Device: GL-A1300 (Slate Plus)
Current Firmware: 4.2.1 (release4)
Date of this post: 28 June 2023
Bugs
The region was set to “US” by default when the EU-Store-bought router had arrived. Setting the “System > Time Zone” correctly didn’t fix this.
This caused:
(Repeater-Mode) Router to mostly fail when searching for Wi-Fi Networks
(Repeater-Mode) Router to have a very bad Wi-Fi reception to other networks
(Repeater-Mode) Router to intermediately drop connection to other networks
(Repeater-Mode) Clients to take longer time for connecting to the router
Workaround:
Manually editing both 5Ghz & 2.4Ghz beacon’s regions from “US” to “DE” in /etc/config/wireless
Suggestion:
Add an option to the UI to set the region for the beacons
Dark mode in the UI is not persistent for some reason
This caused:
My eyes to burn every time
**Very** Illogical Things
(Repeater mode) Unnecessary character limit in the UI (32 Characters) for the username while joining EAP networks
The Problem:
the username that our institution uses: user1234@xxx-xxxx.xx-xxxxxxxxx.xx (33 Characters)
there’s no character limit in the LuCI, but changes there won’t persist, they revert upon connecting to the same network again
(Repeater mode) No possibility to enter more detailed info while joining EAP networks
The Problem:
cannot connect to networks like Eduroam or more sophisticated ones, because the following can’t be entered while joining a network (these options exist in LuCI, but the changes are not persistent):
EAP-Method, Certificate, etc.
(Repeater mode) No possibility for setting an HTTP(S)-Proxy for all connections
The Problem:
our institution doesn’t allow outgoing connections without using their proxy
no possibility to enter the following proxy settings in the UI: Proxy Address, Port, Username, and Addresses that should be exempt from the proxy
(Repeater mode) No possibility for randomizing router’s MAC address
The Problem:
Network quality may be vulnerable to manipulation by the WISP/ISP when the router’s static MAC address is exposed
Non-existence of a button to manually check for software updates
Wishes
Please keep supporting the Tailscale, they are the future
… when excluding possible GL firmware upgrades, of course. You won’t find it; when new OpenWrt versions are released, their respective software feeds are frozen within that same version number.
eg: Syncthing in OpenWrt 21.02’s feeds is v1.18.2-1 but v1.23.5 is the most recent version(s) avail. fr syncthing.net .
You’d have to compile your own .ipk if you really wanted the most current fr the upstream sources.
–
Is this a difference in the Slate Plus v Slate AX, then?
Slate AX (GL-ATX1800) firmware 4.2.1, GL GUI, Network, MAC Address:
When you connect to a public hotspot, use a random MAC address if you do not want the hotspot to know your real MAC address or to limit your access to the Internet based on it.
If your hotel or other business location’s network requires authentication, you may need to use the MAC cloning.
Do you know the file name/location where this info is kept? Hypothetically, a little grep &/or sed action thrown into /etc/rc.local could work around this.
Well, I have that exact same info on my Admin Panel Network > MAC Adress, so that shouldn’t be a point of difference between GL-A1300 and GL-ATX1800, no?
GL-ATX1800 seems to be superior in hardware.
ironic that “Learn more” leads to 404 in both cases.
I wish I knew where it is …it’s probably that file which overwrites the changes in LuCI Hey devs, where does UI save the username/pass for EAP networks? or any network’s authentication details? EDIT: found it (for the saved networks in the repeater mode) It’s /etc/config/repeater
Changes here do persist, and they show in the UI. It’s cool as long as you don’t touch it in the UI, otherwise, it’s limited to 32 Characters again.
Doubtful in this particular regard. These bad boys run OpenWrt ‘under the hood/GUI’… so flipping over into LuCI (aka Advanced settings) or dropping into SSH to edit some config (.conf) is always an option (I suggest opkg update && opkg install nano to install the Nano editor beforehand, though). I’m sure there’s a way to manually do it if GL’s version of OpenWrt won’t let one.
Ironic that “Learn more” leads to 404 in both cases.
Today you learned GL has some 404s to address.
Sound like you’re going to need to drop (ie: login) to SSH sooner than later. grep -rnw '/' -e 'someStringorSomethingRelatedToEAPHere-IdontKnowIveNeverUsedEAP'
^ that’ll search though every file on the Slate Plus. Something should pop giving a file & dir. Then cat /this/is/the/dir/of/the/filename . Copy & paste the output to this thread… but do it after you’ve setup & saved what EAP creds you have (eg: user1234@xxx-xxxx.xx-xxxxxxxxx.xx). Something from them should serve quite well for that grep search string.
If that file persists, which it damn well should, I’d think it’d just be a matter of editing the approp. section w/ the approp. option. You may have to consult the OpenWrt wiki/forums for specifics on how to do that. Regardless, dropping into SSH & using nano is likely in your near future.
