What's new

Release Asuswrt-Merlin 386.3 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Hi,

Very happy to have the chance to have new firmware to update to.
It worked after first reboot.

Only one question I would have. I have dual fail over, unbound and VPN Client with strict DNS Configuration.
On 386.2 the public IP and DNS were updated from VPN Client for the listed clients only (not all traffic is designed to pass to VPN Client).

Now, only the DNS is from VPN Client, but the public IP assigned is the WAN public IP one. The rules were migrated. I had before the Policy strict to listed clients active.

Could you please advice what I have to change in order to have only some clients routed to VPN (IP + DNS) while keeep the Dual WAN fail over ON?


Thank you in advance,
amplatfus
 
I had the time so I thought after the beta2 experiences that this release would be perfect to start from scratch. So full reset, NVRAM erase etc etc (I went through the hoops that L&LD laid out for those who want to do things properly) and the result was no surprise. Rock solid in a sandy desert!
 
How are AC86U and AC68U temps looking on 386.3? After not being comfortable with the increased temp on initial 386.x builds, I've left them on 384.19.
 
dirty upgrade from 386.2_6 to 386.3

both flash attempts with USB drive attached
first flash attempt failed.
second flash attempt successful.

will now look at VPN director
 
Why i am getting this message?

Screen Shot 2021-07-26 at 2.15.22 PM.png
 
It's possible. 750 Mbps is what I would expect though from any dual-stream 802.11AC client however, so this looks normal to me.

VPN Director only deals with IP addresses. You would have to ensure that your Guest Network have specific IP addresses if you want to route these through the tunnel.

I haven't tested it, but this might be a good use scenario for the fact that Guest Network 1 now uses a different IP range than the rest of the LAN.


Is that subnet pushed by the server through the PUSH parameter? Check the system log for what gets pushed. If the server doesn't push it, then you might need to manually add it to your Custom Settings section.
@RMerlin I’ll have to check this, but it’s always worked up until 386.3.
The server is an RT-AC68U running Merlin 386.3 just as the RT-AX88U is.
 
Upgraded and also did a reset then reconfigured the AC86U, everything's okay so far.
The temps are good, if not better.
 
#1 did you do a simple google search for the error. Answer is right there from what i see. Folks are happy to help but its expected you dig a bit first. If you wont help you why should someone else.
#2 your trying to upload the wrong firmware.
I was trying to upgrade firmware.
No it was not the wrong firmware.
updated successfully after resetting Wireless - WPS Crypto Key.
I don't know why this is happened to me.
i am using Merlin from 2017.. i have basic understanding about "invalid firmware , custom firmware, google search etc."
 
Given the high number of VPN Director users and being new to VPN myself, I wonder whether everybody is using a paid VPN service?
 
Given the high number of VPN Director users and being new to VPN myself, I wonder whether everybody is using a paid VPN service?

VPNs some useful features. One is the ability to access online content in another country. Some content providers limit their content by country. Another is to ensure better privacy. When using a public wifi hotspot, some people will access their online content from the hotspot using a VPN into their home network that they have made more secure.
 
Hi,

Very happy to have the chance to have new firmware to update to.
It worked after first reboot.

Only one question I would have. I have dual fail over, unbound and VPN Client with strict DNS Configuration.
On 386.2 the public IP and DNS were updated from VPN Client for the listed clients only (not all traffic is designed to pass to VPN Client).

Now, only the DNS is from VPN Client, but the public IP assigned is the WAN public IP one. The rules were migrated. I had before the Policy strict to listed clients active.

Could you please advice what I have to change in order to have only some clients routed to VPN (IP + DNS) while keeep the Dual WAN fail over ON?


Thank you in advance,
amplatfus
Hi,

I figured out that when loading below lines in custom config, the WAN IP is leaking to the clients from VPN Client. The same config worked before 386.3 (in 386.2):

up /jffs/scripts/vpnc1-up.sh
down /jffs/scripts/vpnc1-down.sh
*Even with only activating up event, containing only below lines.

Code:
#!/bin/sh
logger -t "vpn-up-start" "vpnc1 up notification"
logger -t "vpn-up-end" "vpnc1 up notification"

After up event deletion, the WAN IP is replaced with the IP of the Client.
Could you please help me to find a way to receive notification when VPN client up/ down while using the Public IP from the VPN Client?

10q,
amplatfus
 
Didn't upgrade YET.. (Waiting for 'quite' time....) I suspect I'll have no issues as Merlin builds ROCK!!.

Quick Question.... I also have a 68U that I'm only using as a mesh node. To date, I haven't put any Merlin build on it (only ASUS Builds) and it and the Mesh, have been working great. Any reason why I should put Merlin build on it??
 
Thank Merlin, stable since multiple day on 2xRT-AX86U
 
Upgraded 386.3 Beta 3 to 386.3 final on my AC86u yesterday evening.

Took 3 attempts (due to lack of free memory?), but everything I use seems fine so far.
 
@RMerlin - Possible Bug/ Issue in VPN Server settings.

Using the Asus Router as a VPN Server
VPN Server -> IPSec VPN settings.
Setup the Asus Router as a IKEv2 server, no issues in setting up. I have setup my clients as IKEV2 clients and everything connects fine.

I then realised that I needed to change the allocated IP addresses for my clients, so I select
VPN Details -> Advanced Settings
And I changed the IP address range to 192.168.100.x
Hit apply... All saved successfully.


I then reconnect my clients, connection goes through successfully, clients connect - however the new IP address range is not reflected by the clients, they are still on the original range.

Did a bit of digging...

I then checked the ipsec.conf files and it seems that the change of IP address range is only reflected in the ikev1 section. The ikev2 section still reflects the old address range.
I am referring to the line

Code:
rightsourceip=

Hope you are able to replicate the issue with the above details...

Router: ASUS RT-AX88U, running version 386.3, no add-ons, no USB, jffs scripts enabled.
 
Upgrade RT-AX88U & RT-AC3100 from V386.2_6 Final to V386.3 Final via dirty firmware upgrade. 40+ devices (includes gaming, streaming, downloads, many IOT devices, etc.) and all appears to be working for main AX88U & backup AC3100 routers. Still postponing adding RT-AX58U with V386.2_2 Final into AiMesh 2.0, until Guest Network #01 issue is fixed, as Guest network is #01, and IOT devices is #02 currently in my setup.
 
Status
Not open for further replies.

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top