What's new

Release Asuswrt-Merlin 386.4 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Just checked it again here and it's working fine. Forwarding external port 5555 to internal port 443.

Check the rule is present under System Log - Port Forwarding.

Also check that xxxx.synology.me still resolves to your WAN IP.
Thank you for your quick diagnosis.
When I ping the host name my public ip address is found. I don't understand where the problem comes from... it worked in 386.3_2.
 
Last edited:
VPN Client Download Speed Improvement this release.

On my VPN download speed has improved by 50 Mbps to on average approximately 190 Mbps when connected to either Miami - 200 miles or Atlanta 500 miles.

Occasionally the VPN speed is over 200 Mbps.

This is from the automatic speed test run using spdMerlin on my AC86. ISP speed no VPN normally close to 700 Mbps. Running WireGuard on my VPN appliance download speed usually 680 Mbps.
 

Attachments

  • CompleteResults_VPN1_3.pdf
    413.3 KB · Views: 98
Seems the new version of dnsmasq has poor support for long list of custom servers, previous version works fine. After upgrading, dnsmasq process uses a whole cpu and top suggest a very high load around 10.

I checked the changelog for dnsmasq it indeed did something related and they claimed to have a much better performance which in my case is opposite.

FYI, I have a custom list of servers with 60000+lines. Now I have to shut it down.
I'm seeing a problem also related to dnsmasq causing problems... after a day or 12 hours (seems random) my devices stop being able to renew their leases and start failing to get to the internet... looking at the router GUI, the cpu is being heavily used, and when I check "top" it's clear that dnsmasq has gone haywire and is using a ton of cpu, but apparently not getting anywhere. "service retstart_dnsmasq" and all gets better.

This happens w/o any changes being made for hours/days and everything else seemlingly working fine and no errors in the logs to indicate a problem with dnsmasq.

Same setup running 386.3_2 never had problems like this.
 
All my devices lost connection over the night and every time I tried to connect a client to the router(this morning) I was giving the - Cannot obtain IP address. The issue was fixed with a reboot of the router.
I saved the logs but have no idea what to look after.
The most repetitive message I can see there is for wlceventd : Disassociated because sending station is leaving (or has left) BSS (8), rssi:0
and in messages i get restart DNS mask and then "not mesh client, can't update it's ip".
Was seeing the same thing on my router (AC86U) and "service restart_dnsmasq" fixed it... dnsmasq was spinning on the cpu but not handing out leases.

Seems like it could be related to https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016018.html ("Infinite loop in dnsmasq v2.86?")
 
Last edited:
Just checked it again here and it's working fine. Forwarding external port 5555 to internal port 443.

Check the rule is present under System Log - Port Forwarding.

Also check that xxxx.synology.me still resolves to your WAN IP.
I think I found the solution, my FAI forced the CGNAT migration. As a result, some services don't communicate through the dmz between my box and the asus router. That's probably why I can't access my NAS from outside, the nat is broken.
I have to call my fai tomorrow to remove the CGNAT...
 
Fwiw. Setting Group Key Rotation Interval to 86400 (1 day) on 2.4Ghz helped me stay connected with old/new iot's. Finally :) Happy. On page Wireless - Professional everything is set to Off what can be set Off.

2.4 .gif
 
I have a script that checks (every hour) whether devices can still be reached from the router (via ping).

Lately I get multiple push notifications per day to inform me that a device (always the same, ironically the one closest to the router), connected on the 2.4 GHz band, cannot be reached. This device still shows a connected status on its screen, but it really cannot be ping’d.

I think this started with 386.4
hey @XIII

that looks interesting, can you share it? also where do you place that script?

thnx
 
As a temporary solution you could have your script use wl to deauthenticate and deauthorize the device to force it to reconnect.
Unfortunately this does not work for me; less than 2 hours after adding this to my script the device got offline again and now I even had to manually reconnect on the device itself to get it online again.

