All Activity

known 5.1 A3 issue, Keenetic support knows how to fix it

Configuration: KN-1011 5.1 Alpha 3 For some time i'am unable to flash update, issue popped out couple of months ago. I tried different channels and workaround, no effect. Via web i see error after 50% complete `The server is temporarily unavailable (code 0). Please try again later.` with replacing firmware by .bin file Failed to switch system boot partition via telnet following error `Core::System::Update::Hooks error[8586241]: failed to update the firmware: unable to commit an update.` Self test log in attachment. What may be wrong, how to fix this? self-test.txt

yes, its possible with CLI interface GigabitEthernet1/VlanX up ip address xxxxx (or dhcp) ip global auto exit interface GigabitEthernet1/VlanY up ip address xxxxx ip global auto exit system configuration save example for wan port for some model, if wan port in switch other command

Release 5.1 Beta 1 (preview) Web: enabled the option to choose the connection when configuring custom IPv6 DNS servers [NWI-4799] Web: enhanced the Assignment column to better fit larger client device lists in the Application Filter menu (requested by @FLK) [NWI-4781] Web: fixed the navigation to the File Browser from the System Dashboard page in a specific case (reported by @iggo) [NWI-4796] Web: updated the IPv6 section on the Firewall page to allow selection of the OPKG tunnel interfaces (reported by @avn) [NWI-4776] Wi-Fi: fixed the 2.4 GHz channel width display on single-band models using MT7628 and MT7603 [SYS-1755]

And after some interactions with Chat GPT and providing it output of different commands from CLI, it says: Facts from your live output: * PPPoE0 has IPv6 enabled and has a global IPv6 address. * show ipv6 prefixes previously showed a delegated /56 on PPPoE0. * show ipv6 subnets previously showed a /64 from that /56 applied to Home. * show interface PPPoE0 still says ipv6 defaultgw: no. * show ipv6 route still has no ::/0 default IPv6 route via PPPoE0. * ping6 works from UsbLte0, but fails from PPPoE0 with network unreachable. The manual’s ping6 syntax uses source, which you used correctly here. So the exact diagnosis is: * Prefix delegation on PPPoE works, but IPv6 default routing on PPPoE does not.

With the upgrade to the latest firmware (5.0.8), the issue did not magically resolve. Instead, the IPv6 configuration, provided by the IPS (address, prefix and DNSes) now vanished from the Web interface Dashboard section. Seems like some incompatibility with the provider. Same ISP works fine with Huawei and Ubiquiti. Consequences of choosing a niche vendor, I guess.

there is an article in user manual - https://support.keenetic.com/titan/kn-1811/en/50384-how-to-change-an-internet-connection-policy-for-download-station-.html

Hi @Luca Zammarchi Please read this thread: It explains how to configure the Download Station for a setup similar to yours.

Hi, I'm using the download station based on Trasmission web to download huge images (LCX/ISO). My setup has 2 different gateways (Fiber and 4G for backup). I'd like to force the fiber usage only. Is it possible to implement the feature? Rule: Fiber available and up: Download allowed Fiber not available and down: Download on-hold and denied Thanks a lot

my keenetic acts as an access point behind mikrotik router and generates ipv6 via SLAAC. it does not have ipv4 address. because of this it can't reach update server or ntp server. please make it work in ipv6 only scenario i can ping native ipv6 and dns64/nat64 resources in Network Connection Test Installed version 5.1 Beta 0.3 # update logs Core::Ndss: [3074] no registered connection. # ntp logs. auto server Ntp::Server: disabled master mode. # ntp logs custom server Ntp::Server: disabled master mode. Ntp::Client: unable to communicate with "pool.ntp.org".

is it possible? Several providers over 1 phisical port with different VLANs

Release 5.1 Beta 0.3 IPv6: prevented link-local access to the web interface when turning the IPv6 operation off (requested by @gaaronk) [NDM-4303] LTE: reduced the delay when switching between slots of a dual-SIM modem on Hopper 4G+ and Hero 5G models [NDM-4379] PingCheck: fixed the switch to the backup connection with an unconfigured availability check in case the higher-priority connection check fails [NDM-4392] SSH: fixed an issue that could prevent the session timeout from being applied correctly [NDM-4406] Tools: added an option to set the DF (Do Not Fragment) bit in the ping utility via the command line interface [NDM-4391] Web: fixed missing localization in the confirmation dialogue when turning off Wi-Fi (reported by @project_fcc) [NWI-4791] Web: corrected the notification that appears when turning off all access points in the wireless band (requested by @dimon27254) [NWI-4783] Web: fixed an issue where the selected Automatic theme would switch when printing the wireless network information (reported by @dimon27254) [NWI-4773] Web: fixed issues with the wireless roaming settings on the Access Points page (reported by @dimon27254) [NWI-4778] Web: corrected the display of the storage icon at certain screen resolutions (reported by @dimon27254) [NWI-4693] Wi-Fi: fixed a potential crash and memory leak that could occur when connecting to a Wi-Fi 7 network using WPA3-SAE after changing the wireless settings [SYS-1749]

