpn. Do you have a log of what openwrt does with the traffic?,

I am just having issues tracking this down since I am not see any blocked messages on the windows systems.

Laptop at home able to ping all systems
Laptop at coffee shop using pptp can ping all systems
Laptop at coffenshop using open VPN, cannot ping systems that have firewall on.

This shows openvpn is doing something a little different than pptp that I am missing but since I am not used to open VPN I have no idea of what it does different that would cause it not to work

Looking this up there seems to be some common issues with openvpn and windows firewall blocking the traffic, this may not be a big issue for non windows users but does break functionally for windows users

(Last edited by wesleyhey on 26 Jun 2014, 03:09)

It does not do anything with the traffic whatsoever, it's simply routed over a layer 3 tunnel (TUN) and traverses the normal routing table at the router. If you see the ICMP at tun0 then you should also see an ARP request on br-lan followed by the ICMP request. There is absolutely no difference if the receiving end is a Linux machine, or if it's running Windows or OS/2 Warp for that matter. Did you not see the ICMP request on br-lan when doing tcpdump?

You are way too quick to draw conclusions, based on misinterpreting stuff you find on the web. Your PPTP tunnel, is it terminated at the OpenWRT router too? What IP range are the clients assigned to?

There are ways to turn on logging in the VPN/LAN zone if you so wish, but there is a default ACCEPT rule for the FORWARD chain so there should be no packet filter stopping you there.

I'm sure people have all kinds of problems with the Windows firewall, but I assure you there is no incompatibility whatsoever with the VPN or the TUN interface. The packets are forwarded untouched.

Do you use static or DHCP assigned addresses on the Windows machine?

Keep in mind that I am using the same configuration as you, and I can connect fine to services on Linux, Mac OSX, I can control my Samsung TV and my Denon receiver through UPnP. TCP/IP is a standard, your issue can be solved 100%.

(Last edited by arokh on 27 Jun 2014, 09:34)

i have used nearly every version of the .img files with them all timing out when using TFTP and the Netgear GUI
do I need to get the early release of the netgear firmware 1.0.0xxx which does not do a code check.
eitherway there should be no reason why the TFTP doesnot work
I get the router in the mode where the power and one other light are alternatly flashing
not sure what is going on , i have followed all the instructions without any success.
please help before the router becomes a expensive frizzbe
\Ken

TFTP only works in the special recovery mode. But that mode has been 100% foolproof so far, because it is not overwritten by the firmwares. I have recovered my 3700/v2/3800 routers dozen times with that. But you need to get the process exactly right (e.g .check you PC's IP address and set it to fixed 192.168.1.2 etc.): http://wiki.openwrt.org/toh/netgear/wnd … lsafe.mode

Which router do you exactly have? Normal 3700v2? or the -NA North America version? or -CH China(?) version?
Are you currently running Netgear GUI?
Have you ever been able to flash and run an Openwrt build?

Hi mate,

Been using your firmware for a while. VPN works fine, unsure why the guys above are running into issues.

The only thing I have seen, which isn't a huge deal, but sort of annoying, is that IPv6 leases aren't showing up in the list any more.. (i.e. list of current IPv6 leases).

I tried an alternative OpenWRT firmware and found that the leases show fine in that. So I tried your latest firmware, fresh to defaults and I'm still finding I have the same issue

Have you noticed this on your end as well?

Thanks for the confirmation, it works when I test from clean install as well so there is definitely something at his Windows installations.

About the lease issue, this is probably broken by me. I changed the default placement of the leasefile from /tmp/hosts/odhcpd to /tmp/odhcpd.leases. Looks like the old location is hardcoded in status.lua that's why the leases won't show. I think I changed it because /tmp/hosts is also the place where dnsmasq looks for addn-hosts but it doesn't really matter.

I'll fix it in the next build, but you can change it back like this:

# uci set dhcp.odhcpd.leasefile=/tmp/hosts/odhcpd && uci commit && /etc/init.d/odhcpd restart

(Last edited by arokh on 27 Jun 2014, 18:58)

VPN is working fine for me, although it is very slow (12Mbps when I should be getting 55Mbps when using VPN over LAN)

Did you try with my 800MHz OC build? I got faster results than that but didn't do any extensive benchmarking. Remember that you're running an encrypted SSL tunnel with compression on a router with MIPS cpu. If you don't care about security you can disable encryption for the data traffic and probably get much better results as well.

