Recent Forum Posts
From categories:
page »

Just F.Y.I. I got this issue with D-link DIR-865L use a build based on Version 1.28. issue solved by go to Advanced -> MAC Address, click "Clone PC" for "WAN Port" and save.

Tomato Firmware 1.28.0000 MIPSR2-140 K26 USB AIO
Netgear WNR3500L v2

Color selected Blue & Orange
In Bandwidth
Rx Bleu
Tx Orange
But the graph t's the opposite

In IP-Trafic Real-Time
Rx Bleu
Tx Orange
In the graph is correct.


Mr Glloq

Im in need of help configuring my router with multiple wan ips. I have 5 Public IPs and used one for the router. But I need to configure another one for a pass-thru. Basically, I just want to static a firewall with the second public IP and the router just lets the traffic thru. This firewall is for a client that requested on our network. I have down in on a PF sense but unable to make this work. The tutorials I have read don't apply to the problem I have. Thank you.

Multiple IPs on WAN by JordanSharkJordanShark, 05 Jul 2018 20:41

Since I upgraded firmware I can't start the VPN. I get an error message "Client is not running or status could not be read".

I'm using:

Name TomatoUSB
Model Asus RT-N66U
Firmware 1.28.0000 MIPSR2-140 K26 USB AIO-64K

The log shows:

Jun 28 12:25:38 unknown daemon.err openvpn[21978]: Options error: Unrecognized option or missing or extra parameter(s) in config.ovpn:19: tls-remote (2.4.1)
Jun 28 12:25:38 unknown daemon.warn openvpn[21978]: Use —help for more information.

I've tried entering all the details again but it just won't start.

Any help much appreciated

Keith FrankKeith Frank 25 Jun 2018 17:19
in discussion Discussions / General » Wrt160nv3

Does anyone know which Shibby build will load on the linksys wrt160nv3?
On the compatible router list it is listed as working with K26. Every version I have tried so far has said "upgrade failed".
Any help would be appreciated.

Wrt160nv3 by Keith FrankKeith Frank, 25 Jun 2018 17:19

Hello guys!

I'm pretty inexperienced Tomato usb with, and obtaining yleensäkkin routers settings to be correct. I am now two days fought with the Asus RT-N66U router has that I can not fully operate flawlessly. It clears the internet connection every 2h, and I always have to start my router again. This problem is both on the wireless internet, and the myls on wired internet.
If anyone has an Asus RT-N66U router here, I would like somebody to send me a backup of the complete and working settings. That way I would get my problem up to date.

Thank you!

Asus RT-N66U ready settings by Matias1992Matias1992, 25 Jun 2018 11:35
FTP help me
denslipdenslip 16 Jun 2018 09:39
in discussion Discussions / General » FTP help me

LOGIN: Client ""
Jun 16 01:28:33 unknown vsftpd[5218]: [Den] FTP response: Client "", "230 Login successful."
Jun 16 01:28:33 unknown vsftpd[5218]: [Den] FTP command: Client "", "TYPE I I"
Jun 16 01:28:33 unknown vsftpd[5218]: [Den] FTP response: Client "", "500 Unrecognised TYPE command."
Jun 16 01:28:33 unknown vsftpd[5218]: [Den] FTP command: Client "", "MODE I"
Jun 16 01:28:33 unknown vsftpd[5218]: [Den] FTP response: Client "", "504 Bad MODE command."
Jun 16 01:28:33 unknown vsftpd[5218]: [Den] FTP command: Client "", "MKD /357224076836019"
Jun 16 01:28:33 unknown vsftpd[5218]: [Den] FTP response: Client "", "550 Create directory operation failed."

FTP help me by denslipdenslip, 16 Jun 2018 09:39


I managed to setup a vpn server using TUN and TLS authentication. However, I don know which additional rules I need to setup so a connected client can access the internet via the VPN connection.

My client is a Linux Mint 18 machine.
Is there a good tutorial available somewhere?



VPN server routing setup by ruuddbruuddb, 11 Jun 2018 19:56

I think it has something t0 do with the USB implementation of the 5Ghz device. I am running [TomatoUSB] v3.4-140 Mega-VPN on a number of LinkSYS E2500 V3 devices. As soon as the NVRAM get filled up the 5Ghz device disappears from the scene. To overcome that bug, keep your NVRAM as lean as possible.

With my complex configurations, using 4 VLANs and both 2x OpenVPN server and clients per device, I put everything in a shell scripts, including the keys and certs for openvpnand chucked it on an external USB thumb drive. The services are getting now started via the scripts menu in the Administration Thumb at the GUI. And voilá the 5Ghz device is back and survives even longer the leaner the NVRAM is…

I know that drives the nice user front-end of the Tomato very much useless, but keeps the devices working. It's now a good time for the developers to fill the broad room for improvement with a nice piece of software… :-) Good luck with that…

.. FWIW, I do have a cable from my modem (slot 1) into my WAN input on my R7000.

Re: Switching from XWRT by pbcsdpbcsd, 03 Jun 2018 18:38

Hi all,

Had some issues with XWRT so decided to switch to Tomato, and can't seem to get my setup to connect to the internet. Here's what I had previously:

1. Rogers Hitron Modem in Bridge mode (gateway function off)
2. Netgear R7000 in my basement acting as the wireless router, connected directly to the Hitron with main SSID, set to
3. Netgear R7000 on my main floor acting as an Access Point, same SSID as 2 above, set to
4. Open VPN on my basement R7000 for my IP Cameras

However, I can't seem to get the Tomato firmware to connect to the internet. I am wondering if it is because the main router (2 in the above) is setup in Access Point Mode?

