What's new

[Release] Asuswrt-Merlin 384.12 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I'm not sure what this means. My router is a Netgeat r7000.
Converted TM router meant converted T Mobile router....either way yours isn't a supported unit. Merlin is only for Asus routers so your help may be limited.
 
How do i test if AI Protection is working when after 3 days i have 0 threats found?

A search of the AiProtection thread suggests using http://5ka.ru.com/ Trend Micro will block it and it should show up under AiProtection / Malicious Sites Blocking



Sent from my iPad using Tapatalk
 
Yes it might help depending on your ISP they may be like mine and very well how can I put it nicely, selective about only letting me their units work otherwise they have a fit about it and VoIP doesn't work.
  1. I agree about the cloning... sometimes these ISP can be a PITA.
  2. I would also try powering off your modem for say a few hours when you are sleeping one night or heading to work, class etc.. then when you return, reconnect the modem (you probably will get a different IP address, maybe even in a different subnet). let the modem lock in.
  3. Then power up the AC86 /clone MAC etc..
  4. Have you tried LD&D "nuclear" reset option?
 
AiProtection blocks that for me.
 
I have a converted T-Mobile router (AC68U) that has been running 384.5 successfully for a while. I tried upgrading to 384.12 with no success. Downloaded the file. Uploaded it to the router and tried to update via the web interface. It shows that it’s loading then the router restarts and it still says it’s running 384.5.

Anyone have thoughts or suggestions? Thanks!!
 
I have a converted T-Mobile router (AC68U) that has been running 384.5 successfully for a while. I tried upgrading to 384.12 with no success. Downloaded the file. Uploaded it to the router and tried to update via the web interface. It shows that it’s loading then the router restarts and it still says it’s running 384.5.

Anyone have thoughts or suggestions? Thanks!!

upload_2019-7-24_23-0-43.png
 
I've 384-12 installed on 87U router since last 32 days. So far two incidences have occurred where wifi gets lots for a few secs and it work normal. Has anyone observed this behavior? Nothing in the system log ( notice ) . There have not be any changes in surroundings or any wifi obstacles or interference.


Any ideas?

Thanks
 
I've 384-12 installed on 87U router since last 32 days. So far two incidences have occurred where wifi gets lots for a few secs and it work normal. Has anyone observed this behavior? Nothing in the system log ( notice ) . There have not be any changes in surroundings or any wifi obstacles or interference.


Any ideas?

Thanks
What's your setup? DoT? Resolver? Scripts? Is it a signal drop or service drop?
 
been using the stock AsusWRT from Asus on my RT-AC68U. Read alot about the DNS over HTTPS and DNS over TLS via QUAD9 and Cloudflare that the stock firmware doesn't support.

Have been running Merlin now for a few days. Have all the WAN > WAN DNS Setting > YES(ed) > DoT > Strict >
address TLS port TLS hostname SPKI
QUAD9 9.9.9.9 853 dns.quad9.net /SlsviBkb05Y/8XiKF9+CZ...
QUAD9 149.112.112.112 853 dns.quad9.net /SlsviBkb05Y/8XiKF9+CZ...

when at command line of a client I type <dig google.com> I see the "ad" flag which indicates only that DNSSEC is being used right? I also see <;; SERVER: 192.168.44.1#53(192.168.44.1)> I'm trying to determine if port 853 is actually being used. I've been trying to install tcpdump to run <tcpdump -i eth0 -p port 853 or 53 -n> to prove to myself that DNS over TLS is actually being used.

I've SSH'ed into my router and followed the 3 sets of directions from <https://github.com/RMerl/asuswrt-merlin/wiki/Entware> for 3 different ways to install entware. None of the ways worked, returned errors.

For example: The "old" way

after the:
wget -O - http://pkg.entware.net/binaries/mipsel/installer/installer.sh | sh

i get:
/opt/bin/opkg: line 1: syntax error: unexpected "("
/opt/bin/opkg: line 1: syntax error: unexpected "("

when I type:
opkg install tcpdump I get "-sh: opkg: not found"

I'm a noobie, first time posting here. Correct me if I'm wrong. TIA
 
been using the stock AsusWRT from Asus on my RT-AC68U. Read alot about the DNS over HTTPS and DNS over TLS via QUAD9 and Cloudflare that the stock firmware doesn't support.

