Recent content by DigitizedMe

Thank you very much for taking the time to provide quick insight and suggestions! I can do the DDNS updates directly from the web server to update the AAAA record with it's dynamic GUA. Of course, the only issue being the complexity of dynamically updating the firewall on the router for the...

@ZebMcKayhan, I think I might be coming across the same issue with the traffic refusing to route. I can see packets being captured, but web pages and Plex won't load on an external client. Hopefully you have a second to help a novice out. I'm excited for this functionality. I've been waiting...

@i0ntempest, thanks for sharing this! I've been looking at doing something similar for quite a while. I was waiting for the ip6tables upgrade to 1.4.18+ to do this. I'm interested in how you setup the ULA assignment? Did you use a script on the router or on the server itself?

If I've learned anything, it's to come with questions and offer possible solutions! It looks like the ASN.1 error might be resolved with the newest strongSwan version 5.9.14. Falling down the rabbit hole a little bit, this most likely has to do with an RSA_PSS validation error. The fix would be...

Hopefully this is a quick one, and there's a config or script in JFFS I can modify to customize Let's Encrypt to pull both ECDSA and RSA certs, or just RSA? Then I can use RSA in my ipsec.postconf, insead of the ECDSA located in the in the /jffs/.le/hostname_ecc directory. Now that Let's...

Since Google domains is dropping support for DDNS and moving everything to Squarespace, I transferred my domains to Cloudflare. I wanted to confirm this works great for me for both IPv4 and IPv6! Thanks for sharing your inadyn config!

Thanks for the reminder. Sent a few cups myself. I can't thank him enough for his ongoing maintenance.

Immediately after a dirty flash of 386.1 beta 5, I got a pop-up notification that my LE cert renewed and verified it on crt.sh. After 3 months pass it would always get stuck authorizing. This took no extra processing on my part. I didn't delete my jffs/.le directory or my domain folder inside...

I'm still having to delete the domain.key every 3 months for a Let's Encrypt cert renewal. With the upgrade to 386.1 beta, and the built in IKEv2 and Instant Guard support, I started to explore using the ASUS cert for IKEv2 as an alternative. I exported the router signed IKEv2 certificates and...

FYI for anyone using a custom ipsec.conf. It must be removed for Instant Guard to work. I guess this is obvious since Instant Guard is dependent on IKEv2. I (and many others) used the ipsec.conf script from https://www.snbforums.com/threads/asus-ipsec-vpn-server.44973. What would be nice is to...

Can someone post the jffs/scripts/ipsec.conf file after the update? I only did a dirty upgrade with my old ipsec.conf in place. I'd like to use the new ASUS certificates with the default IKEv2 support that has certs which don't expire until 2026! I had previously modified my ipsec.conf to be...

After testing for a week, I can confirm it is NOT BitLocker. Although it does appear to be related somehow, the forced restarts began to happen over time and are now persistent again with BitLocker entirely disabled. It has to be something with the virtual TAP adapter on this specific Dell...

I ran my trusty N66U for a pretty long time with Merlin and OpenVPN TAP too. Tried and true. I have been using IPSEC with the AX88U to take advantage of the coprocessor with crypto acceleration. I hadn't used OpenVPN in about a year and tried to switch back and kept crashing the router at home...

Following up for future use. This is now a bug report with OpenVPN. The culprit appears to be BitLocker drive encryption enabled on a Windows 10 PC using TAP. https://community.openvpn.net/openvpn/ticket/1339#ticket I found I could not knock the router out by connecting with any other devices...

I'm fishing around to see if anyone else has ran across something similar using an AX88U as a TAP OpenVPN server. I can't pin down when it started happening, but I can verify it didn't knock the router out in the past. When I try to connect home with a Windows 10 client with the latest version...