TomatoUSB.org FW: Working, Static, Etc but recently Admin login Page not showing It was working fine for a long time now. I can ping it etc and all the Static DHCP etc is working but lately its Admin/ Web login page is not showing up at all. I see no reason why it would do so? Any thoughts? I am on the local LAN. Tried from many clients, Wired & Wireless. Powered off & on as well. Thoughts? Any ideas on what the error is indicating?
What happens if you telnet/ssh into the router? If you can connect, check to see if the http service is running. Anything interesting logged in /var/log/messages when you attempt to connect to the admin page via a web browser?
Just tried after you suggested using Putty - SSH - Connection Refused Telnet - Connects but unable to login using my login "admin" and my <password> (I tried many times). Its like someone/ hacker has taken over it. Code: AS_TOM_HOST login: admin Password: Login incorrect AS_TOM_HOST login: What can I do now? Is there anyway to reset the password (using a physical reset button) without losing all my settings - esp Network & Static DHCP Settings?
Are you absolutely certain the login name is "admin"? That is not the case on any Tomato/TomatoUSB router I've used (for years). The username/login is "root" (and I know of no way to change that), and the default password is "admin". This applies to telnet, SSH, and the web/GUI interface (they're all tied together). Please try again. Please do not jump to conclusions like "it's like some hacker has taken over it". Step back for a moment, take deep breaths, and settle down. We will help you figure things out, but there's no need to freak out this soon.
Incorrect. For web gui both admin and root are valid usernames, however for SSH/Telnet only root is a valid username i.e. SSH > root > pwrd. It's always been that way
Thanks for correcting me Azuse -- had no idea that was the case for the GUI. Learn something new all the time.
Ok. I am not going hyper here.. Lol! Just that this is wierd. So I am going to try with "root" on Telnet since SSH & WebAdmin are both - CONNECTION REFUSED. So, does the Root have a default password or does it CHANGE to the same as Web Admin when someone changes the "admin" password through the Web Admin? I know the "admin" & <Mypassword> that I used on the Web Admin. UPDATE: I logged in on Telnet using "root" and <Mypassword> from WebAdmin. Now what are my options? I'd like to save a bunch of the configuration info (especially a lot of the IP & Mac stuff I've put in Static DHCP) and when I have more time I'd updated it with the new Shibby or Toastman build.
I was able to connect via Telnet and play around with some of my *nix commands I remember from a while back. Here's some output. Where do I go now and what do I do? What can I do? Do I/ can I download this "messages" log file to my Windows desktop via Telnet? Its been ages and dont know how. Code: AS_TOM_HOST login: root Password: Tomato v1.28.9054 MIPSR2-beta K26 USB vpn3.6 root@AS_TOM_HOST:/tmp/home/root# ls root@AS_TOM_HOST:/tmp/home/root# /var/log/messages -sh: /var/log/messages: Permission denied root@AS_TOM_HOST:/tmp/home/root# chdir root@AS_TOM_HOST:/tmp/home/root# chdir /var/log/messages -sh: chdir: can't cd to /var/log/messages root@AS_TOM_HOST:/tmp/home/root# ls root@AS_TOM_HOST:/tmp/home/root# ls-l -sh: ls-l: not found root@AS_TOM_HOST:/tmp/home/root# cd root@AS_TOM_HOST:/tmp/home/root# cd.. -sh: cd..: not found root@AS_TOM_HOST:/tmp/home/root# chdir.. -sh: chdir..: not found root@AS_TOM_HOST:/tmp/home/root# chdir / root@AS_TOM_HOST:/# ls bin cifs2 etc jffs mmc opt rom sbin tmp var cifs1 dev home lib mnt proc root sys usr www root@AS_TOM_HOST:/# cd var root@AS_TOM_HOST:/tmp/var# ls lib lock log notice run spool tmp webmon wwwext root@AS_TOM_HOST:/tmp/var# cd log root@AS_TOM_HOST:/tmp/var/log# dir -sh: dir: not found root@AS_TOM_HOST:/tmp/var/log# ls messages messages.0 root@AS_TOM_HOST:/tmp/var/log# cd messages -sh: cd: can't cd to messages root@AS_TOM_HOST:/tmp/var/log#