Release 5.0.10 (preview): LTE: reduced the delay when switching between slots of a dual-SIM modem on Hopper 4G+ and Hero 5G models [NDM-4379] OpenSSL: library upgraded to 3.5.6/3.0.20 to address multiple security vulnerabilities [NDM-4402] CVE-2026-28386 CVE-2026-28387 CVE-2026-28388 CVE-2026-28389 CVE-2026-28390 CVE-2026-31789 CVE-2026-31790 Web: corrected the display of the storage icon at certain screen resolutions (reported by @dimon27254) [NWI-4693] Wi-Fi: fixed a potential crash and memory leak that could occur when connecting to a Wi-Fi 7 network using WPA3-SAE after changing the wireless settings [SYS-1749]

I have a wifi system with a Sprinter (KN-3711) and Buddy 6 (KN-3411) both on Keenetic OS 5.0.8. I am testing a Zephyr RTOS - based device to verify experimental support for 802.11 roaming protocols (k, v, r). So far, RRM Neighbor report requests from my device get responses, but BSS transition Mgmt queries get no responses. The queries are rate limited, min interval between two queries is 2 seconds. See sample logs from the device: ``` [08:31:01.486,000] <wrn> RT555/wifi_conn: signal (-68 dBm) is near / below threshold (-70 dBm), start roaming procedures [08:31:01.486,000] <inf> RT555/wifi_conn: Signal level dropped, requesting roaming (deferred) [08:31:01.486,000] <dbg> RT555/wpa_supp: wpa_printf_impl: Calling wpa_cli: wnm_bss_query, argc: 2 [08:31:01.486,000] <dbg> RT555/wpa_supp: wpa_printf_impl: argv[0]: wnm_bss_query [08:31:01.486,000] <dbg> RT555/wpa_supp: wpa_printf_impl: argv[1]: 16 [08:31:01.487,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Control interface command 'WNM_BSS_QUERY 16' [08:31:01.487,000] <dbg> RT555/wpa_supp: wpa_printf_impl: CTRL_IFACE: WNM_BSS_QUERY query_reason=16 [08:31:01.487,000] <inf> RT555/wpa_supp: WNM: Send BSS Transition Management Query to 52:ff:20:a8:57:4b query_reason=16 [08:31:01.487,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wpa_supp: Send Action frame (freq=5240 MHz wait=0 ms no_cck=0) [08:31:01.490,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wpa_supp: Frame TX status event [08:31:01.490,000] <dbg> RT555/wifi_supplicant: event_socket_handler: Passing message 16 to wpa_supplicant [08:31:01.491,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Event TX_STATUS (16) received [08:31:01.491,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: EVENT_TX_STATUS dst=52:ff:20:a8:57:4b type=0 stype=13 [08:31:01.491,000] <inf> RT555/os: 0x300ab2d0 (supplicant_thread): unused 3572 usage 4620 / 8192 (56 %) [08:31:03.477,000] <dbg> RT555/wifi_supplicant: event_socket_handler: Passing message 24 to wpa_supplicant [08:31:03.477,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Event SIGNAL_CHANGE (24) received [08:31:03.478,000] <inf> RT555/wpa_supp: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-67 noise=0 txrate=51600 [08:31:03.478,000] <dbg> RT555/wpa_supp: wpa_printf_impl: bgscan simple: signal level changed (above=1 current_signal=-67 current_noise=0 current_txrate=51600)) [08:31:03.478,000] <inf> RT555/os: 0x300ab2d0 (supplicant_thread): unused 3572 usage 4620 / 8192 (56 %) [08:31:03.478,000] <dbg> RT555/wpa_supp: wpa_printf_impl: Received len: 64, msg_len:64 - CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-67 noise=0 txrate=51600->END [08:31:03.479,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Control interface command 'SIGNAL_POLL' [08:31:03.492,000] <wrn> RT555/wifi_conn: signal (-67 dBm) is near / below threshold (-70 dBm), start roaming procedures [08:31:03.492,000] <inf> RT555/wifi_conn: