Asus RT-AC66U: How to Configure DHCP Static IP Reservations for IOT/Smart Home Devices

533bdddb0ad6e58

I’ve never been a fan of using DHCP reservations to reserve an IP address for a device. However, there are a few situations where a static reservation is the best route to take.

Try your hand with Home Automation via devices like the Wink Hub,  IP cameras,  smart plugs,  satellite receivers, or even the Raspberry Pi and you will know full well the right time to use a static IP reservation.

In this post, I am going to walk you through that process on the Asus RT-AC66u.

First, log into your Routers webUI, select “LAN” in the left-hand menu. Then select the “DHCP Server” tab. Scroll midway down the page. Locate “Enable Manual Assignment” and select the “Yes” radio button.

asus0

 

Just below the section above, you will see a drop down box that you can use to select your device using the MAC or currently assigned IP. Enter the “Hostname” for the device. Select “Add/Delete“. This will add your device to the list.

 

asus3

Scroll down and find your device in the list. Select the icon to the left.  Change the “Name” of the device if you so desire. The only really important information here is the “IP” and the “MAC”. 

asus4

 

 

Here you also can change the default icon for the device, or add your own custom icons. Here, I am using a camera icon that I downloaded.

asus6

 

Below you can see some of the custom icons and names that I have set to help me keep track of my devices.

asus-1

 

Advertisements

Asus RT-AC66: Cannot Login Unless Logout Another User First

asus-rt-ac66u

 

When attempting to login to your router’s webUI, you may have run into the error below.

cannot Login unless logout another user first.

This error is usually caused by improperly closing router’s WebUI. This can occur if you are logged in and lose connectivity, or if your browser crashed.

Fortunately, the fix is simple… Assuming you have SSH enabled.

First, SSH into your router and run the two commands shown below.

admin@RT-AC66U:/tmp/home/root# nvram unset login_ip
admin@RT-AC66U:/tmp/home/root# nvram commit

See screenshot below

login-cleanup

Now, attempt to login via the webUI. You should be able to log in without issue.

If you do not have SSH or telnet enabled, you can just power cycle your router.

 

 

Configure Syslog Logging Levels on the Asus RT-AC66U Router


4614_WizardStressToy_1

So here is a quick little one that I figured out the other day. Having just setup a Splunk server at home I wanted to make sure that I was not going to hit the data limit of 500mb a day for the free version of Splunk. I figured out pretty fast that my ASUS RT-AC66U was a very chatty-cathy when it came to syslog… sending me all sorts of very raw data that I was, at least at first, not so sure I was interested in indexing. So I hit the cli and started poking around.

First off, before we jump in, let’s make sure that we are all on the same page. First thing to note is that I am running the custom Merlin firmware, however that doubt that the stock firmware is much different. Second, let’s make sure that we all know how to configure syslog on our Asus.

To setup forwarding syslog to a remote syslog server, you first client on “Administration” in the “Advanced Settings” panel on the left. Then select the “System” tab near the top of the page. Scroll down to “Miscellaneous”. This section is shown below. Enter the IP address of your syslog server (or Splunk server in this case) in the “Remote Log Server” field.

syslog_asus

Now lets get down to the business of adjusting our logging level. First you need to ssh into your router.

Note that it appears that by default the log level is set to 7.

admin@RT-AC66U: # nvram show | grep log_level
log_level=7

Now before you get too excited, I am actually not sure that the main log level adheres to rfc5424. I have yet to find any published documentation from Asus to confirm this. However, according to this guy’s blog, this configuration might be a bit less chatty. Note that there are a few additional settings here which you can play around with. With these settings, I am assuming that 1 is on, and 0 if off. I am still experimenting.

admin@RT-AC66U: # nvram set log_level=2
admin@RT-AC66U: # nvram set log_enable=1
admin@RT-AC66U: # nvram set log_rejected=1
admin@RT-AC66U: # nvram set log_dropped=1
admin@RT-AC66U: # nvram set log_accepted=0

Now lets save our change and reboot

admin@RT-AC66U: # nvram commit
admin@RT-AC66U: # reboot

Note that there also is a vpn_loglevel=3 setting that can be configured via nvram. This setting might be useful to those running a VPN server on their router.

Disk I/O Monitoring on the Asus RT-AC66U Router

asus-rt-ac66uThe Asus RT-AC66U, like many home routers that are on the market today, allow you to connect a USB drive to one of its onboard USB ports and share this disk out to your network.  Via the RT-ACC66U, you can share your NAS disk via CIFS or NFS. My configuration has a 1TB unmirrored drive used for temporary scratch storage, and as a network landing area for files that I want to backup.

Note that this is my 4th article on hacking the RT-AC66U. You can check out my other articles below if you are interested.

As you must already know, the Asus RT-AC66U runs Busybox, which is a very small but powerful embedded Linux distro. Because of this there are a lot of familiar commands available via the CLI. However, don’t get to comfortable, as this is still a very foreign land.

Note that this article assumes that you have ssh or telnet working and can log into your RT-AC66U via the CLI.

