RT-AC5300 Performance & Security Guide

[Markboz]

Thank you very much for your hard work on this detail set-up on the RT AC5300!

Will this put the router on peak proformace ? I am very new to the ASUS routers, I have always had Netgear routers and thought it was time for a change so I bought a 5300 unit.

Just want the best setting for my house and devices for range and speed.

Thank you

 

[daviworld]

Thank you very much for your hard work on this detail set-up on the RT AC5300!

Will this put the router on peak proformace ? I am very new to the ASUS routers, I have always had Netgear routers and thought it was time for a change so I bought a 5300 unit.

Just want the best setting for my house and devices for range and speed.

Thank you

No problem, I'll be updating the guide soon to account for recent firmware change's.

I'll say for my own need's, yes it is. I created the guide to be a working template, but by all means feel free to change thing's to match and optimize to your own environment, so you get the best networking experience.

Sent from my LG-H830 using Tapatalk

 

[Markboz]

No problem, I'll be updating the guide soon to account for recent firmware change's.

I'll say for my own need's, yes it is. I created the guide to be a working template, but by all means feel free to change thing's to match and optimize to your own environment, so you get the best networking experience.

Sent from my LG-H830 using Tapatalk

What’s the best settings for long range signals?

Thank you

 

[daviworld]

What’s the best settings for long range signals?

Thank you

Long range signal's I would focus on optimizing the 2.4GHz band since it has a longer signal distance than 5GHz

You can also, take out one of the 5GHz band in my example and replace it with a 2.4GHz band. Using a wireless signal instrument to measure your distance around your service area, you would change your RSSI to match your average -dBm under your normal operating environments

 

[JOE.G]

I just purchased this router and I am a complete newbie and honestly am quite over whelmed. If I was to leave the default settings will the router perform okay? By changing the settings like you have what exactly would I be achieving? My needs are internet surfing, Games for the kids and streaming movies. Id like distance and speed as I would like to be able to surf out in the yard. I do need the 2.4 band for some older stuff. Thanks

 

[username0475]

I just purchased this router and I am a complete newbie and honestly am quite over whelmed. If I was to leave the default settings will the router perform okay? By changing the settings like you have what exactly would I be achieving? My needs are internet surfing, Games for the kids and streaming movies. Id like distance and speed as I would like to be able to surf out in the yard. I do need the 2.4 band for some older stuff. Thanks

Hopefully this will decipher some of the concepts & settings daviworld provided in his list: https://routersecurity.org/

 

[daviworld]

I just purchased this router and I am a complete newbie and honestly am quite over whelmed. If I was to leave the default settings will the router perform okay? By changing the settings like you have what exactly would I be achieving? My needs are internet surfing, Games for the kids and streaming movies. Id like distance and speed as I would like to be able to surf out in the yard. I do need the 2.4 band for some older stuff. Thanks

The router will definitely perform well with what you want to do on default setting's. My setting's are geared towards security enthusiasts and performance tweakers.

So, if you don't feel confident in changing anything, feel free to leave it on default(of course changing default credential's though like router login and, SSID)

If you feel confident in trying out some or all of the setting's just swap out or include the 2.4GHz in the Smart connect rule, I would imagine you would want to add a -dBm rule on it, so when you go out into your yard it will connect over to it.

 

[JOE.G]

Daviworld, Can you explain the last paragraph a bit please. I have a few older devices that need the 2.4 channel. I have a 2.4 Nano station currently that shoots internet to a Netgear 4500 router and another nano station out in my shop which is a 100 Ft away. Id really wish the AIMESH would reach that far as I would just buy another ASUS router.

I was thinking of turning off smart connect and using all three bands and assign the devices as I see fit to each band and try to even them out.
Maybe that isnt a good idea?

 

[daviworld]

Daviworld, Can you explain the last paragraph a bit please. I have a few older devices that need the 2.4 channel. I have a 2.4 Nano station currently that shoots internet to a Netgear 4500 router and another nano station out in my shop which is a 100 Ft away. Id really wish the AIMESH would reach that far as I would just buy another ASUS router.

I was thinking of turning off smart connect and using all three bands and assign the devices as I see fit to each band and try to even them out.
Maybe that isnt a good idea?