The option to set it as a Wireless Client is greyed out in both the 2.4 and 5Ghz networks. Setting it up as a wireless bridge (can only do this on one of the wireless networks) also doesn't seem to work?


Switching from XWRT by pbcsdpbcsd, 03 Jun 2018 18:36

This took me awhile to find, but it is a simple 1-click fix.

Go to Advanced > Conntrack/Netfilter

Scroll down to Tracking / NAT Helpers and click GRE / PPTP

Click save and done! BAM, VPNs now work.

Greetings to all.
It is not possible to use jiffs through the interface of the AdvancedTomato. The partition is not formatted or mounted.
It is mounted only through the console:

mount -t jffs2 /dev/mtdblock4 /jffs

This is normal, are there any solutions? Thankful in advance for answers.

Re: Shibby Builds by MiraMaX166MiraMaX166, 29 May 2018 19:10


So I've worked out how to, and have placed my server on a VLAN.

However I am still struggling with getting port 53 UDP to work for me.



Re: DNS port 53 UDP forwarding by derfzderfz, 24 May 2018 20:44


I need help I am installing a tomato in a ASUS RT68U, which is configured to be an access point. The internet is provided by another router that is from my ISP. So far no troubles
I first installed advanced tomato VPN version, configured the PPTP server and everything was fine. I was able to connect to PPTP server inside and outside the LAN (at my work).
Then I decided to try the AIO version and my problems with my PPTP server began.
I am only able to connect to it if I am inside my LAN. If I am away, it does not work.
There is some difference in firewall between VPN and AIO version that is blocking connections from outside the LAN, but I cant find anything related…
Can anyone please please help?


Hello all

I've just install TomatoUSB on my netgear R8000 router in an attempt to resolve a port forwarding issue I am experiencing.

My issue is that port 53 UDP doesn't seem to forward at all.

Here is what I am attempting to achieve.
I have several domains, and I wish to host my own websites and related services including DNS (bind9).
I wish to use buddydns as a secondary DNS service.
But buddydns cannot connect to my bind9 server via port 53 UDP. Port 53 TCP works just fine, and their buddyboard states that my delegation and transfer setup appears correct.

Given that I am very new to this sort of thing. What would be the best way to estabish the connections I require. And I guess I also need to address the issue of protecting the rest of my LAN from those resourseful individuals who would seek to be less than appropriate on my network.

My server has a wireless connection as it is located remotely and getting a hardwire connection would be very difficult to achieve although no impossible.



DNS port 53 UDP forwarding by derfzderfz, 23 May 2018 20:02
Re: IPV6 Xfinity
myricemyrice 06 May 2018 04:24
in discussion Discussions / General » IPV6 Xfinity

I have same issue. I can ping from R7000 router. However, my desktop cannot get ipv6 address from the router.

Re: IPV6 Xfinity by myricemyrice, 06 May 2018 04:24

I have setup a Raspberry Pi and installed PiVPN, all well so far. I then installed OpenVPN GUI on my desktop and OpenVPN Connect on my Pixel phone. Using the instructions provided by the PiVPN project I created a config.ovpn file. I installed that file on my desktop OpenVPN GUI and my Pixels OpenVPN Connect app. I then tested both the desktop and the Pixel connections and they worked perfectly.
Now the problem, I wanted to setup my Asus RT-AC68P running AdvancedTomato Shibby version 1.28.0000 -3.5-140 K26ARM USB AIO-64K as a VPN client connected to the Pi I just setup. I was able to edit the config.ovpn file and copy the Certificate Authority, Client Certificate, Client Key and the ta key and I used that information in the appropriate area on the routers Client VPN settings page.
Using the settings provided by a helpful user I was able to establish what I though was a connection because when I selected StartVPN it came back and said Running. But, if I checked to see if the Wan IP address had changed to the Pi’s ISP it did not. I had my local ISP’s address.

When I checked the Pi OpenVPN log file it had the following error messages:
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]
( my client IP address redacted)

Can anyone tell me what I can do to correct this and make this work? If you need more information please let me know and I will happily provide it. And if this is the wrong place to post this, let me know where I should.

same thing here: Linksys E series router (E3200) with Shibby v140: After initial firmware flush all seems to work. but after few restarts : 5Ghz network is well defined in the router menus but no device can detect / "see" its SSID in the house. no Android device (like Xiaomi Mi TV box) and no 2017 MacBook pro can see the 5Ghz SSID.
the 2.4Ghz bands works flawlessly.
tried changing various 5Ghz menu settings in the router UI but so far no success.

My USB menu was never disabled , so I doubt this affect my 5Ghz .
seems like an inherent bug in the firmware:
Tomato Firmware 1.28.0000 MIPSR2-3.5-140 K26 USB Mega-VPN

In compulsory tunneling, the carrier network provider manages VPN connection setup. When the client first makes an ordinary connection to the carrier, the carrier in turn immediately brokers a VPN connection between that client and a VPN server. From the client point of view, VPN connections are set up in just one step compared to the two-step procedure required for voluntary tunnels.

Re: VPN Tunneling Setup by zmirlizmirli, 27 Apr 2018 10:19
page »
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License