Leaderboard

The controller update channel is not propagated to the extender devices, this is the expected behavior.

Hello guys, I wrote 3 scripts to be used with Keenetic router with Entware installed and set. I tested them with my KN-1812 and all seems to work; I'd be glad to know your feedback and suggestions. Keenetic Firewall: https://github.com/mattheweli/keenetic-firewall Keenetic Pingtool: https://github.com/mattheweli/keenetic-pingtool Keenetic vnstat: https://github.com/mattheweli/keenetic-vnstat I'm available for any questions you may have

Release 5.0.3 (preview): DNS: fixed FQDN-based routing when DNS is running over TCP (reported by @qmxocynjca) [NDM-4201] DNS: optimized performance of FQDN routing list updates [NDM-4197] MWS: fixed wireless 2.4 GHz backhaul on MT7603 and MT7628-based devices [SYS-1513] udpxy: fixed crash when running on a Bridge public interface [NDM-4200] Web: fixed hiding the Mobile menu when USB modem support is not installed (reported by @qmxocynjca) [NWI-4518] ZeroTier: fixed system restart loop when fail-safe mode is enabled [NDM-4187]

Thank you for the explanation @David CHEVALIER 🙂 So far, I can't really remember any similar requests. Scheduling port shutdowns is a smart solution for your setup 💪 Generally speaking, in a similar setup it would be easier to just use a few Keenetic APs + the central Keenetic router. If you unite them into a Mesh Wi-Fi system, the central router (“controller”) will be able to distribute its settings to access points, including the Wi-Fi schedule. We get requests to add that feature from time to time. It may be implemented in one of the future releases. On a related note, our router provides a REST API that you can use to control it with a bit of scripting. This way you can create your custom small UI containing all the features you want. If you are interested in that, I can provide more details.

(config)> ip dhcp pool _WEBADMIN option 66 ascii 192.168.2.1 (config)> system configuration save with second row, its ok now, thanks a lot

Hello, everyone! I would like to share how I solved this issue when adding an extender to a Wi-Fi system. I have Keenetic Hopper (Main Router) running OS 4.3.6.3 and a new Keenetic Buddy 6. The Problem: The "Acquire" button did nothing in the Web UI, and the system log showed the error: "The controller DPN document is not accepted". Here is the step-by-step solution that worked for me: Log in to your main router's web interface (192.168.1.1). Go to Management -> Users and Access. Ensure that your 'admin' user has SSH and Telnet permissions enabled (Telnet uses port 23 by default). Open your terminal (I used Linux, but PowerShell/CMD works too) and connect to the router: "telnet 192.168.1.1" Enter your admin credentials to log in. Manual Acquisition. Type the command "mws acquire " (with a space) and press Tab. The CLI should automatically show the MAC address of your Buddy/extender. Complete and run the command: "mws acquire <YOUR_MAC_ADDRESS> eula-accept no-update" Wait and Save. After a short moment, the Buddy appeared as "Acquired" in the Web UI. To make sure the settings persist, run this command in the telnet session: "system configuration save" Update Firmware. Once the node was active, I went to the "Wi-Fi System" tab in the Web UI and triggered an OS update for the nodes. After about 5 minutes, everything was fully synced and running the latest version. Access Extender. I can now access the Buddy's local web interface directly by clicking its IP address link in the main router's Wi-Fi System list. I hope this helps anyone struggling with the same DPN document error!

I hope this will help you a bit with the REST API: https://github.com/Eralde/rci-tools It is a small side project I am working on. Feedback is appreciated 🙂

Using an integration in home assistant that can turn on and on wifi networks. So when it goes automation that turns on wifi it realy goes ON but it's represented in webgui with togleOFF and says "enabled"

Hi @em286 There is a way to do that using Entware nginx-ssl package. While it is not a very straightforward one, it should work. Install Entware Run opkg update && opkg upgrade && opkg-install nginx-ssl in the Entware shell Adjust /opt/etc/nginx/nginx.conf to proxy /auth and /rci/ requests to the firmware web server (see configuration below; replace "Home" segment address in it with 192.168.1.1) Configure xxx.yyy.keenetic.name to proxy requests to "This Keenetic Device" + nginx-ssl port This way X-NDM-Challenge and X-NDM-Realm headers will be preserved: $ curl -i https://rci.dev-3811.keenetic.link/auth HTTP/2 401 server: Web server date: Mon, 29 Dec 2025 07:51:34 GMT set-cookie: ... Path=/; SameSite=Strict; Max-Age=300 www-authenticate: x-ndw2-interactive ... x-ndm-realm: Keenetic Hopper x-ndm-challenge: BJ**** x-ndm-product: Hopper

You can change the update channel for a member device like this: 1. Check the checkbox for the relevant member device in the nodes table. 2. Press the "Edit" button on top of the table. 3. Change the "KeeneticOS" dropdown value to the desired update channel (Dev in my example) in the device settings dialog. 4. Press the "Save" button at the bottom of the device settings dialog.

If for some reason the MAC address does not work you also can use candidate's cid as the candidate identifier. Device's cid can be found in the show identification command output. If you press Tab after entering mws acquire, there should be some autocomplete options available.

Oh yeah this is the way! Thanks it works!

Hi, i found a problem on my "Client list" section. I have 2 Titan units, one router and another mesh access point. A lot of my devices who are connected to the access point show 2500 Mbits/s instead of Speed and security protocol as show on this pic. Is this a bug? Thanks

Nothing strange. I encountered the same problem on my Viva (KN-1913). I installed the ssh component, but I couldn't connect via SSH to my Keenetic Viva. I rebooted it several times, but that didn't help. I scanned its ports, and port 22 was closed. I connected to it via telnet and checked the running services using the show processes command. I saw the following: object: id: SSH server state: STOPPED service: configured: yes alive: yes started: yes state: STOPPED Well, service ssh system configuration save solved the problem, the SSH service started.

service ssh system configuration save

I use Pi-hole on my home network to block ads. All I had to do with IPv4 was set the DHCP server in my Keenetic device. I recently switched my ISP and they provide IPv6 connectivity. I managed to have IPv6 working, but now the router pushes via SLAAC its IPv6 address as DNS server to clients. So now my devices prefer IPv6 and reach to the router for DNS resolution, bypassing the Pi-hole on my home network. I tried to find an option to change the DNS server address pushed via SLAAC but couldn't find one. I saw that I can change SLAAC to DHCPv6 but I can't find where to set the options. Is it possible to change the DNS server pushed to IPv6 clients?

Today I was looking around and found that the standard radvd daemon is used for sending router advertisements in the LAN. It is launched with the configuration file located at /var/run/radvd.conf (which is a symlink to /tmp/run). This means that the configuration file is generated at runtime and can't be edited by the user 🥲 This is the content of the file (one entry for each subnet, IP addresses redacted): /tmp/run # cat radvd.conf interface br0 { AdvSendAdvert on; AdvOtherConfigFlag on; AdvManagedFlag off; prefix 2a00:xxxx:xxxx::/64 { AdvOnLink on; DeprecatePrefix on; AdvAutonomous on; DecrementLifetimes on; AdvPreferredLifetime 716; AdvValidLifetime 716; }; RDNSS fe80::xxxx:xxxx:xxxx:xxxx { }; }; The DNS server is advertised with the RDNSS option, so hopefully a CLI command can be added to have the user set the preferred DNS server 👍