It sound's like you're on the official firmware, while I don't have much experience with the new AiMesh feature. You could tune the PHY rate and the RSSI to something like -67dBm for an average. Download an app for measuring -dBm something like IPtools. I think it is a good idea if you're willing to keep tuning your setting's till you get it right for your environment.

Again, I think even if you leave the default setting's on the 2.4GHz band should reach all of your older 2.4GHz devices

Here's a pretty good forum post on it
https://community.meraki.com/t5/Solutions-APIs/Measuring-Signal-Strength-RSSI-and-dbm/td-p/9934

 

[JOE.G]

I havn't even thought of using a aftermarket firmware, I have not hooked router up yet I just got it yesterday and will probably hook it up later tonight or tom.

 

[daviworld]

I havn't even thought of using a aftermarket firmware, I have not hooked router up yet I just got it yesterday and will probably hook it up later tonight or tom.

In my opinion it is much better than the official firmware and some of my setting's are geared towards Merlin's firmware specific options

 

[DAVID LIVADITIS]

Hello daviworld you planning to do any kind of update? And appreciate all your hard work

 

[daviworld]

Hello daviworld you planning to do any kind of update? And appreciate all your hard work

Hey David,

I am actually planning on doing it sometime this weekend or next weekend, since I been busy. I have partially updated some stuff back in January, but have been sidetracked with other projects and normal life lol. March will be a lot more easygoing for me, so I'll have time to actually update and include all the changes since I first released this guide.

That'll include new script's, security practices, network performances and removing outdated methods and/or patched security holes.

Best,
David

 

[daviworld]

2019 Performance & Security Guide Updated, with Added & Removed Sections such as Ai-Mesh, newer scripts, and updated security posture(Will be completed mid-late August 2019) I'm still working on it guy's =]

*Compiling from source using VM and Ubuntu 18.04/18.10 and Debian

VM memory 4GB at min
2 processors, 30gb of space
#################################
Script Courtesy of Fitz Mutch

### Install fresh Ubuntu 18.04 LTS (Bionic Beaver)

ubuntu-18.04.2-desktop-amd64.iso

### Apply OS updates and make bash the default shell (reboot required)

sudo apt-get update && sudo apt-get -y dist-upgrade && sudo rm -f /bin/sh && sudo ln -sf bash /bin/sh && sudo reboot

### Install Linux kernel headers and essential development tools

sudo apt-get update && sudo apt-get -y install git build-essential linux-headers-$(uname -r)

### Install dependencies for AsusWRT

sudo dpkg --add-architecture i386 && sudo apt-get update && sudo apt-get -y install libtool-bin cmake libproxy-dev uuid-dev liblzo2-dev autoconf automake bash bison bzip2 diffutils file flex m4 g++ gawk groff-base libncurses5-dev libtool libslang2 make patch perl pkg-config shtool subversion tar texinfo zlib1g zlib1g-dev git gettext libexpat1-dev libssl-dev cvs gperf unzip python libxml-parser-perl gcc-multilib gconf-editor libxml2-dev g++-multilib gitk libncurses5 mtd-utils libncurses5-dev libvorbis-dev git autopoint autogen sed build-essential intltool libelf1 libglib2.0-dev xutils-dev lib32z1-dev lib32stdc++6 xsltproc gtk-doc-tools libelf-dev:i386 libelf1:i386 libltdl-dev

### Install other programs

sudo apt-get -y install lzip patchelf

### Clone the toolchains

cd

if [ ! -d am-toolchains ]; then

git clone https://github.com/RMerl/am-toolchains

fi
### Fix the toolchain symlinks

sudo mkdir -p /opt ; sudo rm -rf /opt/toolchains ; sudo ln -s ~/am-toolchains/brcm-arm-hnd /opt/toolchains ; sudo rm -f /opt/brcm-arm ; sudo ln -s ~/am-toolchains/brcm-arm-sdk/hndtools-arm-linux-2.6.36-uclibc-4.5.3 /opt/brcm-arm ; sudo rm -f /opt/brcm ; sudo ln -s ~/am-toolchains/brcm-mips-sdk/tools/brcm /opt/brcm

