Release Asuswrt-Merlin 3004.388.6 is now available

[MDM]

I have driver 23.20.1.1. APSD disabled, packet aggregation off, mimo power saving off.

PC is using high performance power plat.

Sleep on WoWLAN Disconnect and wake on xxx (remembrer acting weird in the past for me, so disabled it)?

 

[askan7]

Sleep on WoWLAN Disconnect and wake on xxx (remembrer acting weird in the past for me, so disabled it)?

That's the wake on lan/magic packet, irrelevant here. But y it's off.

Asus firmware has been really bad for me as of late in regards to latency.
AC86u has like perfect wifi. But started having ping spikes of 50-100 wired unless i disabled runner.
AX86s doesn't do that but wifi is trash. Not stable latency.

I'm considering just getting an openwrt router and using asus ac86u as ap or even ax86s if i can wireless to work properly with low latency.

 

[MDM]

That's the wake on lan/magic packet, irrelevant here. But y it's off.

Asus firmware has been really bad for me as of late in regards to latency.
AC86u has like perfect wifi. But started having ping spikes of 50-100 wired unless i disabled runner.

AX86s doesn't do that but wifi is trash. Not stable latency.

And Sleep on WoWLAN Disconnect that one is relevant..?

I know wake on lan/magic packet, is irrelevant here; but for me it acted sometimes strange (when out of hibernate).

 

[askan7]

And Sleep on WoWLAN Disconnect that one is relevant..?

I know wake on lan/magic packet, is irrelevant here; but for me it acted sometimes strange (when out of hibernate).

off by default. Didn't even touch that one. For now the best settings for the ax86s seem to be making sure smart connect is off and 802.11ax / WiFi 6 mode disabled.

Even with wifi 6 only clients. Wifi 6 disabled = lower latency somehow

 

[nlurker]

Has anyone else noticed that the 388.6 router web page keeps logging you off? In 388.5 and before I could leave a tab going all day. Now, every time I come back to my computer I find that I have been logged off from the router. The auto logoff setting is still set to 0.

 

[MDM]

off by default. Didn't even touch that one. For now the best settings for the ax86s seem to be making sure smart connect is off and 802.11ax / WiFi 6 mode disabled.

Even with wifi 6 only clients. Wifi 6 disabled = lower latency somehow

Then maybe it is an AX86s specific issue.

One more thing, is it WPA 2 or 3, I have some clients not liking it with WPA3...

 

[askan7]

Then maybe it is an AX86s specific issue.

One more thing, is it WPA 2 or 3, I have some clients not liking it with WPA3...

wpa2 only. AX86s shares the same firmware with ax86u. Same wifi hardware/platform.
Also rmerlin 388.5 and 3.0.0.4.388_24231 stock are a lot better but still not as good as ac86u.

388.6 wifi is really bad for me with latency/latency stability

 

[MDM]

wpa2 only. AX86s shares the same firmware with ax86u. Same wifi hardware/platform.
Also rmerlin 388.5 and 3.0.0.4.388_24231 stock are a lot better but still not as good as ac86u.

388.6 wifi is really bad for me with latency/latency stability

Tried with different channels/wide I presume and measured interference on used one?

 

[askan7]

Tried with different channels/wide I presume and measured interference on used one?

No interference. 0 visible 5ghz networks. big property with a lot of land surrounding it.

Starting to think my ax86s is defective. I got a b-stock from asus webstore for cheap. Well it's less then a month old soo i'll probably contact asus.

 

[swejuggalo]

As a quick fix, changing the "log messages more urgent" field to "All" on the system_log/general_log page may work.

Have a syslog server up and running. Hopefully gives some leads.

 

[nlurker]

Has anyone else noticed that the 388.6 router web page keeps logging you off? In 388.5 and before I could leave a tab going all day. Now, every time I come back to my computer I find that I have been logged off from the router. The auto logoff setting is still set to 0.

Nobody? Maybe a Firefox update caused this?

 

[colossus]

Continued success after dirty upgrade on RT-AX86U Pro to 388.6 from 388.6_beta1
Post upgrade, presented with router login screen
No issues to report - no fiddling required - uptime 6+ days

• Wireless router mode (default)
• 6 devices wired
• 10 Sengled bulbs on 2.4ghz (ch 1 - 20mhz)
• 11 assorted Google devices on 5ghz including two Pixel phones w/ ax (ch 157 - 80mhz)
• WPA2-Personal
• dns server 8.8.8.8, 8.8.4.4
• no AiMesh | no AiProtection | no ASUS Router App
• no amtm | no usb
• MS Windows 11 Home | Edge Browser

Thank you @RMerlin

 

[wumbly]

Apologies as this seems to have been touched upon in prior posts (around #200). I'm having an issue noted in another thread where certificate uploads outside of Let's Encrypt* and the self signed certificate are not binding to the designated HTTPS port (in my example, a public certificate from GlobalSign).

