News [ 386.3_Alpha Build(s) ] Testing available build(s)

[LimJK]

• I used iOS 14.5.1 built-in Scanner on my iPhoneXsMax
• RT-AX88U AiMesh Router's uses Merlin default WPA2 ... that is propagated to both my RT-AC86U AiMesh Node (I see it using Wifi Explorer App on Mac)
• I see WPA/WPA2 or WPA2/WPA3 of my devices from my MacBookPro macOS 11.3.1 (my System Preferences are sync on iCloud)
  • System Preferences -> Network -> WiFi -> Advanced
  • If I use QR code scan from my iPhoneXsMax the Security becomes WPA/WPA2
  • If I enter SSID and Password by hand the Security becomes WPA2/WPA3
  • Before I test the above each time, I remove SSID from both iPhone and MacBookPro and validated that it is gone.
  • Like I said it is just an observation and reporting it as part of alpha testing, I do not know the technicalities, just showing how I can recreate the reported issue repeatedly in my environment

View attachment 33964

Out of curiosity I tried out the WiFi QR code generated by the iOS Asus Router App version 1.0.0.6.30 and got the same WPA/WPA2. Asus Router App -> Insight (bottom menu bar) -> Easy WiFi Sharing -> QR code button

 

[LimJK]

I still don't understand what's happening. Are you telling me you can setup the iPhone and Mac WPA2/WPA3 diifferently from the rest of the clients? Maybe, I don't understand aimesh as I don't use it but my understanding is the global authentication is what the Aimesh router is set to and I thought you can not use WPA2/WPA3 because when you set to, the warning about using it is not recommended.
View attachment 33970

I think Apple decided to set it to WPA2/WPA3 (PSK) on my Apple devices when I enter password by hand. However, with WiFi QR code scan it decided to set it to WPA/WPA2. There is no option for me to choose.

As for the AiMesh Router I use Merlin's default WPA2 (PSK), and it gets propagated correctly to both my AiMesh Nodes, so I do not get the see the warning message you posted. I think Asus RT-AC86U does not support WPA3 (PSK).

 

[bluepoint]

I think Apple decided to set it to WPA2/WPA3 (PSK) on my Apple devices when I enter password by hand. However, with WiFi QR code scan it decided to set it to WPA/WPA2. There is no option for me to choose.

As for the AiMesh Router I use Merlin's default WPA2 (PSK), and it gets propagated correctly to both my AiMesh Nodes, so I do not get the see the warning message you posted. I think Asus RT-AC86U does not support WPA3 (PSK).

This is what I meant the clients don't decide what authentication it uses it always depends on how the router is set and the clients capability. If the router is set to WPA2 only, the clients cannot connect more than that so it seems there is nothing wrong with the Qcode scanner.

As for the AiMesh Router I use Merlin's default WPA2 (PSK), and it gets propagated correctly to both my AiMesh Nodes, so I do not get the see the warning message you posted. I think Asus RT-AC86U does not support WPA3 (PSK).

You will not see the warning until you change the wireless router authentication to WPA2/WPA3, you're right maybe it's not supported in 86U.

Just curious, when you said builtin scanner, is this the one in control center in 14.5.1?

 

[kda]

syslog:
May 23 20:06:56 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=54.38.4.8 DST=77.250.153.241 LEN=65 TOS=0x00 PREC=0x00 TTL=55 ID=1843 DF PROTO=UDP
May 23 20:07:39 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=146.88.240.4 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=T
May 23 20:07:42 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.27.228.59 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=37591 PROTO=
May 23 20:07:47 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.242.145.14 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=32004 PROTO
May 23 20:08:17 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=165.227.165.128 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=9661 PROTO
May 23 20:08:19 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=89.248.165.202 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO
May 23 20:09:19 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=192.241.208.136 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROT
May 23 20:10:38 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.27.228.63 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=10776 PROTO=
May 23 20:10:44 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=185.153.196.126 DST=77.250.153.241 LEN=40 TOS=0x08 PREC=0x20 TTL=240 ID=16280 PROT
May 23 20:11:41 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=206.189.45.195 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=12812 PROTO
May 23 20:11:41 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=110.189.90.21 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=36978 PROTO=

this goes on and on.


I haven't seen this in other/older version, the router is a RT-AX88U and the version is merlin 386.3 alpha Build.