### Clone the repo

cd

if [ ! -d asuswrt-merlin.ng ]; then

git clone https://github.com/RMerl/asuswrt-merlin.ng

cd asuswrt-merlin.ng

# git checkout master

git checkout mainline

else

cd asuswrt-merlin.ng

# git checkout master

git checkout mainline

git pull

fi
### Create a build tree from the repo and fix the symlinks

cd

rm -rf asuswrt-merlin.ng-build

#rsync -aq asuswrt-merlin.ng/ asuswrt-merlin.ng-build --exclude .git

cp -a asuswrt-merlin.ng/ asuswrt-merlin.ng-build

# fix symlinks for HND toolchain

rm -rf ~/asuswrt-merlin.ng-build/release/src-rt-5.02hnd/bcmdrivers/broadcom/net/wl/impl51/main/src/toolchains

ln -s ~/am-toolchains/brcm-arm-hnd ~/asuswrt-merlin.ng-build/release/src-rt-5.02hnd/bcmdrivers/broadcom/net/wl/impl51/main/src/toolchains

# fix symlinks for ARM toolchain

rm -rf ~/asuswrt-merlin.ng-build/release/src-rt-6.x.4708/toolchains

ln -s ~/am-toolchains/brcm-arm-sdk ~/asuswrt-merlin.ng-build/release/src-rt-6.x.4708/toolchains

### Build RT-AC86U firmware (HND)

export LD_LIBRARY_PATH=/opt/toolchains/crosstools-arm-gcc-5.3-linux-4.1-glibc-2.22-binutils-2.25/usr/lib

export TOOLCHAIN_BASE=/opt/toolchains

echo $PATH | grep -qF /opt/toolchains/crosstools-arm-gcc-5.3-linux-4.1-glibc-2.22-binutils-2.25/usr/bin || export PATH=$PATH:/opt/toolchains/crosstools-arm-gcc-5.3-linux-4.1-glibc-2.22-binutils-2.25/usr/bin

echo $PATH | grep -qF /opt/toolchains/crosstools-aarch64-gcc-5.3-linux-4.1-glibc-2.22-binutils-2.25/usr/bin || export PATH=$PATH:/opt/toolchains/crosstools-aarch64-gcc-5.3-linux-4.1-glibc-2.22-binutils-2.25/usr/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-5.02hnd

make rt-ac86u

### Build RT-AC56U firmware (ARM)

export LD_LIBRARY_PATH=

export TOOLCHAIN_BASE=

echo $PATH | grep -qF /opt/brcm-arm/bin || export PATH=$PATH:/opt/brcm-arm/bin

echo $PATH | grep -qF /opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin || export PATH=$PATH:/opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-6.x.4708

make rt-ac56u


### Build RT-AC68U firmware (ARM)

export LD_LIBRARY_PATH=

export TOOLCHAIN_BASE=

echo $PATH | grep -qF /opt/brcm-arm/bin || export PATH=$PATH:/opt/brcm-arm/bin

echo $PATH | grep -qF /opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin || export PATH=$PATH:/opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-6.x.4708

make rt-ac68u

### Build RT-AC87U firmware (ARM)

export LD_LIBRARY_PATH=

export TOOLCHAIN_BASE=

echo $PATH | grep -qF /opt/brcm-arm/bin || export PATH=$PATH:/opt/brcm-arm/bin

echo $PATH | grep -qF /opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin || export PATH=$PATH:/opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-6.x.4708

make rt-ac87u


### Build RT-AC88U firmware (ARM)

export LD_LIBRARY_PATH=

export TOOLCHAIN_BASE=

echo $PATH | grep -qF /opt/brcm-arm/bin || export PATH=$PATH:/opt/brcm-arm/bin

echo $PATH | grep -qF /opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin || export PATH=$PATH:/opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-7.14.114.x/src

make rt-ac88u


### Build RT-AC3100 firmware (ARM)

export LD_LIBRARY_PATH=

export TOOLCHAIN_BASE=

echo $PATH | grep -qF /opt/brcm-arm/bin || export PATH=$PATH:/opt/brcm-arm/bin

echo $PATH | grep -qF /opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin || export PATH=$PATH:/opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-7.14.114.x/src

make rt-ac3100

### Build RT-AC5300 firmware (ARM)

export LD_LIBRARY_PATH=

export TOOLCHAIN_BASE=

echo $PATH | grep -qF /opt/brcm-arm/bin || export PATH=$PATH:/opt/brcm-arm/bin

echo $PATH | grep -qF /opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin || export PATH=$PATH:/opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-7.14.114.x/src