Have been running Merlin now for a few days. Have all the WAN > WAN DNS Setting > YES(ed) > DoT > Strict >
address TLS port TLS hostname SPKI
QUAD9 9.9.9.9 853 dns.quad9.net /SlsviBkb05Y/8XiKF9+CZ...
QUAD9 149.112.112.112 853 dns.quad9.net /SlsviBkb05Y/8XiKF9+CZ...

when at command line of a client I type <dig google.com> I see the "ad" flag which indicates only that DNSSEC is being used right? I also see <;; SERVER: 192.168.44.1#53(192.168.44.1)> I'm trying to determine if port 853 is actually being used. I've been trying to install tcpdump to run <tcpdump -i eth0 -p port 853 or 53 -n> to prove to myself that DNS over TLS is actually being used.

I've SSH'ed into my router and followed the 3 sets of directions from <https://github.com/RMerl/asuswrt-merlin/wiki/Entware> for 3 different ways to install entware. None of the ways worked, returned errors.

For example: The "old" way

after the:
wget -O - http://pkg.entware.net/binaries/mipsel/installer/installer.sh | sh

i get:
/opt/bin/opkg: line 1: syntax error: unexpected "("
/opt/bin/opkg: line 1: syntax error: unexpected "("

when I type:
opkg install tcpdump I get "-sh: opkg: not found"

I'm a noobie, first time posting here. Correct me if I'm wrong. TIA
You don’t need the SPKI for Quad9. From a client, there’s no obvious indication of DoT. From the client to router is still port 53/udp. DoT is between the router and external DNS resolver. I assume your router LAN IP is 192.168.44.1, which would be expected behavior at a client.

The best way to install Entware is to use amtm. Find the thread here in the Merlin forum.
https://www.snbforums.com/threads/amtm-the-snbforum-asuswrt-merlin-terminal-menu.42415/
 
The best way to install Entware is to use amtm. Find the thread here in the Merlin forum.
https://www.snbforums.com/threads/amtm-the-snbforum-asuswrt-merlin-terminal-menu.42415/


That worked, finally....

directions I had been following were at https://github.com/RMerl/asuswrt-merlin/wiki/Entware. Those directions failed. Thank you for the link. I now have amtm and tcpdump installed. For some reason diversion wouldn't install so I went right to entware which installed nicely. TYVM
Installation via amtm is listed on that page...
 
From a client, there’s no obvious indication of DoT. From the client to router is still port 53/udp. DoT is between the router and external DNS resolver.

After successfully following your directions for the installation of amtm and then entware, I followed up by installing tcpdump. I typed in <tcpdump -i eth0 -p port 853 or 53 -n>. The logic here is that the client wouldn't know that DNS resolution is being done on port 853 but wouldn't the router? I'm not getting the results I thought I would get. what command on the command line would produce a result that would show/prove that DNS is being resolved on port 853?
 
Trying to upload a screen shot of my WAN DNS Setting (I'm such a noob) I'm wondering if my WAN setting(s) may be the problem. I've Yes(ed) every line.
+Connect to DNS Server automatically yes
+Forward local domain queries to upstream DNS yes
+Enable DNS Rebind protection yes
+Enable DNSSEC support yes
+Validate unsigned DNSSEC replies yes
+DNS Privacy Protocol DNS over TLS (DoT)
+DNS-over-TLS Profile opportunistic

DNS-over-TLS Server List (Max Limit : 8)
9.9.9.9 853 dns.quad9.net
149.112.112.112 853 dns.quad9.net

I used to have a SPKI -- but after further research found that Quad9 doesn't recommend that.
 

Attachments

  • Screenshot_2019-07-26 ASUS Wireless Router RT-AC68U - Internet Connection.png
    Screenshot_2019-07-26 ASUS Wireless Router RT-AC68U - Internet Connection.png
    21.6 KB · Views: 346
Anyone here have DoT enabled with either cloudflare or Quad9 playing wireless gaming? I know I should not be playing wireless but it's my only option now. The issue I have is when enabled it I completely lag out during gameplay, however when i go back using Comcast DNS...all disconnects stop completely.
 
Anyone here have DoT enabled with either cloudflare or Quad9 playing wireless gaming? I know I should not be playing wireless but it's my only option now. The issue I have is when enabled it I completely lag out during gameplay, however when i go back using Comcast DNS...all disconnects stop completely.
Use the DNSfilter option. You can force just that one device to use a certain "custom" DNS server such as Comcast in your case.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top