(Last edited by arokh on 27 Jun 2014, 19:01)

Thanks - Leases are now back on the status page.

Also, out of curiosity, have you ever managed to get Multicasting to work correctly? It's required for things like iTunes wifi sync, but I can't seem to perfect it. I managed to get igmpproxy to get the traffic across and allow me to "see" my iPhone in iTunes, but the moment you try and sync, it would fail. Not sure if it's a multicast issue, or something else.

(Last edited by aarontnz on 28 Jun 2014, 01:27)

it is the normal 3700v2 (Australian

does anyone have the earlier version of the netgear factory firmware, the version that does not check the file as it is being loaded up ( v1.0.0.12 or lower)

when i try to load any of the .img files i get timeout errors .

Have you tried going through the TFTP method? That should let you flash OpenWRT no issues.

yes i did try that , it keeps timing out

@aarontnz

Yes, multicast should be working across VPN. I'm using smcroute now btw, it's handled by a hotplug script when the tun0 interface comes up/down so no need for igmpproxy. I moved away because igmpproxy seemed to have some bugs when it created mcast routes and was spamming the log.

Don't know why you can't sync with iTunes though, could be something else not sure. Let me know if you find out

First of all thank you for all the work. I have been reading and using a lot of your work !

But now I keep running into the fact that I do not seem to be able to let my router transmit at 30 dBm / 1000 mW. I have two wndr3700 v2's and neither one is willing to remain at the highest output power.

Yes I installed from scratch without preserving settings.
Yes I am at world 00
Yes it is set to 30 but falls back to 26
I use scheduled tasks/cron to restart the router daily and I switch off wifi overnight

Right now I set it to 29 and it runs at 28.

Would any of you guys have an idea what could be causing this ?

PS: sorry that I pop in like this with my first post. I hope I do not offend anyone, it is surely not my intention to do so.

(Last edited by oo00I00oo on 28 Jun 2014, 18:16)

Don't sweat it, from what I've read these routers are not really transmitting at 30dbm anyway, it's reporting falsely that it does. The real value is much lower and hardcoded apparently.

Okay.... I did read that before, but thank you for confirming !

The maximum TX power must be hardcoded into the firmware. The highest I've gotten it to go is  24dBm on 5Ghz, and 26 on the 2.4Ghz radio.

My v1 says 30dbm on all channels when I'm on 00. I think as long as you got the channels you need then it's as good as it gets.

Hello, how are the predefined services on QoS working ?
Are they specific to their name and should be left to all protocol/no ports or they should be combined ?

I also don't understand what is the "Number of bytes" field and looking for it on google mostly show people raw copy pasting the QoS menu. Is that for forcibly throttle ?

In "Network>Firewall>WAN to LAN>Port Forwards" it seems i'm not able to create one rule to forward two ports, i can forward one port, one range, but not two prots (for example 4000&6112). I tried with "4000,6112" as i tough it was this way but it seems i'm wrong. (Maybe it's that way and possible, but the GUI don't allow it ?). QoS allow to use "," to set multiples ports on the GUI.

I tried to add custom hosts on the router and set router's ip as DNS server on computer, but custom hosts weren't used until i added a DNS forwarding to 127.0.0.1 for my custom hosts. Is it how it is supposed to work or did i missed something ?

Probably dumb questions, first time using LuCI GUI.

Regards

(Last edited by Magissia on 29 Jun 2014, 07:12)

If I set it to 30 then sometimes it stays at 30 ( in most cases I would have to switch the WORLD to US and vise versa), but after the wireless off (scheduled task) at night it comes back with the actual transmit at 26 where the setting is 30.

Now it is on world and 29, the outcome is a stable 28 (even after the night).

I will do a little test with a wifi-monitor to see if the settings make a difference in transmit power and I will report back. If that is interesting to you that is.........

Indeed........you are right! It is not making any real difference.......

@Magissia

I don't use it myself but from what I understand the default qdisc in barrier breaker fq_codel is supposed to handle everything for you by default. Just enable QoS and set your speeds and it should get latencies down while using the pipe.

(Last edited by arokh on 29 Jun 2014, 18:00)

I just wanted to post my thanks for this build.  I love it.  It has everything I need right out of the box.

Thank you SO MUCH!!!

Kurt

Good to hear