Omnia Turris, Other Firmware, make hardware usable for non programmers?

Omnia Turris have more nic`s than PC Engines APU, a its looks not realy to be possible to use it depend on not realy usable webinterface, for not programmer. How about other operating systems ?

Debian:
Compatibility: https://wiki.debian.org/InstallingDebianOn/TurrisOmnia
https://blog.kleine-koenig.org/ukl/installing-debian-stretch-on-a-turris-omnia.html
https://wiki.debian.org/InstallingDebianOn/TurrisOmnia
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=289324&highlight=turris

Make Debian
supports some ARM CPU on this time, dont no support Omnia Turris ARM
https: //forum.turris.cz/t/pfsense-as-router-os/48

Proxmox:
https : //forum.proxmox.com/threads/arm-future-of-proxmox.37991/
Alternate:
Should be possible to install after install ARM compatible Debian at first:
https://pve.proxmox.com/wiki/Installation

Open-WRT compatibility:
Should be possible in generell, becaus Omnia based on Open WRT.
https://wiki.openwrt.org/toh/start
Tecnical Data: https://wiki.openwrt.org/toh/hwdata/turris/turris_turris_omnia A still no original Open WRT found. And its looks Turris Omnia still didnt give back to Open wrt.
Supportted devices: https://openwrt.org/toh/start

DD-WRT compatibility:
http://svn.dd-wrt.com/changeset/35113
https://www.dd-wrt.com/forum/viewtopic.php?t=287348&sid=b16b91055aaaa8f30895413f4deea145

Tomato
not clear on this time

pfsence/OPNsense compatibility
looks like not supportetr on this time
a one pfsence programmer offer to make working if he get one hardware for free
https: //forum.turris.cz/t/pfsense-as-router-os/48

IP Fire:
looks like not possible on this time
Forum: https://forum.ipfire.org/search.php?keywords=Omnia
pfSense as router OS?

Free BSD:
https://wiki.freebsd.org/FreeBSD/arm

Untangle NG Firewall:
Demo http://demo.untangle.com/admin/index.do
Features https://www.untangle.com/untangle-ng-firewall/software-packages/
Supported Routers https://wiki.untangle.com/index.php/Firmware
Wiki https://wiki.untangle.com/index.php/Turris_Omnia
Source https://sourceforge.net/projects/untangle/
Forum https://forums.untangle.com/
Download https://wiki.untangle.com/index.php/Downloads
Install How To: https://wiki.untangle.com/index.php/Turris_Omnia#Installing_the_Untangle_firmware

Who know alternate Firmware which make the router hardware usable for non programmer ?

############################
See also:
Turris Omnia, List of Software featurure requests:
Collecting Ideas for Hardware changings:
Improve Turris Omnia together and speak about:

1 Like

If you click on Advanced Administration in the Foris interface, you will find a link to LUCI.
It’s already installed and working (be aware that DNS settings are a bit tricky because the luci interface configures dnsmasq, not kresd).
If you just want a basic setup, Foris is functional enough to get you online and setup your wireless. Most home users don’t do more than that anyway. I guess it depends on what you are trying to do.

I’ve been running Untangle NGFW on Turris Omnia for some time now:

www.untangle.com

https://wiki.untangle.com/index.php/Turris_Omnia

1 Like

“If you click on Advanced Administration in the Foris interface, you will find a link to LUCI.
It’s already installed and working (be aware that DNS settings are a bit tricky because the luci interface configures dnsmasq, not kresd).”

Its not possible to set the follow minimum, wich make sens to use the router for anything by Webinterfaface (called somitimes foris) or advanced menue (called Luci):

  • secure DNS client
  • secure NTP client

“If you just want a basic setup, Foris is functional enough to get you online and setup your wireless. Most home users don’t do more than that anyway. I guess it depends on what you are trying to do.”

I guess, the most user dont know its possible to see every access of webpages on dns as clear text. That dont cange by useing https and no http webpages.

