Ditto here.
↧
Reply To: Wifi Sometimes Keeps Turning Off and On….
↧
Reply To: Open VPN not staying active
Only solution I found is to run a reconnect script as cronjob.
Search” vpn reconnect script” for the thread.
↧
↧
Reply To: Using MT300N-v2 wirelessly with VPN
I don’t know change <span style=”background-color: #f9f9f9; color: #222222; font-family: monospace, serif; font-size: 14.6667px; white-space: pre-wrap;”>lon.uk.torguardvpnaccess.com to </span><span style=”color: #222222; font-family: monospace, serif;”><span style=”font-size: 14.6667px; white-space: pre-wrap;”>5.133.176.8</span></span>. TorGuard provide the VPN config file for your router. Are there tools I can use to edit this file or is the address set up elsewhere?
↧
Reply To: Looking for a proxy solution
I ended up installing squid and configured it to use upstream proxy with credentials. It seems to be working fine if I configure each client to use proxy at 192.168.8.1:3128 port.
I am still looking into configuring squid to work as a transparent proxy.
↧
Reply To: Web UI on latest 2.263 build seem broken
If I use the URL using router’s IP address, it is working fine. In my case, I connect to web interface using its wan ip address http://10.88.77.66:8080/cgi-bin/luci, it doesn’t work.
It looks like a bug to me. The Luci interface doesn’t understand if the address has a port number embedded in it like I have (i.e. :8080).
Other option is to make the web server bind to port 80 on wan as well as lan interfaces. I don’t know how to do that.
Thanks
↧
↧
Reply To: Do you manufacture FLAT devices any more?
I totally agree with projects – flat cases have substantial advantages over cases with a curved top. And so I would also be very happy, if something like the AR150 could be produced with a flat case. I am very happy to see that the AR750 which I use for dual band applications, has a flat case again.
↧
Reply To: GL-MT300A can't reset to uboot, can't reset to factory
I have the exact same problem with my new GL-MT300A.
– Reset button does absolutely nothing, holding it for 3 seconds or 10 seconds ( according to the manual) , nada..
– It doesn’t provide an IP address over DHCP on the LAN port
– It doesn’t broadcast anything on WiFi.
Completely dead, except it does pass-through WAN-LAN, but that doesn’t help me much.
Since factory reset doesn’t work, how do I a firmware flash/update when I don’t have access to it?
Can it be done with a USB stick?
-
This reply was modified 22 hours by
CMagnusJ.
↧
Reply To: Mifi Connection to Google Project Fi
It’s just a SIM card – you can get a SIM card, activated, that works on T-Mobile networks data-only. Setup instructions are here – https://support.google.com/fi/answer/6330195?hl=en , which tell you what APN to select. I can’t get it working even with the normal T-Mobile setup.
↧
Reply To: GL-MT300A Openconnect how to ?
Hi, I have a GL-MT300A router with the latest official firmware of GL-Inet, I’m using the wan port connected to a LAN port of the main router, I have opened port 443 on the main router pointing to the dynamic address obtained in MT300 ( 192.168.1.x). the clients that I have used are in android (AnyConnect-OpenConnect), Win7, Win10; Linux Mint Mate
—OCSERV GL-MT300A—
first of all create a free account on no-ip.com then register a hostname to be used in OpenWrt.
—softwares:
ddns-cripts_no-ip_com
updated-mod-noip
nano
luci-app-ddns
luci-app-ocserv
ocserv
—configuration ddns no-ip:
(Services-Dynamic DNS)
add a name for account ddns.
Enabled: yes
Lookup Hostname: example.no-ip.com
IP address version: IPv4-Address
DDNS Service provider [IPv4]: no-ip.com
Hostname/Domain: example.no-ip.com
Username: example@gmail.com
Password: passwordaccountno-ip
||| Advanced Settings tab
IP address source [IPv4]: URL
URL to detect [IPv4]: http://checkip.dyndns.com
Event Network [IPv4]: wan
|||Timer Settings
Check Interval: 10 minutes
Force Interval: 6 hours
Save and apply.
