rt-ac86u Updated Firmware Mar 10 2020 / Current Version : 3.0.0.4.384_81352-g9910ab0

[ATLga]

Got this through gui just a few minutes ago

Current Version : 3.0.0.4.384_81352-g9910ab0

 

[ATLga]

Got this through gui just a few minutes ago

Current Version : 3.0.0.4.384_81352-g9910ab0

As of yet, it's not listed on the Asus site for downloads under Driver & Tools or Bios & Firmware

 

[OzarkEdge]

Tip: If you select the version link in the router webUI, you get the release notes:

Firmware version 3.0.0.4.384_81352
- Release Note -

Bug Fixes and Improvements:
1. Fixed CVE-2019-15126 ("Kr00k") vulnerability.

OE

 

[Ulf Thingnæs]

Does this mean it comes with a brand new Broadcom WIFI driver - With more fixes than they mention ? ?

https://www.welivesecurity.com/2020...ity-affected-encryption-billion-wifi-devices/

A bit dissapointed with the fix list, I had hoped thay would have mentioned "5ghz wifi drop outs"... as it has been FOUR months since the last firmware was released

 

[OzarkEdge]

Does this mean it comes with a brand new Broadcom WIFI driver - With more fixes than they mention ? ?

https://www.welivesecurity.com/2020...ity-affected-encryption-billion-wifi-devices/

A bit dissapointed with the fix list, I had hoped thay would have mentioned "5ghz wifi drop outs"...

I would assume Asus patched the affected Broadcom bits. I don't think that would qualify as a "brand new Broadcom WiFi driver".

My 5 GHz WiFi does not drop out, so maybe you have a local issue?

OE

 

[podkaracz]

Do you factory reset after upgrade? Also joke of a upgrade 1 fix after 4 months without sign of support on high quality product.

Im glad they react to security threats fast because i can see that this vulnerability is from 26/02 but other than that many things seem to lack up to date support.

 

[OzarkEdge]

Do you factory reset after upgrade?

It seems like a small update, so I did not reset. One can always do that later.

OE

 

[ForkWNY]

Just ran the update from the "Firmware Upgrade" option within the 86U UI, didn't do a reset. Everything seems more or less the same. The 68U firmware was also updated today (I use 68U's as AiMesh nodes).

There were some other issues I reported to ASUS, one in particular is definitely a bug...when accessing the ASUS RT-AC86U UI externally from the WAN, then internally from the LAN via HTTPS port 8443 using a Lets Encrypt cert - https no longer works properly until the web UI is rebooted accessing it through http inside the LAN, and not https. That issue has not been corrected.

 

[OzarkEdge]

Just ran the update from the "Firmware Upgrade" option within the 86U UI, didn't do a reset. Everything seems more or less the same. The 68U firmware was also updated today (I use 68U's as AiMesh nodes).

There were some other issues I reported to ASUS, one in particular is definitely a bug...when accessing the ASUS RT-AC86U UI externally from the WAN, then internally from the LAN via HTTPS port 8443 using a Lets Encrypt cert - https no longer works properly until the web UI is rebooted accessing it through http inside the LAN, and not https. That issue has not been corrected.

I would not enable/trust WAN access to the router webUI. Seems like unnecessary exposure.

OE

 

[ForkWNY]

I would not enable/trust WAN access to the router webUI. Seems like unnecessary exposure.

OE

I agree, and normally I leave it disabled - however, when I'm out-of-town, I'll sometimes enable it just in case I need access where SSH or another form of remote access is impractical (it does happen...other systems are off, router is still on, etc.). I ran into the issue when I logged into the admin UI from the WAN over https, logged out, then logged back in from the LAN via https within a RDP session. UI was more or less inaccessible.

 

[deathnite]

Download link for 384.81352: https://dlcdnets.asus.com/pub/ASUS/wireless/RT-AC86U/FW_RT_AC86U_300438481352.zip

 

[VANT]

I agree, and normally I leave it disabled - however, when I'm out-of-town, I'll sometimes enable it just in case I need access where SSH or another form of remote access is impractical (it does happen...other systems are off, router is still on, etc.). I ran into the issue when I logged into the admin UI from the WAN over https, logged out, then logged back in from the LAN via https within a RDP session. UI was more or less inaccessible.

for remote access use vpn.

 

[KevTech]

Download link for 384.81352

Or just go to the website.

https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/

 

[deathnite]

It wasn't listed on the website when I posted the link.

 

[Smedley]

In this firmware (81352), is the log filling up with WLCEVENTD messages, as in the prior two versions?

 

[ATLga]

In this firmware (81352), is the log filling up with WLCEVENTD messages, as in the prior two versions?

Yes

 

[gfondeur]

I agree, and normally I leave it disabled - however, when I'm out-of-town, I'll sometimes enable it just in case I need access where SSH or another form of remote access is impractical (it does happen...other systems are off, router is still on, etc.). I ran into the issue when I logged into the admin UI from the WAN over https, logged out, then logged back in from the LAN via https within a RDP session. UI was more or less inaccessible.

the VPN server from the router?
it works perfect for me went I need to access my router from outside (WAN)

 

[ATLga]

the VPN server from the router?
it works perfect for me went I need to access my router from outside (WAN)

You didn't read up high enough:

"OzarkEdge said: ↑
I would not enable/trust WAN access to the router webUI. Seems like unnecessary exposure.

OE"
------

"I agree, and normally I leave it disabled - however, when I'm out-of-town, I'll sometimes enable it just in case I need access where SSH or another form of remote access is impractical (it does happen...other systems are off, router is still on, etc.). I ran into the issue when I logged into the admin UI from the WAN over https, logged out, then logged back in from the LAN via https within a RDP session. UI was more or less inaccessible."

 

[ATLga]

You can change the log level if you want, there is a post here somewhere how to do it....

Not through the GUI, unless you are using Merlin then there are two drop downs. We’re talking about regular firmware here though so the only option is to ssh or whatever it’s called into the firmware and change it. Most regular users aren’t gonna do that or know how to.

 

[tallytr]

In this firmware (81352), is the log filling up with WLCEVENTD messages, as in the prior two versions?

If they bother you, log level can be changed, there is a post here somewhere how to do it....