What's new

Beta Asuswrt-Merlin 388.1 Beta is available for select models

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Read a post somewhere either in this thread or another about Guest Network issues on the 388 beta. On 388.1 beta 3 on my AXE16000, Guest Network clients on the 2.4 GHz band cannot connect to the internet if "Allow intranet access" is set to disabled.
 
Read a post somewhere either in this thread or another about Guest Network issues on the 388 beta. On 388.1 beta 3 on my AXE16000, Guest Network clients on the 2.4 GHz band cannot connect to the internet if "Allow intranet access" is set to disabled.
I reported this. Further troubleshooting revealed that this is not specific to the Merlin firmware, but an Asus implementation issue in general — the same occurs with the latest 386 Asus baseline and the recently released 388 Asus baseline for the GT-AXE16000. The issue is that the GT-AXE16000 does establish the appropriate VLANs (VLAN ID 501 for 2.4 GHz, VLAN ID 502 for 5 GHz, and, I assume, VLAN ID 503 for 6 GHz) on the AiMesh node(s). Using "brctl show" via ssh makes it completely clear (see screenshots). I have been attempting to address this via Asus tech support for about 3 weeks, but I have not had any success as of yet.
 

Attachments

  • Screenshot 2022-11-28 at 20.17.15.png
    Screenshot 2022-11-28 at 20.17.15.png
    82.9 KB · Views: 93
  • Screenshot 2022-11-28 at 20.17.38.png
    Screenshot 2022-11-28 at 20.17.38.png
    44.8 KB · Views: 84
I reported this. Further troubleshooting revealed that this is not specific to the Merlin firmware, but an Asus implementation issue in general — the same occurs with the latest 386 Asus baseline and the recently released 388 Asus baseline for the GT-AXE16000. The issue is that the GT-AXE16000 does establish the appropriate VLANs (VLAN ID 501 for 2.4 GHz, VLAN ID 502 for 5 GHz, and, I assume, VLAN ID 503 for 6 GHz) on the AiMesh node(s). Using "brctl show" via ssh makes it completely clear (see screenshots). I have been attempting to address this via Asus tech support for about 3 weeks, but I have not had any success as of yet.

I actually had no issues on the 386 code barring some GUI errors and inconsistencies - the Guest Network worked properly as well. "Access to Intranet" was set to disabled and clients on the SSID could properly access the internet.

I will put in a ticket with Asus as well and see where I can get. I wish Merlin had access to this code....would've been fixed already lol.

Update: Flashed back to stock 386.50168 and reset, then flashed Merlin 386.8 and reset. This issue, at least for me, is not present on 386.8 and is isolated to the 388 firmware. I am now back on 386.8 Merlin version until this issue is resolved. The whole point of a guest network is separating people from your LAN but allowing them internet access - and that is a simple feature that is 100% broken on stock 388.
 
Last edited:
Read a post somewhere either in this thread or another about Guest Network issues on the 388 beta. On 388.1 beta 3 on my AXE16000, Guest Network clients on the 2.4 GHz band cannot connect to the internet if "Allow intranet access" is set to disabled.
This was a problem on all models in the firmware versions just before 388 - but fixed I think as per this entry in the Change Log ...
Code:
  - FIXED: Clients connected to Guest Network 1 aren't
           redirected if NTP interception is enabled.
RT-AX86U definitely works now with above fix - and have been able to redirect all Guest traffic via VPN Client using VPN Director to internet.
In version 386 I had to use YazFi to sort the problem of keeping Guests out of my LAN and still giving them internet access!

Maybe you need to re-apply beta3 firmware and if that still doesn't fix ... you may have to do full reset and manual rebuild?

EDIT: - Ignore above ... I did not see subsequent responses to your original post. Seems the problem is specific to your router model :-(
 
This was a problem on all models in the firmware versions just before 388 - but fixed I think as per this entry in the Change Log ...
Code:
  - FIXED: Clients connected to Guest Network 1 aren't
           redirected if NTP interception is enabled.
RT-AX86U definitely works now with above fix - and have been able to redirect all Guest traffic via VPN Client using VPN Director to internet.
In version 386 I had to use YazFi to sort the problem of keeping Guests out of my LAN and still giving them internet access!