Ok. I am not sure what all commands and features it allows. After some googling I tried "top" Here's the output. Code: Mem: 16900K used, 110052K free, 0K shrd, 2188K buff, 6852K cached CPU: 0% usr 0% sys 0% nic 99% idle 0% io 0% irq 0% sirq Load average: 0.00 0.00 0.00 2/27 2070 PID PPID USER STAT VSZ %MEM %CPU COMMAND 2070 2041 root R 1708 1% 0% top 408 1 root S 2544 2% 0% httpd -s 2041 384 root S 1720 1% 0% -sh 395 1 root S 1720 1% 0% crond -l 9 564 1 root S 1720 1% 0% udhcpc -i vlan2 -b -s dhcpc-event -H A 328 327 root S 1712 1% 0% /bin/sh 384 1 root S 1704 1% 0% telnetd -p 23 330 1 root S 1700 1% 0% syslogd -L -s 50 332 1 root S 1696 1% 0% klogd 1 0 root S 1308 1% 0% /sbin/init noinitrd 326 1 root S 1296 1% 0% buttons 327 1 root S 1264 1% 0% console 398 1 root S 1192 1% 0% nas 1442 1 nobody S 1076 1% 0% dnsmasq -c 1500 --log-async 404 1 root S 1028 1% 0% rstats 389 1 root S 1012 1% 0% eapd 286 1 root S 748 1% 0% hotplug2 --persistent --no-coldplug 90 2 root SW< 0 0% 0% [mtdblockd] 5 2 root SW< 0 0% 0% [khelper] 2 0 root SW< 0 0% 0% [kthreadd] 3 2 root SWN 0 0% 0% [ksoftirqd/0] 4 2 root SW< 0 0% 0% [events/0] 17 2 root SW< 0 0% 0% [kblockd/0] 43 2 root SW 0 0% 0% [pdflush] 44 2 root SW 0 0% 0% [pdflush] 45 2 root SW< 0 0% 0% [kswapd0] 46 2 root SW< 0 0% 0% [aio/0]
top shows httpd running, which means the webserver is at least running on TCP port 80. You can verify that it's listening by doing netstat -l -n | grep LISTEN (please note that UNIX is case-sensitive so type that command correctly; that's netstat hyphen-ELL not hyphen-ONE, and that's a pipe symbol (Shift Key + \ Key)). You should see a line like this: Code: tcp 0 0 192.168.1.1:80 0.0.0.0:* LISTEN The above is from my own RT-N16 router, and indicates the webserver is listening on IP address 192.168.1.1 (default). If you have changed the IP address of your router then yours may be listening on a different IP. The -s flag to httpd causes it to listen on TCP port 443 (SSL / HTTPS) as well, so you should have a similar entry for :443. Based on that I can tell, bare minimum, you have enabled HTTPS in the router (via the GUI, this would be: Administration -> Admin Access -> Local Access -> HTTP & HTTPS). There is also the possibility that you chose Local Access -> HTTPS, in which case the router is ONLY listening on port 443, and you will not be able to diagnose the problem described below (because the below method uses plaintext/HTTP, not HTTPS. There is no way to diagnose SSL this way) You can verify the webserver is actually functional by telnetting to the IP address on port 80 and verifying it manually. Given your unfamiliarity with UNIX (I can see you doing things like trying to cd into files rather than directories, and doing things like "ls-l" when you mean "ls -l" (note the space)), this may be difficult for you to verify. This is how you would verify it -- by issuing telnet {ipaddressofrouter} 80 on the router itself (do not use "telnet localhost 80" or "telnet 127.0.0.1 80" if someone tells you to). If it's successful in connecting, you won't see any output. At that point you need to type in GET / HTTP/1.0 and hit Enter twice. It's very important you use proper capitalisation and proper spacing here. You should get back an HTTP 401 response from the server indicating lack of authentication credentials, which is normal. If you get back this response, then the webserver is answering / alive / working and the problem is with something else on your network or you have done something very strange to your router/configuration (possibly iptables/firewall-related) and managed to lock yourself out of it (effectively). Here's an example of what you should see: Code: root@gw:/tmp/home/root# telnet 192.168.1.1 80 GET / HTTP/1.0 HTTP/1.0 401 Unauthorized Date: Fri, 10 Aug 2012 17:10:31 GMT Content-Type: text/html; charset=utf-8 Cache-Control: no-cache, no-store, must-revalidate, private Expires: Thu, 31 Dec 1970 00:00:00 GMT Pragma: no-cache WWW-Authenticate: Basic realm="tomato" Connection: close <html><head><title>Error</title></head><body><h2>401 Unauthorized</h2> Unauthorized</body></html>Connection closed by foreign host The telnet binary that comes with Busybox is a complete pile of junk, but that's the way it goes. At least it functions to this degree. If you want to view the router log, you can simply do cat /var/log/messages and see the output for yourself. The information in the log is only helpful if you know what you're looking at though.