 

[hervon]

syslog:
May 23 20:06:56 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=54.38.4.8 DST=77.250.153.241 LEN=65 TOS=0x00 PREC=0x00 TTL=55 ID=1843 DF PROTO=UDP
May 23 20:07:39 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=146.88.240.4 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=T
May 23 20:07:42 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.27.228.59 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=37591 PROTO=
May 23 20:07:47 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.242.145.14 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=32004 PROTO
May 23 20:08:17 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=165.227.165.128 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=9661 PROTO
May 23 20:08:19 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=89.248.165.202 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO
May 23 20:09:19 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=192.241.208.136 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROT
May 23 20:10:38 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.27.228.63 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=10776 PROTO=
May 23 20:10:44 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=185.153.196.126 DST=77.250.153.241 LEN=40 TOS=0x08 PREC=0x20 TTL=240 ID=16280 PROT
May 23 20:11:41 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=206.189.45.195 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=12812 PROTO
May 23 20:11:41 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=110.189.90.21 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=36978 PROTO=

this goes on and on.


I haven't seen this in other/older version, the router is a RT-AX88U and the version is merlin 386.3 alpha Build.

Skynet ...

 

[kda]

Skynet ...

yes you have right, it's skynet, i haven't thought about it, because there was standing kernel.
I have disabled skynet and it was gone.
The other question is why i haven't seen this earlier? no attention on this?

 

[Treadler]

syslog:
May 23 20:06:56 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=54.38.4.8 DST=77.250.153.241 LEN=65 TOS=0x00 PREC=0x00 TTL=55 ID=1843 DF PROTO=UDP
May 23 20:07:39 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=146.88.240.4 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=T
May 23 20:07:42 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.27.228.59 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=37591 PROTO=
May 23 20:07:47 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.242.145.14 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=32004 PROTO
May 23 20:08:17 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=165.227.165.128 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=9661 PROTO
May 23 20:08:19 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=89.248.165.202 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO
May 23 20:09:19 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=192.241.208.136 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROT
May 23 20:10:38 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=193.27.228.63 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=10776 PROTO=
May 23 20:10:44 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=185.153.196.126 DST=77.250.153.241 LEN=40 TOS=0x08 PREC=0x20 TTL=240 ID=16280 PROT
May 23 20:11:41 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=206.189.45.195 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=12812 PROTO
May 23 20:11:41 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=3c:7c:3f:db:7a:e8:00:17:10:91:4f:83:08:00 SRC=110.189.90.21 DST=77.250.153.241 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=36978 PROTO=

this goes on and on.


I haven't seen this in other/older version, the router is a RT-AX88U and the version is merlin 386.3 alpha Build.

Normal, just Skynet going about it’s business.

 

[Gar]

Skynet may not have been operating correctly before. I have been seeing alot of entries like that on a regular basis.

 

[kda]

thanks, i haven't saw it.
i'm looking at skynet:

Router Model; RT-AX88U
Skynet Version; v7.2.5 (10/05/2021) (e7c9858dc1d6fc9ac3120a1ad9874376)
iptables v1.4.15 - (eth0 @ 192.168.1.1)
ipset v7.6, protocol version: 7
IP Address; (77.250.153.241)
FW Version; 386.3_alpha1-gedfbfacce8 (May 19 2021) (4.1.51)
Install Dir; /tmp/mnt/par2/skynet (9.0G / 9.6G Space Available)
SWAP File; /tmp/mnt/par3/myswap.swp (2.0G)

the ipadress he want to block is his own, hmm i cant whitelist it, he says it's already there.
i think there is a other problem, i think you have right. i

 

[Treadler]

thanks, i haven't saw it.
i'm looking at skynet:

Router Model; RT-AX88U
Skynet Version; v7.2.5 (10/05/2021) (e7c9858dc1d6fc9ac3120a1ad9874376)
iptables v1.4.15 - (eth0 @ 192.168.1.1)
ipset v7.6, protocol version: 7
IP Address; (77.250.153.241)
FW Version; 386.3_alpha1-gedfbfacce8 (May 19 2021) (4.1.51)
Install Dir; /tmp/mnt/par2/skynet (9.0G / 9.6G Space Available)
SWAP File; /tmp/mnt/par3/myswap.swp (2.0G)

the ipadress he want to block is his own, hmm i cant whitelist it, he says it's already there.
i think there is a other problem, i think you have right. i

’SRC’ (source) is what is being blocked
’DST’ (destination) is you.

