What's new

RT-AX86U Config Recommendations

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Smirnoff

New Around Here
Any performance config recommendations greatly appreciated, just installed w/factory specs, download went from 300 Mbps maximum (AC68U) to 700Mbps.
 
Any performance config recommendations greatly appreciated, just installed w/factory specs, download went from 300 Mbps maximum (AC68U) to 700Mbps.
While OzarkEdge has a detailed write up, I have my own opinions for the AX86U:

I use the Asus firmware with auto upgrade enabled.
I use Quad9 DNS Servers in the WAN and DNS Privacy Protocol DoT set to Quad9 1 and 2. Disable UPnP. Enable DoS protection in firewall. Use AiProtection (it is worth it!).
WIFI: Enable AX WIFI, Use just WPA2-Personal or WPA2/WPA3-Personal, 2.4 GHz @ 20 MHz auto channel, 5 GHz @80 MHz auto channel but leave DFS channels unchecked. Use Dual Band SmartConnect. Don't change any other WIFI settings!
Once the router has run for a couple of days I recommend setting the WIFI to fixed channels at or closest to what the router had used on Auto. Enable 160 MHz on the 5 GHz band but be advised it will use DFS channels which will be subkect to being bounced off by RADAR. I have eventually used channel 1 on 2.4 GHz and channel 36 on 5 GHz @ 160 MHz.
If you have older clients that do not like the WPA2/WPA3 you can enable a guest WIFI for them and use just WPA2.

Enjoy the AX86U!
 
 
I use the Asus firmware with auto upgrade enabled.

This is your only configuration preference I would take exception to... I prefer to upgrade my network on my schedule when I have time to manage the interruption and any surprises for me and my users.

I suppose if I ever need DoS protection, I'll enable it. The AX86U probably wouldn't notice!

I initially disabled the login Captcha, but then I realized it permits me to use a simple admin password and not think twice about it.

Now that everything is humming along nicely, I may tryout 160 MHz on the lower end of the 5.0 band. I like that the Wireless Log now lists client bandwidth... we can now see that lessor clients are using their smaller bandwidth no matter what bandwidth is configured on the router.

I recently rebooted my Roku and it moved its WiFi Direct AP (used by its remote controller/clicker) up to channel 165... that's a good, otherwise useless channel for it... I hope it stays there. I wonder if a Roku firmware upgrade caused that change.

OE
 
Now that everything is humming along nicely,

Holy crap... my node UPS just went belly up... not the battery, the whole thing. I've seen it before and it's long overdue, but still! :)

I was relieved to find that the network trouble was just the UPS.

OE
 
This is your only configuration preference I would take exception to... I prefer to upgrade my network on my schedule when I have time to manage the interruption and any surprises for me and my users.

I suppose if I ever need DoS protection, I'll enable it. The AX86U probably wouldn't notice!

I initially disabled the login Captcha, but then I realized it permits me to use a simple admin password and not think twice about it.

Now that everything is humming along nicely, I may tryout 160 MHz on the lower end of the 5.0 band. I like that the Wireless Log now lists client bandwidth... we can now see that lessor clients are using their smaller bandwidth no matter what bandwidth is configured on the router.

I recently rebooted my Roku and it moved its WiFi Direct AP (used by its remote controller/clicker) up to channel 165... that's a good, otherwise useless channel for it... I hope it stays there. I wonder if a Roku firmware upgrade caused that change.

OE
Roku did get an upgrade recently. One addition is a sleep mode. It also seems to follow the routers WIFI channel switching better. I continue to switch the WIFI settings to see what happens and what works best. Also switch DoT and DNS Server 1/2 from time to time. Quad9 was wonky today so I switched to Cloudflare Secure which fixed things for now.

Oh, the Auto Upgrade works well for folks who are computer illiterate. I set up an AC86U for some friends that are like that and the router got the last big upgrade and just kept humming along!
 
Oh, the Auto Upgrade works well for folks who are computer illiterate. I set up an AC86U for some friends that are like that and the router got the last big upgrade and just kept humming along!

That is the use case for auto upgrade, but it could cut both ways, good and bad.

OE
 
Why did you mix the routers? New AX capable devices?

No, I bought the AX86U to replace an AC86U I thought was failing. I only have one AX client and it is wired... I haven't even tried AX yet. It's all good... I'm learning.

OE
 
No, I bought the AX86U to replace an AC86U I thought was failing. I only have one AX client and it is wired... I haven't even tried AX yet. It's all good... I'm learning.