Maybe you need to re-apply beta3 firmware and if that still doesn't fix ... you may have to do full reset and manual rebuild?

EDIT: - Ignore above ... I did not see subsequent responses to your original post. Seems the problem is specific to your router model :-(
Yeah, I also flashed the official 388 firmware and reset - same problem. Definitely no internet access when that Intranet block is enabled.

Is NTP interception enabling the local time server option in System settings?
 
Yeah, I also flashed the official 388 firmware and reset - same problem. Definitely no internet access when that Intranet block is enabled.

Is NTP interception enabling the local time server option in System settings?
Yep - System tab on Administration page - under "Basic Config"...
intercept.png
 
The result of the
Code:
ssh-copy-id user@hostname
command is not displayed in the GUI. It is correct?
 
A quick fix for the ntp issue is to install ntpmerlin in entware. This will disable the built-in ntp daemon and restore the guest1 connectivity.
Just a thought.
 
It's always been accurate though with speed test providers on 386 codebase with Adaptive QOS (manual) and throughout history. This 388 build is wild and anywhere from 280-660mbps.

On my 1gbps connection, it only has a 52mbps upstream used for Emby streaming so that's why I like QOS normally :) My cable tv broadband provider is likely to go 100-120mbps at some point, and I have a symmetric 1gbps FTTP connection coming as another provider is currently putting the infrastructure in.

OK, to backup something wrong with QOS - Tom's hardware review of the AXE16000 also concludes poor QOS, recently published Nov 2022.

"The Asus GT-AXE16000 router has top specs across the board, with all the latest feature including the newest 6 GHz frequency. While the throughput impressed us, our network congestion testing left us thinking that this router needs to mature further due to weak QoS performance."

From: https://www.tomshardware.com/reviews/asus-rog-rapture-gt-axe16000


I appreciate to Merlin that QOS is likely a closed shop from Asus and he can do nothing, and the code is likely shared amongst some Asus models.
It's been rumbling for a while and probably won't be addressed by Asus for some releases yet....
 
I appreciate to Merlin that QOS is likely a closed shop from Asus and he can do nothing, and the code is likely shared amongst some Asus models.
It's been rumbling for a while and probably won't be addressed by Asus for some releases yet....
I'm not familiar with Asus stock firmware, does it have Cake as a QOS option, or is that a Merlin implementation?
 
I'm not familiar with Asus stock firmware, does it have Cake as a QOS option, or is that a Merlin implementation?
Asus stock does not have Cake QOS.
 
@RMerlin

It was spoke a lot here but without any reasonable answer, this port forward rule- what makes it?
I have no fetaure available for Parental Control, or Trend Micro...
Something you are aware of?

Taken from AX88U

Thank you
View attachment 45816
I had the same issue before. It was automatically enabled, maybe because I had blocked one device for internet access. When upgrading to new firmware, this port forwarding switched on automatically, every time. Maybe you have blocked devices to internet/WAN? In my case I block printer for internet access.

https://www.snbforums.com/threads/port-forwarding.80128/#post-781205
 
maybe because I had blocked one device for internet access
Happened to me too, that's why I mentioned it above.
 
I appreciate to Merlin that QOS is likely a closed shop from Asus and he can do nothing, and the code is likely shared amongst some Asus models.
It's been rumbling for a while and probably won't be addressed by Asus for some releases yet....
Have you tried Cake? It does turn off all acceleration the router has, but it's simple to use and just works.
 
think cake shouldn't be used over 350mbps due to processing overhead?
Nope, it does turn off all additional hardware acceleration though if that's what you mean, so speed tests don't look as nice but traffic is well managed and rarely has problems. If download and upload speed tests scare you then it's not for you. If performance and Que management is what you want, Cake is the Boss!
 
It depends I guess on whether you want a download to finish faster or whether you want the download to not interfere with any other traffic. In my case it was Microsoft Windows Updates. They would crush my network and force a video to freeze and exit. I turned on Cake and rebooted and tried again and boom problem solved. And with no configuration needed other than packet overhead and bandwidth values.
 
It seems to me that AiMesh is working correctly, but I am getting a message that it is not working. Rebooting routers didn't help. How to fix it?

1669750608198.png
 
Status
Not open for further replies.

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top