As I have stated before, you can use the ipgk command to search for and install packages. In the example below I searched for iostat, but found dstat instead. Either one was fine for my purposes…. at least initially.

admin@RT-AC66U:/tmp/home/root# ipkg list | grep iostat
dstat – 0.7.0-1 – dstat is a versatile replacement for vmstat, iostat, netstat, nfsstat, and ifstat

Now that I know what to install, I need to install it.

admin@RT-AC66U:/tmp/home/root# ipkg install dstat
Installing dstat (0.7.0-1) to /opt/…
Downloading http://ipkg.nslu2-linux.org/feeds/optware/oleg/cross/stable/dstat_0.7.0-1_mipsel.ipk
Configuring dstat
Successfully terminated.

Now that dstat is installed lets run it. The switches “rad” enable i/o stats and enable disk stats. The “-D” option allows us to specify a disk by name.

admin@RT-AC66U:/tmp/home/root# dstat -rad -D sda

The command above output what you see below.

dstat-screen-shot

As I mentioned above, dstat is most definitely, a very useful command. However, so far I have not been able to figure out how to get it to display the percentage utilized for a drive, which is rather easy to do with iostat.

How to Add a Static Route on the ASUS RT-AC66U

ASUS_RT-AC66U_newsBased on the popularity of my previous ASUS RT-AC66U post regarding SNMP, I have decided to put together a simple post on how to configure static routing on the home router known as the Dark Knight.

In my humble abode, the RT-AC66U is the core of my home network, providing DHCP and Wireless to a plethora of devices. However, I am also running a small home lab which I need to be able to access from my home desktop. Hence the need for static routes.

Specifically, my home lab hosts the following networks; 10.1.0.0/24, 10.2.0.0/24, 10.3.0.0/24. The IP address of my ASUS RT-AC66U is the default one of 192.168.0.1. My desktop is on the 192.168.0.0/24 network.

In order for me to access my lab from my desktop (and from the rest of my home network), I need to tell my ASUS how to route traffic destined for my 10. networks.

In order to accomplish this, we first need to navigate to LAN on the left pane, and then selecting the Route tab.

static_routes_asus_rt-AC66u

As shown in the screenshot above, we first need to select the “YES” radio button to “Enable Static Routes”. Next we enter a network ip (or static ip — if that’s what we are up to) into the “Network/Host IP “field. Then we enter our netmask into the field that is not surprisingly labeled Netmask”. In my case my netmask is 255.255.255.0.

Now we move on to the field labeled “Gateway”. Here we need to enter what the next network hop for that a packet that is needs to route to our lab network. In my environment, this is 192.168.0.11, which is another router.

Then select “LAN” from the drop down as all our traffic will route to the internal LAN only, and not out to the internet or WAN. Now click the plus sign to add your new route.

Now when a packet destined for one of my lab networks outlined above hits my ASUS router, it will be forwarded to 192.168.0.11, which is my lab router.

Note that you can also add static routes via the busybox command line, however I am not going to go into that today. Its simple enough to add them in the WebUI.

Install and Configure SNMP on the Asus RT-AC66U Router

ASUS_RT-AC66U_newsOk first off let me start by saying that this is probably the coolest piece of home computing hardware that I have ever laid my hands on. Yes the setup was easy, and yes the thing is rock solid, and yes wireless range is awesome. But for approx $200 USD you really should not expect anything less.  I’m not going to go into its specs or features, as I’ll leave that to the professionals. Read up on it here.

Anyway out of the box it supported telnet, but I wanted ssh, so I dropped the default firmware and went with Asuswrt-Merlin. It was at this point I started to explore the Busybox OS and decided I wanted to monitor the device via my HomeLab Zenoss install.

However, much to my chagrin net-snmp was not installed out of the box.

So how do you install it you ask? Would you believe via a package manager?

First, you need to find the package name

#ipkg list | grep snmp

Then install the snmp package

#ipkg install net-snmp

Then configure it to start at boot time.

#app_set_enabled.sh net-snmp yes

In order to configure it, you are going to have to search for the snmp.conf

#find / -name snmpd.conf

I found two files and one of them clearly states that you should not edit it directly. The other one does not so this is the one that I modified to include my custom rocommunity. See below.

rocommunity  lab

Now I just need to figure out how to allow port 161 udp/tcp on my local LAN segment and I am in business. However, I will probably tackle that tomorrow.

 

Additional Info (2016)

Note, you can restart snmp as shown below.

Stopping:

admin@RT-AC66U:/tmp/home/root# app_stop.sh net-snmp
killall: dm2_transmission-daemon: no process killed
killall: asus_lighttpd: no process killed
killall: dm2_snarfmaster: no process killed
killall: dm2_nzbget: no process killed
killall: dm2_amuled: no process killed
iptables: No chain/target/match by that name
iptables: Bad rule (does a matching rule exist in that chain?)

Starting:

admin@RT-AC66U:/tmp/home/root# app_set_enabled.sh net-snmp yes
The field(Enabled) was set “yes” already.
Restarting the package…

 

2016 Update – Configuring SNMP via the WebUI

Figured that I would add an update to this post as it seems that there are plenty of folks who are looking to setup SNMP on their Asus routers. Note that SNMP can now be configured directly from the WebUI.

In the left pane, click on “Advanced Setting”. Then click on the “SNMP” tab. See example below. Note that the webui does not seem to pick up your configuration if you have configured it via the cli. I have not tested to see if the WebUI overwrites the CLI configuration or if it creates another configuration file.

asus-4.png

Additional Resources

Fatmin: How to Add a Static Route on the Asus RT-AC66U

Fatmin: Install and Configure SNMP on the Asus RT-AC66U