The most user dont know about, SSL certificates stop to be valide and crypted communication stopp, if non secured NTP used and manipulated.

[quote=“marekbrazina, post:3, topic:7314, full:true”]
I’ve been running Untangle NGFW on Turris Omnia for some time now:
www.untangle.com
https://wiki.untangle.com/index.php/Turris_Omnia[/quote]

Its interesting to see what is possible. A i didnt see the usualy missing features. Without this is a router a maximum wors case risk envirement:

  • secured DNS
  • secured NTP

One other point ist, yearly payment for private users. It can be it will get more private costomer by

It`s looks its now possible to install Debian on Omnia Turris for replace the still not realy usable original alpha status operating system.

https://blog.kleine-koenig.org/ukl/installing-debian-stretch-on-a-turris-omnia.html

**If debian working, thats sounds it will be possible to install debian based Proxmox an on proxmox all virtual machines what the heard looking for. (pe. pfsence, tomato, DD-WRT, proxy, webserver, IDS)

In all respect, that seems to be a rather subjective assessment. As far as I can tell quite a number of people are using TOs as their main routers quite happily, so your judgements “alpha status” (I assume you are using alpha as signifying incomplete and not as dominant) and “not really usable” seem a bit harsh.
Sure you are entitled to your opinion and I also believe it to be your right to voice that opinion; you will need to accept opposing opinions though :wink:

I bought two of TO routers too. I hope the Firmware will be rapidly better. Today, my both 300€ router are missing minimum features like possible to configure 1st and 2nd DNS server, 1st and 2nd NTP server by non programmers or special IT freaks.

Mmh, while I have sympathy for your situation, I do believe that your are a bit unfair to the turris team here. As far as I remember there was no promise of either manually configurable DNS or NTP servers anywhere.

I also believe (but I have not tried that myself) that selecting configuring NTP servers should be relatively easy in luci. Have a look at:
https://192.168.1.1/cgi-bin/luci/admin/system/system
I assume here you TO has the 192.168.1.1 IP address. As far as I can see this will allow you to manually configure NTP servers. BUT the TO like few other home routers has a battery powered real time clock so will keep a reasonable estimate for the wall clock time even if powered down, so you TO will not have the “traditional” window of “bad” time that home routers often have which make dnssec not work during bootup (AFAIK openwrt works around this by disabling dnssec until NTP worked to correctly set the time, so there is a window in which dnssec is not available which the TO most likely does not have).

About the DNS server settings I believe this is indeed not easily possible (in openwrt it is relatively easy, but the omnia uses its own DNS resolver (kresd) that does not seem to expose its config settings in either foris or luci, so you are right about DNS configurability, see https://doc.turris.cz/doc/en/howto/dns). Now according to https://doc.turris.cz/doc/en/public/dns_knot_misc kresd can actually be configured to a) use different DNS servers like cloudflare’s and also to use TLS encryption so your ISP can not see your DNS queries (but do not kid yourself, cloudflare now is the party that knows, so this is not anonymous). According to this thresd https://forum.turris.cz/t/using-dns-over-tls-or-https/6996/48 the over-TLS functionality is intended to show up in foris in the (unspecified) future.

Again, opinions can differ, but all I see with the turris folks are an active maintainers that care to implement new features and to distribute timely security updates (compared to other home routers).
So I still can not understand why the NTP and DNS issues are showstoppers that make you judge the TO to be alpha status and “not really usable” generally (as compared to your own use, there you are of course entitled to have the strictest requirements).

1 Like

Thats true, can configure NTP on https://192.168.1.1/cgi-bin/luci/admin/system/system A its not clear it wil be used. because not all what can be configured on advanced webinterface (some people call it luci). Some thinks are not avaulable on Webinterface (some people call it Foris) and not on advanved webinterface (luci). SSH are not realy a way for customer thats for developer.