Fwiw. Setting Group Key Rotation Interval to 86400 (1 day) on 2.4Ghz helped me stay connected with old/new iot's. Finally :) Happy. On page Wireless - Professional everything is set to Off what can be set Off.
Unfortunately this does not work for me; less than 2 hours after changing it, well: see above...
 
that looks interesting, can you share it? also where do you place that script?
It's essentially the ping command also posted in post #684.

I was using this:
Bash:
#!/bin/sh

check_reachable() {
    ping -c1 -q -w10 "$1" >/dev/null 2>&1
}

for HOST in ... ... ...
do
    if ! check_reachable ${HOST}
    then
        ... notify
    fi
done

I have put this script in /jffs/scripts and execute it every hour (hh:55) via cru:

Bash:
➜ cru l
55 * * * * sh /jffs/scripts/check-reachable #Reachable#
 
@ColinTaylor
Here is a feedback on my port forwarding problem.
I contacted my internet provider this morning and indeed there was in December an automatic update of my box in CGNAT (which led to the loss of NAT and DMZ in ipv4)
My internet provider made this morning a "Rollback" and I am again in IPv4 full stack. I have access to my NAS from outside again ! (logical because the DMZ is working properly again between my box and the asus router)
So the port forwarding problem was not with the asus router but with my internet box.
Everything works now, the new 386.4 firmware on my AX88U is really very stable and works perfectly.
Thanks again to the whole team :cool:
 
Last edited:
Just wanted to chime in and say that my upgrade seems to have gone well.

Did a full nuclear reset update on my AX88U and 2 AC86U nodes this weekend (was still on 384.19). Setup consists of about 10 reserved addresses, some port forwards, 1 VPN server, Diversion, Skynet, Unbound, and 3 MOCA devices. Took about 3-4 hours to slowly get everything back up and setup properly, but haven't seen any issues in the ~40 hours since the final system reboot.

As always, thanks for everyhting!
 
Dirty upgrade from 386.4 beta 3 to 386.4 (final) a few minutes ago. So far so good.

Happy New Year and thank you Éric!!!
I also have a RT-AC68U and I am running 386.4 beta 3 but when I try and upgrade to 386.4 (final) I get "Firmware upgrade unsuccessful. This may result from incorrect image or error transmission. Please check the version of firmware and try again.". I went back to stock and then tried again and it still gives be the same message?

Never mind... I downloaded it from the mirror on OneDrive and that one worked fine.
 
Last edited:
Hi,

I've done a dirty upgrade on a Asus RT-AC66U B1 router six and a half days ago from firmware 386.3_2 to 386.4_0 from a remote location using openvpn.

About five days ago I've done a dirty upgrade on my Asus RT-AC68U with HW ver. A1 router from 386.4_beta1 to 386.4_0 from the premises. I also used 386.4_alpha2 and both 386.4_alpha3s on this router, all dirty upgrades one after the other from 386.3_2. I didn't use the other betas because I was away from the router and didn't want to risk losing connection to it's lan by doing a remote update and when I got back, 386.4_0 was already released.
Just as a side note, when I updated to 386.4_alpha2, my SanDisk Ultra Flair 3.0 32GB flash drive, that I used for some scripts and swap, died. It served me a good 3 years and 2 moths and it still has until 5 years of warranty, but since it failed in the best way possible, by being set to read-only mode, I thought that for $7 (19% VAT included) I should just get another one and I did, but not before five days ago, when updating to 386.4_0.

Since I live alone now and have only a wired desktop and an iPhone 6 as a WiFi device, I didn't "catch" the 2.4 GHz WiFi problem, since the phone was connected to WiFi, on 5 GHz, and I didn't investigated on which frequency it was connecting. I have no other WiFi equipment. Edit: Total brain fart on my part, I have a smart tv which has dual band WiFi 4, but which I don't keep connected to the network, I only use it via HDMI.