—configuration OpenConnectVPN:
(Services-OpenConnectVPN)
User Authentication: plain
Firewall Zone: lan
port: 443
AnyConnect client compatibility: yes
VPN IPv4-Network-Address: 192.168.8.51
VPN IPv4-Netmask: 255.255.255.5
-DNS servers
192.168.1.1
192.168.8.1
-Routing table
192.168.1.0 255.255.255.0
192.168.8.0 255.255.255.0
|||Edit template tab(default-domain _important_):
isolate-workers = false
# A banner to be displayed on clients
banner = “Bienvenidos a mi OpenWRT Server ;-)”
# When the server has a dynamic DNS address (that may change),
# should set that to true to ask the client to resolve again on
# reconnects.
listen-host-is-dyndns = true
# Uncomment this to enable compression negotiation (LZS, LZ4).
|COMPRESSION|compression = true
# The default domain to be advertised
default-domain = example.no-ip.com
# The domains over which the provided DNS should be used. Use
# multiple lines for multiple domains.
split-dns = example.no-ip.com
||| Add User un Users tab.
Save and apply.
—Network Firewall Menu(traffic Rules tab:
||| Traffic Rules tab:
name: Ocserv
Protocol: TCP+UDP
Source zone: wan
Source mac address: any
Source address: any
Destination zone: Device(input)
Destination address: any
Destination port: 443
Action: accept
||| Custom Rules tab:
force_dns() {
# lanip=$(ifconfig br-lan |sed -n ‘s/.*dr:\(.*\) Bc.*/\1/p’)
lanip=$(uci get network.lan.ipaddr)
iptables -t nat -A PREROUTING -s 0/0 -p udp –dport 53 -j DNAT –to $lanip
iptables -t nat -A PREROUTING -s 0/0 -p tcp –dport 53 -j DNAT –to $lanip
}
force=$(uci get glconfig.general.force_dns)
if [ -n “$force” ]; then
force_dns
fi
iptables -A input_rule -i vpns+ -j ACCEPT
iptables -A forwarding_rule -i vpns+ -j ACCEPT
iptables -A forwarding_rule -o vpns+ -j ACCEPT
iptables -A output_rule -o vpns+ -j ACCEPT
Save and apply.
— Edit /etc/sysctl.conf over ssh or telnet.
nano /etc/sysctl.conf
Add:
net.ipv4.conf.all.proxy_arp=1
Then type sysctl -p to reload the configuration.
This is works form me, sorry for my spanglish. Good luck.
↧
↧
Reply To: GL-MT300A Openconnect how to ?
Hi Juanesf,
Thank you for your very complete reply but I think you made a server.
I would like to use my GL-MT300A as a VPN router using openconnect protocol.
The country where I’m living use Deep Packet Inspection and all the VPN’s protocol are blocked except openconnect.
I’d just to configure my openconnect client on the router.
Yann.
-
This reply was modified 14 hours by
Yann.
↧
Reply To: Open VPN not staying active
Good news guys. PIA support has helped me out. Below is what they said…I used the no auth version and it works great.
—-
<span style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;”>Unfortunately, I believe you’ve encountered an OpenVPN bug — essentially, OpenVPN caches your auth token, and if you’re issued a new IP by your ISP, this cached token becomes invalid and the connection drops instead of renegotiating. You may be able to fix this by adding one of two options (try the first, if it doesn’t work out for you, then try the second) to your OpenVPN config. </span><br style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;” /><br style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;” /><span style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;”>The first option you should try is this:<span class=”Apple-converted-space”> </span></span><code style=”color: #2b2e2f; text-size-adjust: auto; background-color: #f8f8f8; border: 1px solid #eaeaea; font-family: Consolas, Menlo, Monaco, ‘Lucida Console’, ‘Liberation Mono’, ‘DejaVu Sans Mono’, ‘Bitstream Vera Sans Mono’, ‘Courier New’, monospace, serif; font-size: 13px; margin-right: 2px; margin-left: 2px; padding: 0px 5px; white-space: pre-wrap;”>auth-nocache<br style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;” /><span style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;”>This instructs the client to not cache an auth token, and can resolve the issue on some routers, depending on what options are hardcoded. </span><br style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;” /><br style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;” /><span style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;”>The second option to try is this:<span class=”Apple-converted-space”> </span></span><code style=”color: #2b2e2f; text-size-adjust: auto; background-color: #f8f8f8; border: 1px solid #eaeaea; font-family: Consolas, Menlo, Monaco, ‘Lucida Console’, ‘Liberation Mono’, ‘DejaVu Sans Mono’, ‘Bitstream Vera Sans Mono’, ‘Courier New’, monospace, serif; font-size: 13px; margin-right: 2px; margin-left: 2px; padding: 0px 5px; white-space: pre-wrap;”>pull-filter ignore “auth-token”<br style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;” /><span style=”color: #2b2e2f; font-family: ‘Lucida Sans Unicode’, ‘Lucida Grande’, Tahoma, Verdana, sans-serif; font-size: 14px; text-size-adjust: auto;”>This instructs the client to ignore the auth token altogether, and depending on firmware, some users find this more effective than auth-nocache. </span>
————
↧
Reply To: Mifi not booting with Sim card
Is there a way to test if my Mifi has a faulty modem or a faulty sim holder?
