Release Asuswrt-Merlin 386.3 is now available

[ColDen]

Unmounted all USB devices, performed a dirty upgrade from 386.2_6 then cleared my browser cache once the router have rebooted. So far so good!!!

Thanks RMerlin and all the involved testers.

 

[tweakertje]

Upgraded successfully but now having problems with vpn. only the first connection is pushing the remote clients into my lan if I want the second vpn connection into my lan i have to disconnect the first vpn connection.
is this a bug??

 

[Jakem]

Thanks again for your hard work RMerlin,

Not sure this is the place for this questions but,
I noticed a small problem with VPN Director with the kill switch. I have PIA VPN, I route a single local IP via that VPN. With VPN Director, if i kill the OpenVPN client the kill switch works as expected, however upon reboot I see kill switch does not work. Traffic goes through my Public IP until the VPN client is connected.

Is there a log file which i can check out for further troubleshooting?

I'm running PIA Vpn also and when I disable the one pc's vpn in VPN Director the kill switch does not prevent the pc from accessing the internet. before upgrading to 386.3 if the tunnel went down I could not go to any internet site until I restarted the VPN service. Minor issue and certain it relates to a setting on my end as Merlin Rocks.
If you come across a solution please share it. Thanks
Spectrum 200/10 Asus RT-AC86U Dirty flashed from 386.2_2 to 386.3

 

[Chuckles67]

Dirty install on AC-66U_B1 with a OVPN client - everything working as expected. Thanks, once again!

 

[Gar]

Removed USB and rebooted, then simple update again. Thanks!

 

[Sonofdavidsfather]

Thanks Merlin. Dirty flashed from 386.2_2 to 386.3 several hours ago. Everything is working great.

 

[Morris]

Thank you for another job well done Merlin. All is well after dirty upgrade.

Morris

 

[maxbraketorque]

I currenty have 3 active VPN clients set up and YazFi in use - is there anything I need to do / save before upgrading?

Will YazFi still be required with VPN Director?

I have never had a bad experience yet with Merlin FW but my knowledge on policy based routing etc. is very poor, am a bit reluctant witht this upgrade!

YazFi has some issues with 386.3. If you need YazFi, you'll want to delay upgrading to 386.3 and wait for the next version of YazFi.

 

[cofetym]

Dirty upgrade on RT-AC86U usb still attached & RT-AC68U no issues!

Thanks ,Merlin

 

[Grievous Angel]

After 38 days of uptime on 386.2_6 I did a dirty upgrade.

I'm not sure what happened but it started broadcasting the two default Asus WIFI IDs. And took me to the "new router setup" page. I entered my old Wifi information and it started working again. Oddly it didn't ask me to change my admin password and indeed that was the same as before.

Paranoid (about what it might have remembered vs what it might have forgotten) I went ahead and did a full reset. Now I'll rack my brains trying to remember all my tweaks to "trim the fat" and turn off things that you guys have said aren't necessary or just don't plain work. Or maybe just run with all defaults?

 

[Howard_inGA]

Slick dirty upgrade from beta 3 to final.
Cycled Nord VPN on/off several times in the router without any hitches. I've been leaving IpV6 off since starting to use the router VPN rather than just running it from the clients, so no feedback on that portion. I am interested in seeing if it still works, but that's for tomorrow!
12 hours of flawless activity is sufficient for the day...

 

[SaintZ13]

I may be doing something wrong but VPN won't start for me

Jul 25 01:07:04 ovpn-client1[3455]: --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Jul 25 01:07:04 ovpn-client1[3455]: Options error: You must define CA file (--ca) or CA path (--capath)
Jul 25 01:07:04 ovpn-client1[3455]: Use --help for more information.
Jul 25 01:07:04 openvpn: Starting OpenVPN client 1 failed!
Jul 25 01:07:04 openvpn-routing: Clearing routing table for VPN client 1
Jul 25 01:07:05 kernel: EMF_ERROR: Interface tap11 doesn't exist
Jul 25 01:07:05 kernel: EMF_ERROR: Interface tun11 doesn't exist

 

[slidermike]

I may be doing something wrong but VPN won't start for me

Sure are sir. Apparently you have not uploaded the CA (or a valid CA file) file and its also complaining about no encryption (cipher) too.

 

[Unetwork]

I'm running PIA Vpn also and when I disable the one pc's vpn in VPN Director the kill switch does not prevent the pc from accessing the internet. before upgrading to 386.3 if the tunnel went down I could not go to any internet site until I restarted the VPN service. Minor issue and certain it relates to a setting on my end as Merlin Rocks.
If you come across a solution please share it. Thanks

Same problem here on my RT-AX88U. When Killswitch is active and the VPN goes down, my PC still has access to the internet.
Here is my rule that works before 386.3 for killswitch.
Thanks for your help

 

[predatorz]

Dirty flash from 386.2_6 to 386.3 smooth.
Running 386.3 for 0 days 18 hour(s) 15 minute(s) 30 seconds.

 

[octopus]

Same problem here on my RT-AX88U. When Killswitch is active and the VPN goes down, my PC still has access to the internet.
Here is my rule that works before 386.3 for killswitch :
View attachment 35213
Thanks for your help

Only if you do it manually and that is by design.

 

[Unetwork]

Only if you do it manually and that is by design.

Thanks for your answer. Yes, in fact the test I did is to disable the VPN manually with this button and the Killswitch did not work :

I hope that in case of real cut the connection will be cut because on the previous version, the manual deactivation of the VPN cut the connection well. So my rule is correct in VPN Director ?

 

[octopus]

Thanks for your answer. Yes, in fact the test I did is to disable the VPN manually with this button and the Killswitch did not work :
View attachment 35215
I hope that in case of real cut the connection will be cut because on the previous version, the manual deactivation of the VPN cut the connection well. So my rule is correct in VPN Director ?

You can test with "killall vpnclient1" and killswitch should working. Start with "service start_vpnclient1"

 

[octopus]

I have tested around with killswitch and it works as it should.
This is more than a wish that you should be able to choose if you want it selectable with old / new killswitch.

Understand that some people find it complicated that wan does not work when you manually turn off the vpn client.

What do you others think about the proposal?

@RMerlin

 

[Unetwork]

You can test with "killall vpnclient1" and killswitch should working. Start with "service start_vpnclient1"

thank you for your help. I just did the test and indeed the killswitch works perfectly with my ruler !
So it means that in case of real VPN cut, the connection will be cut as in my test ?
But I don't understand why cutting the connection manually with the button doesn't have the same effect (maybe to avoid having to turn off the killswitch and get the connection back ?)