After reading through this thread and seeing the multiple reports on 2.4 GHz WiFi not working I decided to investigate and indeed it isn't working for me also (i.e. my iPhone 6 cannot connect to it). Strangely, my sister's Asus RT-AC661 B1, which I updated remotely and which uses the same firmware as my Asus RT-AC68U, doesn't seem to have this problem, at least not with the clients she's using, a Motorola mobile phone (don't know the exact model, E6 play or something like this) which only has 2.4 GHz WiFi and an old Toshiba laptop (with a Core2duo cpu) which I believe is only 2.4 GHz capable as well. Other phone and laptop are 5 GHz capable and should work at least on this frequency.

I tried many different thing, short of resetting my network setting on the iPhone (which may very well have solved the problems, but for not wanting to lose the various saved WiFi profiles I didn't do) and couldn't make the phone connect to 2.4 GHz WiFi. I've rebooted the phone and forgot the WiFi network, also used a different SSID and password on the router but to no avail, it doesn't connect.
On the router (always using 20 MHz, channel 1, WPA2-Personal and 3600 seconds group key rotation interval) besides the aforementioned different SSID and password, I've tried: Wireless Mode: Auto, Legacy and N-only; disable 11b option (which once enabled I could not disable, unchecking the box and hitting Apply button would result in the checkbox returning); Protected Management Frames: Disable, Capable (the setting that I'm using); Preamble type: Short and Long; DTIM interval: default of 3, tried 4, 50; Modulation scheme: MCS7 and MCS9; Airtime Fairness, Explicit Beamforming and Universal Beamforming: Enabled and Disabled.
I also tried cold booting the router, resetting the settings, formatting jffs and the usb flash drive (all further tests were done without the flash drive connected). I reset the settings both from WebUI and by holding WPS button from a cold start until power led started blinking.
After rebooting with all settings wiped, the phone would connect to the default, open "ASUS" ssid; but as soon as I changed it in the WebUI wizzard, so just a different ssid and with a password, it would no longer work.
Tried older firmware 386.3_2 and 386.2_4 (just to see the wireless drivers) and both worked.

I also tried the two latest stock firmwares, version 3.0.0.4.386.45934 from 2021-11-16 and version 3.0.0.4.386.45987 from 2021-12-16, WPS resetting every time, also cold booting. The former, 386.45934, exhibits the same behavior as 386.4_0, which is the iPhone could not connect, while with the latter, 386.45987, the iPhone can connect once again.

I've downgraded my Asus RT-AC68U to 386.3_2, restored the setting, restored jffs partition, plugged in the usb flash drive, rebooted and waiting on the next alpha once RMerlin receives an updated gpl from Asus and has time to merge it and compile it.

Edit: I've upgraded to 386.4_0 again to test using the smart tv and the phone and long story short now I can reliably connect both the tv and the iPhone to the 2.4 GHz WiFi as long as Disable 11b is not checked. If I check it and hit Apply, I cannot uncheck it from WebUI, as I previously said, but it can be done from the terminal:
Code:
nvram set wl_rateset=default
nvram set wl0_rateset=default
nvram commit
service restart_wireless

With Disable 11b checked, the two nvram variables are set to ofdm; I checked the Asus RT-AC66U B1 and it has the two variables set to default.
I don't know how my earlier tests failed since after a reset these variables are set to default, but nevertheless they did.
These are the settings I use now for 2.4 GHz:

View attachment 38459
View attachment 38461
Edit 2: I'll make a new post and link it here once it's done.

Thank you RMerlin for your efforts!
I've done more testing after ~30 hours of the phone remaining connected to the 2.4 GHz WiFi, and can say that my previous testing was wrong and as such my reporting on it was also wrong, for which I apologize.

It seems that every time I tested and the phone could not connect, I actually checked the Disable 11b checkbox. Testing again either one of AsusWRT-Merlin 386.4_0, AsusWRT 3.0.0.4.386.45934 or AsusWRT 3.0.0.4.386.45987, all hard reseted by holding the WPS button, the phone connects as long as I don't apply the checkbox and fails to connect if applying the checkbox.
2.4GHz-Disable11b.png

More over, applying the Disable 11b checkbox sets the nvram variables wl_rateset and wl0_rateset from the default values of default to the new value of ofdm and cannot be removed using the WebUI. It can be done from the terminal by executing the following commands:
Code:
nvram set wl_rateset=default
nvram set wl0_rateset=default
nvram commit
service restart_wireless