Signal level dropped, requesting roaming (deferred) [08:31:03.492,000] <dbg> RT555/wpa_supp: wpa_printf_impl: Calling wpa_cli: wnm_bss_query, argc: 2 [08:31:03.492,000] <dbg> RT555/wpa_supp: wpa_printf_impl: argv[0]: wnm_bss_query [08:31:03.492,000] <dbg> RT555/wpa_supp: wpa_printf_impl: argv[1]: 16 [08:31:03.493,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Control interface command 'WNM_BSS_QUERY 16' [08:31:03.493,000] <dbg> RT555/wpa_supp: wpa_printf_impl: CTRL_IFACE: WNM_BSS_QUERY query_reason=16 [08:31:03.493,000] <inf> RT555/wpa_supp: WNM: Send BSS Transition Management Query to 52:ff:20:a8:57:4b query_reason=16 [08:31:03.493,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wpa_supp: Send Action frame (freq=5240 MHz wait=0 ms no_cck=0) [08:31:03.496,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wpa_supp: Frame TX status event [08:31:03.496,000] <dbg> RT555/wifi_supplicant: event_socket_handler: Passing message 16 to wpa_supplicant [08:31:03.497,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Event TX_STATUS (16) received [08:31:03.497,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: EVENT_TX_STATUS dst=52:ff:20:a8:57:4b type=0 stype=13 [08:31:03.497,000] <inf> RT555/os: 0x300ab2d0 (supplicant_thread): unused 3572 usage 4620 / 8192 (56 %) ... no response ... [08:31:05.498,000] <wrn> RT555/wifi_conn: signal (-68 dBm) is near / below threshold (-70 dBm), start roaming procedures [08:31:05.498,000] <inf> RT555/wifi_conn: Signal level dropped, requesting roaming (deferred) [08:31:05.499,000] <dbg> RT555/wpa_supp: wpa_printf_impl: Calling wpa_cli: wnm_bss_query, argc: 2 [08:31:05.499,000] <dbg> RT555/wpa_supp: wpa_printf_impl: argv[0]: wnm_bss_query [08:31:05.499,000] <dbg> RT555/wpa_supp: wpa_printf_impl: argv[1]: 16 [08:31:05.499,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Control interface command 'WNM_BSS_QUERY 16' [08:31:05.499,000] <dbg> RT555/wpa_supp: wpa_printf_impl: CTRL_IFACE: WNM_BSS_QUERY query_reason=16 [08:31:05.499,000] <inf> RT555/wpa_supp: WNM: Send BSS Transition Management Query to 52:ff:20:a8:57:4b query_reason=16 [08:31:05.500,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wpa_supp: Send Action frame (freq=5240 MHz wait=0 ms no_cck=0) [08:31:05.503,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wpa_supp: Frame TX status event [08:31:05.503,000] <dbg> RT555/wifi_supplicant: event_socket_handler: Passing message 16 to wpa_supplicant [08:31:05.503,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: Event TX_STATUS (16) received [08:31:05.503,000] <dbg> RT555/wpa_supp: wpa_printf_impl: wlan0: EVENT_TX_STATUS dst=52:ff:20:a8:57:4b type=0 stype=13 [08:31:05.503,000] <inf> RT555/os: 0x300ab2d0 (supplicant_thread): unused 3572 usage 4620 / 8192 (56 %) ... no response ... ``` To translate to human-readable terms query_reason=16 means "Low RSSI" and Event TX_STATUS (16) means event was tx'ed successfully. The device is correctly listed with k and v support in the client list. I think it is strange that the controller does not respond to BTM queries at all. Any help would be appreciated.

Hello all! After update to 5.0.4 and later KeeneticOS noticed the following problem with address allocation (as example - connect over wifi) - router not allocated new ip address after connect to wifi. logs have messages: after reboot router or restart dhcp from cli - the address is given and everything works but after a while the problem repeats itself, until reboot. My configuration: Has anyone encountered a same problem?