P.e. configuring DNS looks like are ignore by system. P.e. on http://192.168.1.1/foris/config/main/dns/ can be checked DNS is working or not. A http://192.168.1.1/foris/config/main/dns/ is meaning DNS is working, without a DNS Server is configured on http://192.168.1.1/cgi-bin/luci/admin/network/dhcp You see, it cant be true booth. No configured DNS and working DNS.

I assume your just a packet capture remote from finding that out (wireshark is your friend :wink: )

Sure, but that is rather well documented.

I disagree, often access per terminal is the most efficient way to figure something out and it does allow to tap into the vast documentation on how to do things in the Linux command line environment available on-line. But sure, it is nice if SSH is optional/not required for “normal” operations.

Well, the first page I linked to actually addresses this question. The luci page is for using dnsmasq as both DHCP server and DNS resolver, but the TO uses the Knot resolver and hence ignores the dnsmasq settings. (Not that it is that straight forward to add your own DNS servers to dnsmasq, :wink: and it will not work solely with the luci GUI).
I do agree that this is not necessarily super obvious, but a bit of googling reveals a lot of information, so it is not that bad.
Now, I also believe that the goal for the foris GUI is to partly hide the complexity of the luci GUI that often does not seem justified for what “casual” network admins actually want to accomplish and want to read up on.
Again, I do not want to acknowledge that you are unhappy with the current state of turris OS, and I hope that future changes will remedy that. I really only wanted to note that your judgement seems a bit hash and I believe is also not universally shared by TO users.

Best Regards

TO is a bit different from the average consumer router and offers a bit of both worlds, the less advanved user (Foris) and the more advanced (LuCI + ssh) and even beyond that for the adventurous geeks. The router’s price tag may not play into it, considering that its hardware alone is in ways often superior to other consumer grade routers and offers by far more capabilities to play with, let alone open source vs. proprietary.

Foris may not be as extensive as other routers’ gui but then in reflection of aforesaid such is not surprising, yet should serve the less advanced user just fine, whom in my experience would often not even know what DNS is, or NAS or NTP or etc.

Untangle is good looking. A i dont see support DNSCrypt and a secured NTP.

It`s still hard to find a Software which make sense to keep a Turris Omnia hardware.

Get running Open WRT on Turris Omnia ?

I still looking for a way to use the Turris Hardware for anything.

Using the originaly Open WRT software should fix follow from not usable Turris Omnia OS for no programmers:

  • not possible to set DNS server
  • no possible to set up Open VPN Client
2 Likes

@Hubert, I understand that you are unhappy with your purchase of your omnia, but really “terrible Turris Omnia OS” in bold is a bit much, for features that, as far as I can see, where never promised by the turris team. You can keep adding slightly offending posts, but do you really believe that this will really expedite getting your itches scratched? Since I believe my words are not well received and most likely will not change much, I will shut up now.

1 Like

Lost a litte bit money is not so terrible like loosing month of time. Last week i ordered two PC engine boards. That make it possible to use standard software like pfsense, ipfire, Tomato, DD-WRT, Proxmox, Debian, Win XP, Win 7 and so on.

Looking on TO will be for me only on low priority in future.

2 Likes

No development is needed to use all functionalities of the Turris Omnia. You just need to use the command line to use features that are not exposed in the web interface. Using the command line is accessible even for “non programmers”. If you plan to use tool like mentioned above I think you would greatly benefit spending a little time to use Linux command line.

1 Like

Thats great for Freaks t try some thing. A its nothing for business depend on it need to much time to finger out every step on how tos. Additional, do you realy mean,more than 5% of users are able to read toons of how to`s on other languages and try again and again some thing on command line ?

The GUI menue should support the minimum functions of a router like follow and should be self explanatory without need to lost time, time and time:

  • secured NTP
  • secured DNS like DNS over TLS or DNS over HTTPS
  • full featured WLAN menue items
  • and so on

The full Lis of feature request you can see on follow links:
Collecting Ideas for Hardware changings:
Turris Omnia, List of Software featurure requests:

1 Like

Mozilla released WebThings Gateway for Turris Omnia.

It’s mostly for IoT integration.