I also have a RT-AC68U and I am running 386.4 beta 3 but when I try and upgrade to 386.4 (final) I get "Firmware upgrade unsuccessful. This may result from incorrect image or error transmission. Please check the version of firmware and try again.". I went back to stock and then tried again and it still gives be the same message?
Try these, in this order:
  1. soft remove all usb drives attached to the router: go to Network Map (/index.asp), under USB 2.0 and/or USB 3.0, hit Remove button. This frees up RAM that can be used in the firmware upgrade process, which gives a better chance of successful upgrade. You can leave the drives physically attached to the router as long as you don't reboot before the upgrade;
  2. if 1. fails, cold boot the router without any usb drives attached: turn off router by power button or removing the plug from wall or router, disconnect all usb devices from router, wait ~20 seconds for the electricity remaining in capacitors to drain, replace the plug or press the power button, let the router boot and then try the upgrade;
  3. if 2. still fails, first make a backup of your configuration (and jffs partition if you have it enabled) in Administration - Restore/Save/Upload Setting (/Advanced_SettingBackup_Content.asp), Save settings button (and Save button for the jffs partition). Then hard reset the router by following the instructions in this link: https://www.asus.com/us/support/FAQ/1039074. After the router boots up, go through the initial wizzard of setting WAN, WiFi and a new user and password and then try the upgrade again;
  4. if even 3. fails, you can use the ASUS Firmware Restoration utility to upgrade the firmware;
  5. if 4. fails also, check that your RT-AC68U_386.4_0.trx file has the correct sha256 checksum of 9999cd9a12f97f927af0298a295dcfe269c71e21053e3ae17b4bec4dce0a69a8.
 
Last edited:
I updated a 86U no problems however........ Also using an RT AC-66U_B1 but the updater says it's the wrong hardware. I'm using the correct RT-AC68U_386.4_0. zip file. Trust me I'm double checking for correct versions. Current running 386.3_2 The extracted file is RT-AC68U_386.4_0.trx
With all due respect, why are you trying to use the RT-AC68U file on your RT AC 66U device?
 
This is what I see here:

HTTP only - crash
HTTPS only - OK
BOTH - OK

From Version History:
- Security and privacy reinforcement, adjust https as default authentication protocol

Instead of force closing on http though, it could show a notification that https is not enabled. Not too many users read Version History for every app updated. Apps update automatically on most phones, sometimes 10 at a time. The app still needs some improvement. I like the theme options.
Tech9,

I noticed that there is a new version of iOS Asus Router App Version 1.0.0.6.64 about 14 hours ago. For my AiMesh Environment in my Signature:
  • I have tested that it works with all the 3 Router's Authentication Method (HTTP, HTTPS, default)
  • I can also confirm that I have the same issue you reported with the previous version
 
With all due respect, why are you trying to use the RT-AC68U file on your RT AC 66U device?
66u_B1 Use same firmware as 68u
 
Tech9,

I noticed that there is a new version of iOS Asus Router App Version 1.0.0.6.64 about 14 hours ago. For my AiMesh Environment in my Signature:
  • I have tested that it works with all the 3 Router's Authentication Method (HTTP, HTTPS, default)
  • I can also confirm that I have the same issue you reported with the previous version
I just updated the iOS app to the same new version released today, I can now use it without crashes with HTTPS Only mode. So all good here.
 
Hi,

I updated my RT-AC68U from 386.2 to 386.4 today. Seems to be fine except guest wifi. I configured "Access Intranet = Disabled" (as in the past) to ensure guests wifi clients cannot connect to any device within my lan. However, in the past (with 386.2) I was able to contact / ping devices in the guest wifi. As I use the guest wifi for my IOT devices it is important to me to contact them from my lan. With 386.4 I cannot ping devices in the guest wifi any more.

Is there any new setup needed or is this a bug?

Thanks a lot
Chris
 
Status
Not open for further replies.

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top