Release 5.0.9 (preview): Core: fixed a memory leak in the API parsers for IPv6 addresses and prefixes [NDM-4376] HTTP: addressed the CVE-2026-28753 security vulnerability in the web interface service [NDM-4368] NDNS: fixed the incorrect 403 Forbidden status when accessing the device name in cloud mode over IPv6 [NDM-4378] VLAN: resolved the issue that caused the 'VLAN ID is busy' log messages to appear when adding network segments [NDM-4363] VLAN: fixed the 802.1q egress priority setting for packets with non-zero DSCP mark [NDM-4342] Web: added sorting by name and traffic transmitted to the WireGuard connections list (requested by @Алексей Микин) [NWI-4732] Web: added an option to turn off the WireGuard peer in the 'Connect via' selector [NWI-4756] Web: fixed the Dashboard link to the Active Connections tab in Diagnostics [NWI-4743] Web: fixed the charts display on the Traffic Monitor page [NWI-4758] Web: fixed the reorder operation for connections on the Connection Policies page (reported by @spatiumstas) [NWI-4740] Web: fixed scrolling on the Application Traffic Analyser page [NWI-4726] Web: fixed the partition size display on the Applications page (reported by @spatiumstas) [NWI-4495] Web: fixed the logo font and colour in the header (requested by @dimon27254 et al) [NWI-4771] Web: removed the toggle's own status display (reported by @KeyYerS) [NWI-4742] WSD: corrected the packet format for Probe and Hello messages to fix the reboot issue with NETSurveillance video cameras [NDM-4387]

I'm moving from a Giga (KN-1012) EAEU to a Titan (KN-1812) EU. When setting it up, I noticed that the EU variant is missing a lot of country codes compared to the EAEU variant (including the one I need). Attaching the output of show interface WifiMaster0 country-codes from both devices for comparison. Is there a way to add the missing codes? Giga (KN-1012) EAEU.json Titan (KN-1812) EU.json

Release 5.1 Beta 0.2 Core: fixed a memory leak in the API parsers for IPv6 addresses and prefixes [NDM-4376] NDNS: fixed the incorrect 403 Forbidden status when accessing the device name in cloud mode over IPv6 [NDM-4378] Web: restored the Wi-Fi band selection option for registered clients (reported by @Gonzik) [NWI-4774] Web: fixed the logo font and colour in the header (requested by @dimon27254 et al) [NWI-4771] Wi-Fi: restored the ability to configure different SSIDs for 2.4 and 5 GHz in the same segment (reported by @keenet07, @Robespierre) [NDM-4343] WSD: corrected the packet format for Probe and Hello messages to fix the reboot issue with NETSurveillance video cameras [NDM-4387]

Поддержка пакета заброшена? Давно уже актуальная версия 2.0+

Hello, I’ve been using Keenetic devices for quite some time and really appreciate the ongoing software improvements. Recently, with the rise of newer Wi-Fi technologies, the 6 GHz band (Wi-Fi 6E) has started becoming more common across different manufacturers. I’m curious about a few things regarding this: Is there any plan to support 6 GHz (Wi-Fi 6E) on Keenetic devices? If so, would this come via a firmware update for existing devices, or require new hardware? Is there any estimated timeline for this feature? If anyone from the community or the Keenetic team has any insights or official information, I’d really appreciate it. I believe 6 GHz could make a significant difference, especially in environments with heavy network usage. Thanks in advance 🙏

Release 5.1 Beta 0.1 HTTP: addressed the CVE-2026-28753 security vulnerability in the web interface service [NDM-4368] MWS: added support for eSIM, SMS, and USSD operations on embedded 5G/4G modems for Wi-Fi System extenders [NWI-4738] NTCE: turned off the display of application traffic statistics by default for models with RAM sizes less than 256 MB [NDM-4367] VLAN: resolved the issue that caused the 'VLAN ID is busy' log messages to appear when adding network segments [NDM-4363] Web: enhanced the Client Lists page to display information on the client device's currently used connection policy, traffic sent and received, and IPv6 addresses [NWI-4707] Web: added sorting by name and traffic transmitted to the WireGuard connections list (requested by @Алексей Микин) [NWI-4732] Web: implemented the primary SIM fallback control support for models with embedded dual-SIM modem [NWI-4755] Web: added a dedicated wireless networks configuration page [NWI-4675] Wi-Fi: updated protection from attacks on client isolation feature, such as AirSnitch [SYS-1725]