make rt-ac5300

### Build RT-AC3200 firmware (ARM)

export LD_LIBRARY_PATH=

export TOOLCHAIN_BASE=

echo $PATH | grep -qF /opt/brcm-arm/bin || export PATH=$PATH:/opt/brcm-arm/bin

echo $PATH | grep -qF /opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin || export PATH=$PATH:/opt/brcm-arm/arm-brcm-linux-uclibcgnueabi/bin

cd ~/asuswrt-merlin.ng-build/release/src-rt-7.x.main/src

make rt-ac3200

###################
Scripts- scripts have evolved in the community, going from a handful to a set of scripts most people regularly use

AMTM - Should be the first script you download. It houses all the main script's and make installing the rest easier. It also comes with a reboot scheduler, disk check, swap file creation, and version numbers for other scripts.

Skynet - a very good reputational firewall, which is a nice addition to AiProtect IPS, and blocks IP's

Diversion - The spiritual successor to AB-Solutions, it blocks HTTP ad domains via host files. This also installs Entware and Pixelserv

Pixelserv-TLS this will enable a web server to block all HTTPS ad, which supplements Diversion nicely

Stubby-Installer - This is your DNS over TLS script, which will encrypt your DNS queries and SNI, *stubby installer script isn't need on firmware version 384.11 and beyond. native script is better

DNScrypt - this will also encrypt your DNS queries via DNScrypt or DOH(DNS over HTTPS)

YazFi - enhanced guest WiFi, which act as sort of a quasi VLAN. You can segment guest network's, with different subnet's, and can allow or disallow communicating locally. Or, simply just allow internet connectivity without touching the LAN

ntpMerlin - run a NTP server daemon, which will work a bit better than your default implementation. *May conflict with other scripts such as Stubby

Entware - is your repo which will allow you to enhance and customize your router to your own personal needs


scMerlin

connmon

spdMerlin

scribe

uidivstats

#################

OPENVPN 2.4.7 Server/Client set-up configuration (unfinished)

#########

TCP TX/RX Tuning (unfinished)

########

Security Patches (unfinished)

########

SSL Cert Placement (unfinished)

#######

SMB tweaking, for speed enhancement (unfinished)

#######

Script to check vpn and extend entware services (unfinished)

#####

Redirect all internet traffic vs strict policy mode (unfinished)

######

------------------------------------------------------------------------------------------
Sources
https://www.snbforums.com/threads/extend-service-to-entware-services.54979/

https://www.snbforums.com/threads/redirect-internet-traffic-all-vs-192-168-1-0-24.55770/

https://www.snbforums.com/threads/scripted-vpn-client-configuration.55203/

https://www.snbforums.com/threads/ac86u-smb-tweaking.44729/

https://www.snbforums.com/threads/release-asuswrt-merlin-384-10-is-now-available.55742/

https://www.snbforums.com/threads/merlinwrt-compile-instructions.47984/page-4

https://www.snbforums.com/threads/how-to-improve-shell-script-code-quality-and-readability.55794/

https://x3mtek.com/how-to-improve-shell-script-code-quality-and-readability/

https://atom.io/packages/linter-shellcheck

https://ftp.snbforums.com/threads/failed-to-compile-firmware-for-rt-ac68u.54760/

 

[OABC]

I don't know if this will be helpful to anyone. But, thought I would share my set-up and hopefully help some people in their quest for performance and security.
Check page 2, post #34 for 2019 updated/added info
--------------------------------------------------------------
Let's start with Guest Network
Typically in my own network

• I set access time of 12hrs
• Prevent intranet access(LAN)
• Assign WPA2 as authentication method and a easy password for guest(NOT YOUR MAIN PASSWORD)
• I only set up guest on my 2.4GHz Radio, more on that below
• No MAC filtering unless you use this network for special purposes

Next AiProtection
Click Network Protection
I highly and strongly recommend turning on all the protection feature's, as this is essentially your UTM(Unified Threat Management)

