Skip directly to content

ASUS AC1900 T-Mobile CellSpot dd-Wrt

imammal's picture
on Mon, 01/01/2018 - 22:18

Comments

imammal's picture

https://www.bestvpnz.com/how-to-set-up-an-openvpn-client-on-tomato-based...

 

In this tutorial I will be using an Advanced Tomato router to demonstrate how to set up an OpenVPN client that will encrypt all outgoing Internet traffic on your LAN

imammal's picture

This guide was written to help flash a new CFE (Common Firmware Environment - aka "bootloader") to the TMobile TM-AC1900 router. This router shares the same hardware as the very popular and powerful Asus RT-68U routers but has a different firmware and different CFE bootloader. By changing the CFE (and in cases the firmware - more on that later) the TM-AC1900 can be unlocked to various firmware updates, including third party firmwares (Tomato-ARM, DD-WRT, AsusWRT by Merlin) or can even be turned into a fully functional Asus RT-AC68U using original Asus firmwares.
 

 

https://slickdeals.net/forums/showpost.php?p=73690012&postcount=3895

 

imammal's picture

The only reason we're downgrading is because the newer firmware removes the ability to enable ssh/telnet - except, what is easier - remove the actual functionality from the firmware or just hide the buttons/checkboxes/gui items? Ding! It's just hidden on the latest firmware...

https://www.snbforums.com/threads/t-mobile-cellspot.19435/page-7#post-15...

 

imammal's picture

Notice the timestamp on those log entries! Your router doesn't have the time set correctly, so the certificate can't be validated.

https://www.dd-wrt.com/phpBB2/viewtopic.php?p=881427

imammal's picture

the best NTP field to enter is probably always pool.ntp.org, so it just anycasts to the nearest public NTP server

https://arstechnica.com/civis/viewtopic.php?t=1111921

 

imammal's picture

A ‘Wireless Ethernet Bridge’ works very similar to ‘Wireless Client’ mode. The main difference being how you configure the subnets. As with ‘client’ mode, it doesn’t matter if you have administrative rights to the router, or what kind of router it is for that matter. However, it is recommended that you do have administrative rights to the router when using this mode for an Ethernet bridge.

https://learntomato.com/setup-wireless-ethernet-bridge-on-tomato-router/

 

imammal's picture

Have you ever wanted to create two simultaneous wireless networks in your home? Do you love the benefits of subscribing to a VPN provider but would like to be able to switch between your regular, local ISP connection with the option of quickly switching to a immediately available, already configured VPN connection? May we introduce the DD-WRT VPN Wireless VPN Repeater.
 

https://www.flashrouters.com/blog/2011/09/28/using-a-wireless-repeater-a...

asus ac68u repeater vpn

imammal's picture

"check your client certificate is correct .."

https://forums.openvpn.net/viewtopic.php?t=21255

 

imammal's picture

When running in ldap user / pass mode, I am unable to connect and the openvpn logs show:
 

https://forum.pfsense.org/index.php?topic=33052.0

 

 
TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate
 
imammal's picture

I wanted to pose a scenario to the folks here on this forum and get feedback on various ways the experts here go about avoiding this potential trap. 

Say the User is using an Asus RT-AC66U that runs the popular Tomato Shibby firmware ver 1.28. If said User goes thru the steps to configure a VPN connection and chooses to "Exclusively" accept the DNS configuration of the VPN provider while the tunnel is UP, in theory, all of their DNS requests should go thru the tunnel and be returned using the same path. BUT, here's the rub......
 

https://www.wilderssecurity.com/threads/misunderstandings-about-vpns-dns...

 

 

imammal's picture

You could simply synchronize the time using ntp right before your are starting the connection

https://unix.stackexchange.com/questions/115563/how-to-ignore-certificat...

Post new comment