NOTE for GT-AXE11000: Only Works Well for IP Passthrough Setup with GT-AXE11000_388.2_4.zip

[realmikeazn]

Hi all,

I wanted to share my experience with the GT-AXE11000 and firmware compatibility when using IP Passthrough with an ISP-provided BGW210-700 device.

Firmware Tested:
GT-AXE11000_3004_388.8_4.zip
Download Link

Result: Failed with ISP DHCP issues.
GT-AXE11000_3004_388.8_2.zip
Download Link

Result: Same issue—unable to establish a stable DHCP connection.
Firmware That Works:
GT-AXE11000_388.2_4.zip
Download Link

SHA1: 8a508bca506b0c94d41e39529319b9a14ea6d462
MD5: 00cceaf39ab62698bf334838c376dad5
This version worked perfectly in IP Passthrough mode without any DHCP failures.

Summary:
If you're using the GT-AXE11000 router with an ISP-provided BGW210-700 and experiencing DHCP failures, I recommend sticking to the GT-AXE11000_388.2_4.zip firmware version.

Hope this helps someone facing a similar issue. Let me know if you have any questions or insights!

— Mike

 

[Tech9]

The latest 388.8_4 firmware release is about critical security updates though. I would run the ISP provided device in Gateway mode instead and use the latest firmware on the Asus. The ISP connection won't drop and the Asus router will have the most up to date firmware.

 

[John Fitzgerald]

WOW!!!, nothing like a new guy recommending a botnet prone out of date firmware, WTF???

@Tech9, that was a really nice low key response... are you feeling OK?

 

[Tech9]

There are still too many users out there unaware of recent malware attacks.

 

[bennor]

Summary:
If you're using the GT-AXE11000 router with an ISP-provided BGW210-700 and experiencing DHCP failures, I recommend sticking to the GT-AXE11000_388.2_4.zip firmware version.

More information about how exactly you tested and your router configuration would be useful/helpful for others before they follow such advice to downgrade their firmware and potentially expose themselves to the malware infection discussed in the following link that is supposedly patched by RMerlin in the 3004.388.8_4 (17-Nov-2024):

Malware damaging ASUS routers?

This malware damaging Asus routers has to be described in a sticky thread with a warning sign! Update: Asus is releasing patched firmware for multiple models. Check for firmware updates! The changelog for most firmware releases contains the following: 1. Strengthened input validation and data...

www.snbforums.com

3004.388.8_4 (17-Nov-2024)
- CHANGED: VPN killswitch will now only be active if the
VPN client itself is enabled. If you stop/start
the client yourself over SSH, you need to also
update the enabled/disabled nvram setting.
- FIXED: Security issues in AiCloud (backports from Asus)
- FIXED: CVE-2024-2511, CVE-2024-4741, CVE-2024-5535 &
Implicit rejection for RSA PKCS#1 in openssl
(backport from Ubuntu by RSDNTWK)

How exactly was the router configured?
Did you make any changes to the Asus router beyond basic QIS configuration?
Were you using any add-on scripts?
Did you perform a hard factory reset between firmware changes?
Were you uploading a saved router.cfg file from one firmware version to a different one?
In other words, provide more information.

 

[realmikeazn]

found out the issue was At&t modem had layer security which they had to disable for it to work, and At&T send over new modem because of this new layer application was disabled.

this fixed the issue once at&t resolve their hardware incompatibility

 

[realmikeazn]

here is their note :
AT&T ActiveArmor internet security if you have:

• AT&T Smart Home Manager to manage security features
• AT&T Fiber plan based on current speed or Internet Air
• BGW210 or BGW320 Wi-Fi gateway or an All-Fi Hub

 

[jerry6]

More information about how exactly you tested and your router configuration would be useful/helpful for others before they follow such advice to downgrade their firmware and potentially expose themselves to the malware infection discussed in the following link that is supposedly patched by RMerlin in the 3004.388.8_4 (17-Nov-2024):

Malware damaging ASUS routers?

This malware damaging Asus routers has to be described in a sticky thread with a warning sign! Update: Asus is releasing patched firmware for multiple models. Check for firmware updates! The changelog for most firmware releases contains the following: 1. Strengthened input validation and data...

www.snbforums.com

3004.388.8_4 (17-Nov-2024)
- CHANGED: VPN killswitch will now only be active if the
VPN client itself is enabled. If you stop/start
the client yourself over SSH, you need to also
update the enabled/disabled nvram setting.
- FIXED: Security issues in AiCloud (backports from Asus)
- FIXED: CVE-2024-2511, CVE-2024-4741, CVE-2024-5535 &
Implicit rejection for RSA PKCS#1 in openssl
(backport from Ubuntu by RSDNTWK)

How exactly was the router configured?
Did you make any changes to the Asus router beyond basic QIS configuration?
Were you using any add-on scripts?
Did you perform a hard factory reset between firmware changes?
Were you uploading a saved router.cfg file from one firmware version to a different one?
In other words, provide more information.

are you safe if you never used Ai cloud ? I have it set up as a router with guest networks nothing else

 

[bennor]

are you safe if you never used Ai cloud ? I have it set up as a router with guest networks nothing else

One is likely safe from the malware that used the AiCloud as an entry point attack vector if they've never enabled AiCloud. Apparently AiCloud has been a possible security hole more than once. Safe from other malware? That all depends on the exploit method and its entry point to one's network. There is always the zero day exploit waiting out there to be discovered.