 

[Clark Griswald]

I'm curious how the new QR addition is working for all you alpha testers?
The QR ability would be great with the summer months approaching, and all the "guest" that seem to visit.
Stay Safe Everyone

 

[visortgw]

I'm curious how the new QR addition is working for all you alpha testers?
The QR ability would be great with the summer months approaching, and all the "guest" that seem to visit.
Stay Safe Everyone

It works great! Would you expect anything else from @RMerlin?

 

[RMerlin]

Nothing special about QR support on the router's end really, it all relies on your clients properly supporting it. Some Android devices make it easy (with Samsung: just start the camera app, point at a QR code, and wait for it to recognize it). For others (like my Huawei P30 phone), it requires you to use a special application.

The only potential issues might be for the people who think they are being clever by using non-alphanumeric or Unicode characters in their SSID. While I escape the recommended characters (quotes, baclslashes, etc...), I haven't bothered testing with a fancy SSID, and I don't even know if the QR standard officially supports these. For years people here on SNBForums have been suggesting against using these as they may lead to connectivity problems with some clients. This would be one of these.

 

[Hazel]

Nothing special about QR support on the router's end really, it all relies on your clients properly supporting it. Some Android devices make it easy (with Samsung: just start the camera app, point at a QR code, and wait for it to recognize it).

The same goes for (recent) iPhones and iPads (iOS 12 or higher). I've made QR codes manually using https://www.qr-code-generator.com/ and when scanned with the default camera app, it recognizes the QR codes and asks whether you wish to connect to the Wi-Fi network embedded in the QR code. If it doesn't work, open Settings > Camera > Enable 'Scan QR codes'.

 

[shabbs]

I'm curious how the new QR addition is working for all you alpha testers?
The QR ability would be great with the summer months approaching, and all the "guest" that seem to visit.
Stay Safe Everyone

I've printed it on a full 8.5"x11" page and will laminate and hang up. Hopefully the image scales up nicely... will test in a bit.

EDIT: Worked like a charm for me. Pointed my Samsung Note 10+'s camera to it, asked if I wanted to join the guest network. Tapped and joined. Easy peasy lemon squeezy. The printed QR code ended up being about 6" x 6". No issues.

 

[bluepoint]

I've printed it on a full 8.5"x11" page and will laminate and hang up. Hopefully the image scales up nicely... will test in a bit.

EDIT: Worked like a charm for me. Pointed my Samsung Note 10+'s camera to it, asked if I wanted to join the guest network. Tapped and joined. Easy peasy lemon squeezy. The printed QR code ended up being about 6" x 6". No issues.

Or if you don't have a printer, use mobile phone to scan farther clients. Connect mobile phone to the router's WEB interface, open the QR code and scan it from there.

 

[shabbs]

Or if you don't have a printer, use mobile phone to scan farther clients. Connect mobile phone to the router's WEB interface, open the QR code and scan it from there.

Or.... save an image on your phone, cast it to your 77" LG 4K OLED TV attached to your Nvidia Shield Pro and then have guests scan that.

Think I can convince the wife we need a 77" LG 4K OLED TV?

 

[L&LD]

@shabbs, if access to the internet is easier with the 77" LG, it's worth a shot trying to convince her, depending on the moment she may just say yes!

Just be sure you're ready to duck fast if anything chuckable is close by.

 

[elorimer]

As I reported in the original thread, this worked perfectly with my android phones, but didn't work with W10 or Chromebook laptop scanners, which properly triggered the attempt to join the network but reported the network out of range (that thing three feet away). Manually entering the same credentials worked fine, so I speculate that something about the QR is missing something those other things expect.

Interesting to me: the android app that worked fine on two android phones did not workwith the same android app on two Chromebooks.

 

[Jack Yaz]

Or.... save an image on your phone, cast it to your 77" LG 4K OLED TV attached to your Nvidia Shield Pro and then have guests scan that.

Think I can convince the wife we need a 77" LG 4K OLED TV?

I've convinced mine that we need to upgrade from our 55" LCD to a 65" OLED (sure i can't afford that, but I have agreement in principle haha)