You beat me to it. I watched a video a few hours ago on one of the Amazon listings for the Beryl/Beryl AX/Opal/I can’t remember exactly which one that demonstrated that very function.
It happens when I:
Log out from the admin panel > close the browser > open the browser > open the admin panel.
Then it’s all light and shiny again.
I use plain ol’ Firefox with UBlock Origin and Decentraleyes, in addition to Firefox’s native “Enhanced Tracking Protection”
Sorry, it was my own mistake. It’s working alright
I really wish that it’s not my unit that’s faulty here, I threw the packaging away
Ooh, that makes sense now. Does it randomize automatically or only upon pressing the button though?
You could spend days setting up vi/vim… if your going to be doing copious amounts of sysadmin or coding. Nano is the ‘quick & dirty.’ It’s worth it to have both, IMO. htop is another good tool; it really helps see what processes are running on your device. Sometimes those processes will show the filename/location of the conf they’re using (eg: dnscrypt-proxy2 … which is used by the GUI for Network → DNS → Encrypted DNS → DNS over HTTPS)
time to set up auto-clicker on my server and access the GL-A1300 via Tailscale :kek:
Now THAT sounds really interesting
I’d like to say thanks to both of you, it was worth to write these issues here. @alzhao Great support, thank you, I’m glad it created awareness for some of those bugs @bring.fringe18 thanks for your suggestions, you were always on the right track helped me a lot
Say no to Big Tech: stop feeding Cloudflare (Yankees) your IP, used Quad9 (Swiss) instead: nano /etc/config/mwan3 → track_ip → '9.9.9.9' / '149.122.122.122'. Wash, rinse, repeat. Then /etc/init.d/mwan3 stop 2>&1 && /etc/init.d/mwan3 start 2>&1 to take immed. effect
Immed. & persistently increase the number of max active connections: sysctl net.nf_conntrack_max && for i in $(ls /etc/sysctl.d/11-nf-conntrack.conf); do sed -i 's/16384/32768/g' $i; done && sysctl net.nf_conntrack_max net.nf_conntrack_max=32768 2>&1 && sysctl net.nf_conntrack_max
Just to add: This issue has been fed back several times and the interface design has been changed. But there is still some time until the stable firmware release.
In the new version, the determination of whether repeater is enabled or not is removed, and the interface will show the MAC address used when it is enabled even if it is disabled.
Can we get an option to randomize the MAC for Ethernet, then another for Repeater? Eg: each interface having a ‘Random’ link as currently found to the right of ‘MAC Address’?
In the new version, the determination of whether repeater is enabled or not is removed, […]
What’s the logic behind this? I’d quite like to know what my device is doing at a glance via GL GUI:
We discussed this, but didn’t think of any scenarios where we would need to configure it this way. What scenario do you need to use it in?
Simply put, the MAC of the Repeater does not actually exist when the Repeater is disabled. This is different from Ethernet.
So we originally designed it to show the MAC of the repeater only when it is up, but this caused misunderstanding among users.
So we changed it to show which MAC repeater will use when Repeater is disabled.
First, the MAC display and Multi-WAN are no longer related in the new UI.
If this is another requirement …
As for the Multi-WAN feature, we are refactoring it. For the time being, we are not considering optimizing the front page for it until it is as stable and accurate as expected.
It strikes me as a question of consistency. If one can change the MAC for one interface, not being able to do so for every interface is rather jarring. That said there may be some inventive penetration tester or security analyst who might use the capability in some creative fashion. If the option was ‘buried’ in a non-obvious place (as seen w/ ‘Change to LAN’ for GUI Main/Front Page → Ethernet’) I think it’d suffice.
I’d rather have the option & not use it than find myself one day needing for it & not have it.
Simply put, the MAC of the Repeater does not actually exist when the Repeater is disabled.
A ‘virtual interface’, got it. Yeah, I could see that causing some questions. I think that leads in the same vein as my comment re: consistency. We users don’t like getting surprises like that, I’m sure.
As for the Multi-WAN feature, we are refactoring it. For the time being, we are not considering optimizing the front page for it until it is as stable and accurate as expected.
Understandable. The GUI’s front page is GL’s real ‘first impression’… & as the idiom goes, you only get one chance to make a first impression. I know I found myself liking it the moment I logged into my Certa.
If you’re over-hauling the config for mwan3 anyways, I’ll again raise the suggestion of removing Cloudflare & Cicso’s OpenDNS as the default IPs for connectivity checks; Quad9 (9.9.9.9 , 149.112.112.112) has far better legal protections by nature of their operating location in Swizterland, better privacy policy for end users even if they’re around a hundred ms slower comparatively in responses (geographically dependant, of course).
You can configure it in LuCI.
Network->Interface-> Device.
This is one of the benefits of being based on Openwrt. Some general features, we provide simplified configuration pages for mass setup, and professional users can perform more complex configurations in LuCI.
interesting editor
helped me a lot 