Thanks. I just ran netstat as you had suggested (I've used it many times) and it showed up with this: Code: Tomato v1.28.9054 MIPSR2-beta K26 USB vpn3.6 root@AS_TOM_HOST:/tmp/home/root# netstat -l -n | grep LISTEN tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN tcp 0 0 192.168.X.Y:443 0.0.0.0:* LISTEN tcp 0 0 :::53 :::* LISTEN tcp 0 0 :::23 :::* LISTEN After looking at 443 I just remembered that I had probably set it up for HTTPS access only. Figured out why I was not able to access. Thank you so much. I totally forgot and was wondering why HTTP was being rejected. Damn, I figured that even if I accessed via HTTP, it would auto-invoke & go from HTTP to HTTPS to secure the connection as with certain sites I've used. Is there a way to make it do that?
Ah, always the simple explanation... ;-) Glad you got it figured out. At this time there is no way to make the webserver automatically redirect http://routerip/ to https://routerip/. And yes, this is something that needs to be done 100% within the webserver, not via iptables rules or otherwise. Is it do-able (technologically)? Yes absolutely, but such a feature presently does not exist. You know the open-source mantra by now I'm sure: patches are welcome...
I'm having a very similar problem, I can't log in. Except my router running tomato shows this: Code: Mem: 11776K used, 2752K free, 0K shrd, 1416K buff, 4904K cached CPU: 0% usr 2% sys 0% nic 97% idle 0% io 0% irq 0% sirq Load average: 1.00 0.97 0.68 1/15 1573 PID PPID USER STAT VSZ %MEM %CPU COMMAND 3 1 root SWN 0 0% 0% [ksoftirqd_CPU0] 185 1 root D 996 7% 0% miniupnpd -f /etc/upnp/config 1573 1571 root R 1952 13% 2% top 1 0 root S 1728 12% 0% init noinitrd 63 1 root S 1940 13% 0% telnetd -p 23 7 1 root SW 0 0% 0% [mtdblockd] 1571 63 root S 1972 14% 0% -sh 1569 1 root S 1968 14% 0% /bin/sh /etc/qos stop 1570 1569 root S 1480 10% 0% tc qdisc del dev vlan1 root 332 1 root S 1952 13% 0% udhcpc -i vlan1 -s dhcpc-event -H unkn 70 1 root S 1532 11% 0% dropbear -p 22 2 1 root SW 0 0% 0% [keventd] 4 1 root SW 0 0% 0% [kswapd] 5 1 root SW 0 0% 0% [bdflush] 6 1 root SW 0 0% 0% [kupdated] # netstat -l -n | grep LISTEN tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
httpd isn't running on your router, which is why the web page / GUI interface doesn't work. You can try starting it manually (run httpd or httpd -s), but I make no promises that it stays up/running. Otherwise just reboot the router via the reboot command and see if it comes back up. I also find it funny that there's a "/etc/qos stop" script still running. Amusing. I would strongly advocate rebooting the router altogether.
Thank you very much, it didn't seem to work after the first reboot, but it's back up and running now!