My experience:

Firmware 3004.388.5 on RT-AX88U:

1. Log in to admin portal.
2. Go to Advanced Settings > Administration > System tab.
3. Scroll to Local Access Config section.
   • By the way, DDNS is not enabled, nor needed.
4. In "Provide your own certificate" section, upload unencrypted PKCS8 private key file and full chain PEM certificate file. Details populate on Installed Server Certificate section. Confirm details are of public certificate authority. No need to turn on DDNS.
5. Click Apply.
6. Certificate is then used correctly going forward (admin portal has certificate bound to HTTPS port, in this case 8443), may need to clear cache or double check with incognito mode.

Firmware 3004.388.6 on RT-AX88U:

1. Log in to admin portal.
2. Go to Advanced Settings > Administration > System tab.
3. Scroll to Local Access Config > Installed Server Certificate > Click here to manage.
4. Upload unencrypted PKCS8 private key file and full chain PEM certificate file. Details populate on Server Certificate section. Confirm details are of public certificate authority. DDNS is turned off.
5. Click Apply.
6. Uploaded certificate is not bound to HTTPS port.
7. Check in browser, confirm certificate is still ASUS self signed cert.
8. Confirm again that yes, Server Certificate data is correct.
9. Reboot device. No effect. Even checking in incognito window of given browser, certificate is self signed.
10. Turn on DDNS. No change.
11. Reboot. No change.
12. In Server Certificate field, click Export. Self signed certificate is exported even though Server Certificate field is displaying public certificate details. Also now noting the Root Certificate/Intermediate Certificate field is blank.

Going from 3004.388.6 to 3004.388.5 has resolved this issue in the meantime.

*I do not actually use Let's Encrypt, but I'm assuming the tool used is working.

 

[RMerlin]

Apologies as this seems to have been touched upon in prior posts (around #200). I'm having an issue noted in another thread where certificate uploads outside of Let's Encrypt* and the self signed certificate are not binding to the designated HTTPS port (in my example, a public certificate from GlobalSign).

Try uploading just your certificate rather than a complete chain.

Also look at the system log for any error message. Asus added a number of validation steps in their new certificate management. I eased them a little, but not completely.

 

[Kees17760]

Hi there,

Working fine, one minor thing though.
Uploading the restore settings (settings_xxx.cfg) file takes a long time (over 5 minutes). Regardless whether after a hard reset or not. Settings_xxx.cfg was created after a fresh install of the same FW version i.e. it is NOT an old backup.

It used to go much quicker, or as the notice says "Wait for approx. 60 secs".

No scripts or extras installed, only a few clients (<10) and 1 VPN client.

Regards Kees

 

[wumbly]

Try uploading just your certificate rather than a complete chain.

Also look at the system log for any error message. Asus added a number of validation steps in their new certificate management. I eased them a little, but not completely.

Solid advice, went back to 3004.388.6, uploaded cert only (no chain) and PKCS8 unencrypted private key, issue persists.

When checking the system log, I believe I turned on debug logging and this is what I got after pressing Apply and logging back in (greeted with the self signed cert warning in Chromium as well):

Jan 27 00:01:17 kernel: klogd started: BusyBox v1.25.1 (2024-01-20 12:34:03 EST)
Jan 27 00:01:46 rc_service: httpds 3074:notify_rc restart_ddns;prepare_cert;restart_webdav
Jan 27 00:01:47 WEBDAV_Server: daemon is stopped
Jan 27 00:01:47 httpd: Succeed to init SSL certificate...8443

Are there any other details I can provide? As mentioned, certificate is from a public CA. It is a wildcard and key length is 4096.

 

[FlamingIce]

Nobody? Maybe a Firefox update caused this?

In basic configuration (in System tab) set your auto logoff to 0 (zero)

 

[nlurker]

In basic configuration (in System tab) set your auto logoff to 0 (zero)

As I mentioned, auto logoff has always been set to zero and it still is. I toggled it to another number and back to zero and the problem continues. I never had this problem in all the years before 388.6. The only other recent change I noticed is that Firefox auto-upgraded around the same time. I am stumped if no one else sees this problem.

 

[alan6854321]

I am stumped if no one else sees this problem.

There's certainly been a change at 388.6 as it never used to work.
I have the timeout set to 120 minutes and it often left me logged in for days.
But now it works, and logs me out after 2 hours.
Haven't tried setting it to zero.

 

[RMerlin]

Are there any other details I can provide? As mentioned, certificate is from a public CA. It is a wildcard and key length is 4096.

I have no idea why it wouldn't apply it then, sorry. Keep in mind that the router's httpd daemon is way more basic than that of a real web server, so it can have more limitations as to what certificate it would support. I also know that Asus's new validations will now check what hostnames are supported by a certificate, so it's possible that they don't recognize a wildcard certificate.