1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

[solved] AC66UB1 + 348.10_beta2 Reboot cycling from OpenVPN certs, aka nvram overflow

Discussion in 'Asuswrt-Merlin' started by dugaduga, Mar 19, 2019.

  1. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    Had some issues with OpenVPN, after rebooting to see if this would rectify the issue, it went into an infinite boot loop; Factory default/reset button doesn't change that. I cannot access the router at all. Looks like the latest firmware bricked my AC66U B1 [nope, way off]


    Anyone know how to stop the infinite boot cycle and re-flash this thing ?
     
    Last edited: Mar 19, 2019
  2. OMNI619

    OMNI619 Regular Contributor

    Joined:
    Feb 3, 2018
    Messages:
    92
    Turn off the router by pressing the power button then push the reset button and power on the router both buttons needs to push at same time and reflash firmware using the Asus Restoration firmware tool or using mini web server forgot to tell you once both button have been pushed at Same time power led will keep blinking hold reset button for about 15 to 30 seconds

    Sent from my SAMSUNG-SM-G920AZ using Tapatalk
     
    dugaduga likes this.
  3. bbunge

    bbunge Very Senior Member

    Joined:
    Aug 11, 2014
    Messages:
    820
    Location:
    Pennsylvania USA
    Just rebooted my AC66U_B1 on 384.10 beta 2. Came right back up. No issues.

    Recommend you use the firmware restore tool with the router in recovery mode. Try a reset using the WPS button from a power off first.
     
    dugaduga likes this.
  4. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    29,797
    Location:
    Canada
    Reflashing will not change anything IMHO, since the router was succesfully running the firmware. He's most likely facing nvram corruption.

    My own RT-AC66U_B1 had nearly full nvram when I tested it earlier today, so my guess is that's what caused his problem. He'll need to wipe out nvram to regain access.
     
    dugaduga and OMNI619 like this.
  5. bbunge

    bbunge Very Senior Member

    Joined:
    Aug 11, 2014
    Messages:
    820
    Location:
    Pennsylvania USA
    My NVRAM usage 52611 / 65536 bytes

    Then a reset using WPS button is the way to go... And reformat /jffs
     
    dugaduga likes this.
  6. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    RMerlin was absolutely 100% correct; I confused wps with reset, didn't even know it existed and hitting that I can see everything is good now! Sorry about that RMerlin, and thank you for all the support!
     
  7. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    Cleared NVRam Cache, formatted jffs,

    No other scripts at all, no openvpn clients,
    NVRAM usage 52000 / 65536 bytes
    With one openvpn client+cert (no other scripts)
    NVRAM usage around ~57000 / 65536 bytes
    With two openvpn clients+certs: (no other scripts)
    NVRAM usage 62604 / 65536 bytes

    That is a roughly ~5000 kb increase per opvn, exact size as the openvpn certificate authority.
    Cache does not go down after disabling the second client, even after rebooting.
    After deleting the certificate and rebooting Nvram showed:
    NVRAM usage 62587 / 65536 bytes
    Update: After formatting jffs again, NVRAM usage 62607 / 65536 bytes
    I suspect trying more than 2 clients/ certs went over the nvram limits previously.
    I was not able to to start a second client even within the NVRam limit.
     
  8. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    Before adding 3rd client
    NVRAM usage 62315 / 65536 bytes
    After adding 3rd client (no cert yet)
    NVRAM usage 62318 / 65536 bytes
    After adding cert:
    65534 / 65536 bytes

    cert nvcache its passed on with cfg files even with no certs in jffs, the certs are not visible in the openvpn configuration gui or jffs. that aint going back down until i clear the nvcache with wps; unless you know of some command or openvpn directive to help that process to eliminate old unused certs from cache, would be nice to see compression here.

    I'm going to do a nvclear reconfigure from scratch again and configure only one single openvpn client until this is fixed.
     
  9. bbunge

    bbunge Very Senior Member

    Joined:
    Aug 11, 2014
    Messages:
    820
    Location:
    Pennsylvania USA
    Looks like your certs are going to NVRAM. Had this issue some time ago with server certs which I solved by moving them to /jffs manually. I thought the newer firmware put the certs in /jffs automatically?

    Sent from my SM-T380 using Tapatalk
     
  10. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    8,479
    Maybe its time to do a full M&M Config (see my signature for links below) and not use saved config files?

    Even maybe using the WPS NVRAM erase steps, formatting the jffs on next reboot and re-flashing the latest firmware onto the router (even if it is the same version as what is currently installed). Followed, of course, by a minimal and manual configuration to secure the router and connect to your ISP.
     
  11. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
     
  12. maxbraketorque

    maxbraketorque Very Senior Member

    Joined:
    Dec 6, 2015
    Messages:
    510
    Does this bug happen across all routers?
     
  13. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    29,797
    Location:
    Canada
    Yes. However you won't notice it unless you are low on free nvram space.
     
    dugaduga likes this.
  14. maxbraketorque

    maxbraketorque Very Senior Member

    Joined:
    Dec 6, 2015
    Messages:
    510
    Thanks.
     
    dugaduga likes this.
  15. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    190
    Do take note on how to clear your NVcache of stagnant certs:

     
  16. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,046
    Location:
    UK
    You mean NVRAM not NVcache.;)