• Router Security Assessment - (Scan, click on thing's to change and secure or disable thing's you don't need or use. Shoot for a score of 15)
• Malicious Site Blocking - (using Trend Micro engine, will block bad site's)
• Two-Way IPS - (can detect and shape traffic, actively monitoring and blocking threat's)
• Infected Device Prevention and Blocking - (This will isolate a infected device from the rest of your device's, to prevent an infection from spreading across your network. If you're familiar with VLAN's, think of that one device being put in its own VLAN with no contact with the rest of the device's)
• Parental Control - (control internet access for device's, by setting a time schedule, also include a web filter for blocking content)
• DNS Filtering - Force your client's to use specified DNS, I have mines set to router for quicker DNS lookup's

*an important note, when you see hit's, this mean's it was an attack/exploit your router was successfully able to prevent. Anytime you see a hit in your two-way IPS, a good measure is to add the IP to your firewall block list or firewall block script(Skynet)

Next Adaptive QoS
In Bandwidth Monitor, turning it on you will take a small performance hit. Up to you if you decide to use it, I typically leave mine's off unless troubleshooting networking issue's. Lastly, since I use FreshJR QoS script, I have left the priority at default for all device's(gray). However, you are more than welcome to use the priority label's. Click on the Tab QoS..... Also, in the Web History Tab, I turn it on, as it is useful to see what site's my client device's are connecting to and how often.

In QoS

• Enabled
• Adaptive QoS
• Manual Setting [(Not Automatic) add your speedtest or ISP bandwidth, for instance I have 1GBps down and 20Mbps up. So, I'll add 950 down and 19 up]
• Wan Overhead DOCISIS 3.0 = 18 ( choose a preset for your modem)
• For Network Mode I usually choose Customize

*The reason you don't add your full bandwidth is due to bufferbloat, it is generally recommended to choose 85-95% of your total bandwidth, hence 95% of 1000 is 950 and 95% of 20 is 19. Also note when measuring ISP speed we use Megabit's not Megabyte's. a culmination of byte's will = that file on your PC... 8 bit's = 1 byte
I recommend using FreshJR Adaptive QoS script for the customization and dslreports speedtest

*Second important notice as I run OpenVPN client's 24/7, your OpenVPN traffic is seen as upload traffic, so in my above example you would input 950 in both the download AND upload

Next Traffic Analyzer

• Honestly I leave the statistics in here off, since if I turn this on. It lock's up my GUI VPN page, and I can only turn only my client's via NVRAM command's, although if you have different need's feel free to use this.

Next Game Boost

• I don't use this feature so I have no comment on its functionality

Next USB Application
I only use Media Services and Server's in this section, click on it

• In Media Server - (if you enjoy streaming content from your router, to your LAN device's, enable UPnP [ONLY ON THIS PAGE, NOT THE WAN PAGE] , name your media server, use a manual path
• In Network Place (Samba) Share Tab -

1. Enable Share
2. DON'T enable allow guest login's(will let anyone in)
3. Add SMB v2 preferably/SMB v1 + v2
4. Add workgroup name and device name
5. Yes, Force as Master Browser
6. No, WINS Server
7. Click Apply
8. Add a different account from your root to use for your share access
9. set permission's for folder's you want this new account to access
10. Save Permission's
11. Check access, make sure port's 139 & 445 is open on machine and SMB & NETBIOS enabled

• FTP Tab - I would leave this disabled, since it isn't using SFTP or FTPS (secure versions), however merlin's version use's FTPS(enable TLS option)
• *Note When Samba enabled, port's 139, and 445 will be open on your router. Make sure these port's and/or services NETBIOS & SMB are running and open. When not using share's I recommend turning this off until you need this, unless you do frequent network transfer 's

Next AiCloud 2.0

Disable, Disable, Disable, Disable, Disable, if you don't want hole's exposed in your network, please do not enable any AiCloud service's at all!