Hello, I found a reproducible issue on Keenetic Giga KN-1012. Issue support request #654031 Environment: - Model: Keenetic Giga KN-1012 - KeeneticOS: 5.0.8 - OpenVPN server subnet: 10.84.0.0/24 - WAN interface: GigabitEthernet0/Vlan4 - Home subnet 192.168.1.0/24 - Web UI tested via: - http://10.84.0.1 - http://192.168.1.1 - http://my.keenetic.net - SSH access works in all scenarios from Home and OpenVPN1 segments Current routing/NAT logic: - WAN NAT is enabled on GigabitEthernet0/Vlan4 - OpenVPN clients are in 10.84.0.0/24 Problem: It looks like OpenVPN clients need the following directive in order to reach external resources through GigabitEthernet0/Vlan4: ip static 10.84.0.0 255.255.255.0 GigabitEthernet0/Vlan4 However, when this directive is present, local Web UI access starts failing with HTTP 403 Forbidden. Reproducible behavior: Case A — without: no ip static 10.84.0.0 255.255.255.0 GigabitEthernet0/Vlan4 Observed results: 1. 10.84.0.1 is accessible from OpenVPN client 10.84.0.2 2. my.keenetic.net is accessible from OpenVPN client 10.84.0.2 3. 10.84.0.1 is accessible from Home client 192.168.1.124 4. OpenVPN client 10.84.0.2 cannot access external resources that should go through GigabitEthernet0/Vlan4 Case B — with: ip static 10.84.0.0 255.255.255.0 GigabitEthernet0/Vlan4 Observed results: 1. 10.84.0.1 is NOT accessible from OpenVPN client 10.84.0.2 2. Web UI returns HTTP 403 Forbidden 3. my.keenetic.net is still accessible from OpenVPN client 10.84.0.2 4. OpenVPN client 10.84.0.2 CAN access external resources through GigabitEthernet0/Vlan4 5. 10.84.0.1 is also NOT accessible from Home client 192.168.1.124 Important note: - SSH access to Keenetic remains available on all interface addresses in both cases. - The issue affects Web UI access only. - A similar effect was previously observed with: ip static 192.168.1.0 255.255.255.0 GigabitEthernet0/Vlan4 In that case, replacing it with normal NAT for the Home segment restored HTTP access to 192.168.1.1. Expected behavior: - OpenVPN clients should be able to access external resources via WAN NAT - Local Web UI access via 10.84.0.1 and 192.168.1.1 should continue working - Enabling outbound NAT/routing for the OpenVPN subnet should not cause HTTP 403 on local management addresses Actual behavior: - The static directive for 10.84.0.0/24 appears to be required for outbound WAN access - But when enabled, it causes Web UI access to local management IPs to fail with HTTP 403 Could you please confirm whether this is expected behavior, a NAT/static routing side effect, or a Web UI management-plane bug? If needed, I can provide: - full running-config - exact test sequence - screenshots - self-test.txt Thank you.

Hello everyone. A good option has appeared in routers - DNS-based routes. But, many previous versions of routers are used, which are still quite good (kn-3010, 1711, 1311, 1111) and replacing them all at once is problematic. Will this option be implemented in firmware version 4.x.x?

In KeeneticOS v4.3.6.2, all files and directories on external removable devices whose names begin with a dot (e.g., .git, .gitignore) are treated as system files and are therefore hidden. These files and directories become system files specifically when accessed via KeeneticOS. It doesn’t matter how these items ended up on the external removable device, because I uploaded some files and directories via the router running KeeneticOS, while others I copied directly by connecting the removable device to my computer. All of them became system files. Once they become system files, they are treated as such even when the external removable device is connected directly to the computer. I performed all these operations on devices running the following file systems: Ext4, exFAT, and FAT32. In every case, these files and directories became hidden. The data transfer protocol did not affect this either, as I tested it using both SMB and SFTP. The result remained the same. In Windows 11, when using the SMB protocol, I was only able to make files and directories visible after enabling the «Show hidden files, folders, and drives» option in File Explorer and disabling «Hide protected operating system files (Recommended)». In Android 14, when using Cx File Explorer and the SFTP protocol, these files and directories are not displayed at all. If you look at the number of items in the parent directory containing such hidden elements, all files and directories are present and are copied correctly when copying the parent directory in which they are located, but there is no way to interact with them. You can find a file manager that can handle system hidden items, but the problem here is that user files and directories that shouldn’t be system files become system files. At first, I thought that KeeneticOS simply wouldn't return them when requested and would say they were missing, but that's not the case. All the files and directories don't disappear but become system files, which makes it impossible to work with them normally.

Добрый день, @Гамлет Неркарарян Русскоязычный форум находится по адресу https://forum.keenetic.ru/ Пересоздайте пожалуйста тему там.