↧
Reply To: GL-MT300A Openconnect how to ?
Hi Yann.
OpenConnect-based VPN Solutions
You may setup openwrt as an OpenConnect VPN client or server. This is a protocol based on SSL/TLS and datagram TLS and is compatible with CISCO’s AnyConnect SSL VPN.
Client side requirements:
openconnect: Follow for instructions to configure without luci interface
luci-proto-openconnect
Server side requirements:
ocserv
luci-app-ocserv
A How-To for the server setup.Note: the instructions include comments on the Github advice which might not work for some. In addition, the instructions are for a FULL tunnel setup.
—————–
The openconnect client expects to be configured using the uci interface.
To setup a VPN connection, add the following to /etc/config/network:
config interface ‘MYVPN’
option proto ‘openconnect’
option interface ‘wan’
option server ‘vpn.example.com’
option port ‘4443’
option username ‘test’
option password ‘secret’
option serverhash ‘AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25’
option defaultroute ‘0’
option authgroup ‘DEFAULT’
# For second factor auth:
# when a fixed 2FA password can be used
#option password2 ‘my-fixed-2fa-password’
# RSA tokens, must be built with stoken support
#option token_mode ‘rsa’
#option token_secret ‘secret’
# HOTP/TOTP tokens
#option token_mode ‘hotp’
#option token_secret ’00’
# tokens from script
#option token_mode ‘script’
#option token_script ‘/lib/custom/getocpass.sh’
# Juniper vpn support
#option juniper ‘1’
The additional files are also used:
/etc/openconnect/user-cert-vpn-MYVPN.pem: The user certificate
/etc/openconnect/user-key-vpn-MYVPN.pem: The user private key
/etc/openconnect/ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
After these are setup you can initiate the VPN using “ifup MYVPN”, and
deinitialize it using ifdown. You may also use the luci web interface
(Network -> Interfaces -> MYVPN Connect).
Note that you need to configure the firewall to allow communication between
the MYVPN interface and lan.
There is a luci plugin to allow configuring an openconnect interface from
the web environment; see the luci-proto-openconnect package
↧
↧
Reply To: Open VPN not staying active
Well, neither of those solutions will work effectively (as reported in this thread):
BUT congratulations on being only the second person in history to get a reply from PIA support!
-
This reply was modified 8 hours by
Glitch.
↧
Reply To: GL-MT300A can't reset to uboot, can't reset to factory
Thanks for reply CMagnusJ at least I am not only one affected.
Thanks for info alzhao, however nothing works that you suggested, no ssid – I will try to find hidden ssid when I get home.
Is there a way to flash image via some pins on board? FTDI cable?
↧
Access to filesystem without ssh
Hi, i have a curiosity,
If i disable ssh access, is there any method to access to files or i need to reflash?
↧
Reply To: GL-MT300A can't reset to uboot, can't reset to factory
I have purchased numerous GL-MT300A and M devices for configuration and selling on to my customers and I have not had any problems so far.
New and straight out of the box it should come up as a router with the lan port and wifi running dhcp on the 192.168.8.x subnet.
If “Out of the Box” this is not the case then most likely you have a rare faulty device.
In my own development I bricked and recovered many times. Remember you must connect your pc to either port but set your pc to the static address of 192.168.1.2 otherwise the uboot ui it will not work.
↧
↧
Reply To: Access to filesystem without ssh
SSH, or Secure SHell, only gives you a terminal connection and not direct file system access.
For file system access, the best way is to install an sftp server and use an sftp client on your pc.
↧
Reply To: Looking for a proxy solution
thanks for the update, good to know
↧
Reply To: Open VPN not staying active
The first option “auth-nocache” is not a good solution. If you use usename and password, when openvpn connection is broken, it will not connect. I met this problem before and I have to remove this option.
The second option I didn’t try. But hopefully this solves the problem.
↧