Next Wireless

• Smart Connect Enabled - Actually Pretty Good With Some Minor Tweak's
• I usually only use my 5GHz network for band as all my client's are AC client's and my apartment is covered with a signal throughout. So, I disable my 2.4GHz band, using it only for AP Isolation and older device's or security cam's
• Hide SSID, up to you, will stop a casual user, but your SSID is broadcasted in plain text in your wireless packet's, so if someone used a sniffer, Hiding your SSID wouldn't stop them.
• Authentication Method - WPA2 Personal
• set a strong Wireless password
• The other setting's can be set to auto
• Protected Management Frames - Capable (protects against dissociation attacks) *note however that required broke IoT devices, only smartphone, Console, and PC responded; on capable the smart TV and IP cam finally connected
• In Wireless MAC Filter, will be up to you to use it or not, spoofing MAC's are trivial today
• In the Professional Tab - We will change a couple of the default's the rest are ok

1. For the 2.4GHz professional setting's
2. enable radio, my personal say is no if you don't have old client's or don't need the distance
3. enable wireless scheduler, again depends on you. But, if your radio's aren't broadcasting, then their is no WI-FI to hack
4. Multicast Rate - choose OFDM 6 (good low settings for VoIP, adjust higher if experiencing issues)
5. Preamble Type - choose Short... choose long slower and older devices)
6. Beacon Interval - set to 1000 - decreases the amount of times a client receives the wireless beacon
7. DTIM Interval - 3 or below, set higher for better performance if you have a strong router, otherwise it may crash.
8. TX Burst - if higher than 4 device's disable, can cause network lag
9. WMM APSD - disable if your mobile devices experience disconnect or crashes, otherwise leave enabled
10. Optimize AMPDU Aggregation - Enable: High error environment or multiple devices. Slower performance.
    Disable: Low error environment with less devices. Faster performance.
11. Airtime Fairness - disable, enable only for older devices
12. MU-MIMO - disable if your client's don't support this feature, otherwise keep enabled
13. Universal Beamforming - disable was made before explicit beamforming. use this instead
14. Explicit Beamforming - all AC enabled devices support this feature, disable if you don't have AC client's
15. Modulation Scheme is set to their highest MCS 11
16. TX Power Adjustment - Slide to Performance
17. IGMP Snooping - Disabled
18. AP Isloation - Yes or no depending on your need's

1. For the 5GHz professional setting's
2. Everything the same as above
3. Note Explict Beamforming will be 802.11ac beamforming in the 5GHz setting's
4. leave other default's alone

• In the WPS Tab - disable this on all radio band's, I only needed this once due to having a 64 character password, and my smart TV wouldn't connect until I added it via WPS, which I immediately turned off after the Smart TV connected

Hello Daviworld, Wondering if you can help me considering your expertise on the AC5300 interface.
For some reason the router is blocking me the access to the Twitter Videos or Pictures on WIFI. A couple of things to mention...

1. Definitely not twitter: When I use cellular it does work. This is happening within all of my devices connected to the network. Mobile Apps & Web Surfing. If I use another wifi network it does work.

2. It only happens with Twitter video.. I can see all of the videos from any other social network. Weird.

3. There are no blocked parameters, policies or websites on the AiProtecion. Firewall is on but not blocking anything. Already tried to disable it and the problem still persist.

4. Im using Aimesh, not sure if this is related or not.

5. Already performed a factory reset on both routers and merged AiMesh again. Problem persist.

Do you have any idea what I can do? Im not that good with specific network setting on my router. So even though I've investigated a lot, Im not sure what should I look / change for.... All of the help you can give me is highly appreciated. Have a good one. HEEEELP. Thanks

 

[HuskyHerder]

@OABC

Have you tried changing you DNS?

One example https://www.opendns.com or cloudflare.

 

[OABC]

@OABC

Have you tried changing you DNS?

One example https://www.opendns.com of cloud flare.

Hello @HuskyHerder Thank you.
Not really, read something about it but wasn't sure... I will give it a try.

Right now the router is using the DNS as the same as the IP Address (192.164.2.1)... Do you recommend using a openDNS one instead?

 

[HuskyHerder]

Sounds like that's the Router IP that's handed out to clients on your net. AKA your clients are looking to the router the IP for DNS lookups. Nothing wrong with that.

You would need to change the DNS values. Not the router IP.

 

[OABC]

Got it! Will give it a try once I get home and I will keep you posted if it works or not.
Appreciate your help @HuskyHerder

 

[HuskyHerder]

Clarification:
You would make the change on the router not on the individual devices.

@OABC

Random google search for change DNS. https://torguard.net/knowledgebase.php?action=displayarticle&id=180

If that works you may wish to research and find a favorite one and possible a secondary one. I prefer not to have all my eggs in a single basket.

I usually use the following and there are more.

1.1.1.1, cloudflare primary
208.67.222.222 opendns secondary