Today, I introduced my one AX PC client to my AX86U... they got along great after I figured out some things. In particular, I had to set 5.0 to 160 MHz to get the AX client to connect at 160 MHz; 20/40/80/160 MHz would only connect at 80 MHz. As it turns out, the firmware falls back nicely from 160 MHz to the lower bandwidths for lessor clients. Similarly, setting WPA2/WPA3-Personal (AES) everywhere seems to suit all of my clients (although I did not roam today).

I am purposely restricting the 5.0 control channel to the non-DFS channels 36-48.

Here is a pic of the 5.0 Log showing various bandwidth connections. The 4-stream AC 80 MHz connection is my AC86U node... someday that will become a 4-stream AX 160 MHz connection:

1639007498426.png


I have updated my install notes accordingly.

OE
 
Today, I introduced my one AX PC client to my AX86U... they got along great after I figured out some things. In particular, I had to set 5.0 to 160 MHz to get the AX client to connect at 160 MHz; 20/40/80/160 MHz would only connect at 80 MHz. As it turns out, the firmware falls back nicely from 160 MHz to the lower bandwidths for lessor clients. Similarly, setting WPA2/WPA3-Personal (AES) everywhere seems to suit all of my clients (although I did not roam today).

I am purposely restricting the 5.0 control channel to the non-DFS channels 36-48.

Here is a pic of the 5.0 Log showing various bandwidth connections. The 4-stream AC 80 MHz connection is my AC86U node... someday that will become a 4-stream AX 160 MHz connection:

View attachment 37675

I have updated my install notes accordingly.

OE
Yep, same thing with my setup. Have to manually enable 160MHz for both of my AX clients to connect at 160. The auto setting should work, maybe they'll fix in future firmware update.
 
Yep, same thing with my setup. Have to manually enable 160MHz for both of my AX clients to connect at 160. The auto setting should work, maybe they'll fix in future firmware update.
When set to Auto, it picks ch 48 ( i also tried 40 44 36) and my 5GHZ doesnt appear. They only other channels that are available are 52-144 but Asus wireless utility is showing them all radar sensitive. Any idea why my AX86U wont show the 5GHZ ch at 160 between 36-48 band?
 
When set to Auto, it picks ch 48 ( i also tried 40 44 36) and my 5GHZ doesnt appear. They only other channels that are available are 52-144 but Asus wireless utility is showing them all radar sensitive. Any idea why my AX86U wont show the 5GHZ ch at 160 between 36-48 band?

Auto picked ch 48 here yesterday. But ch 36 works also, today. Make sure you wait long enough for things to settle and come up. And check if you have to reconnect your AX client manually.

OE
 
Auto picked ch 48 here yesterday. But ch 36 works also, today. Make sure you wait long enough for things to settle and come up. And check if you have to reconnect your AX client manually.

OE
How long did it take for the 5GHZ to show back up...usually its come up right away...I may have to give a couple of minutes to settle?
 
How long did it take for the 5GHZ to show back up...usually its come up right away...I may have to give a couple of minutes to settle?

It comes up slower, so yes, wait longer... about a minute or so.

OE
 
Got it just came up...oddly enough, my ac laptop is at 160ghz..my note 20 U is AX capable but router picked up at 80ghz..interesting.
 
Got it just came up...oddly enough, my ac laptop is at 160ghz..my note 20 U is AX capable but router picked up at 80ghz..interesting.

Perhaps leave it on ch 48... that suits my plan to only use control channel 36-48 so that it has those non-DFS channels to fall back on if DFS kicks in... plus 48 may not be a neighbor's first choice.

Try forgetting and recreating your note 20 U connection.

Me, I would not waste too much time on mobile devices... the smaller the client, the less respect they give... and get, imo. The PC working is the benchmark.

OE
 
Last edited:
Yes, set to CH 48. I havent tried that on my Note 20 U (will give it a shot). If that doesnt work, i wont waste too much time. At least i know its working with my Win 11 laptop.
 
This is your only configuration preference I would take exception to... I prefer to upgrade my network on my schedule when I have time to manage the interruption and any surprises for me and my users.

I suppose if I ever need DoS protection, I'll enable it. The AX86U probably wouldn't notice!

I initially disabled the login Captcha, but then I realized it permits me to use a simple admin password and not think twice about it.

Now that everything is humming along nicely, I may tryout 160 MHz on the lower end of the 5.0 band. I like that the Wireless Log now lists client bandwidth... we can now see that lessor clients are using their smaller bandwidth no matter what bandwidth is configured on the router.

I recently rebooted my Roku and it moved its WiFi Direct AP (used by its remote controller/clicker) up to channel 165... that's a good, otherwise useless channel for it... I hope it stays there. I wonder if a Roku firmware upgrade caused that change.

OE
I'm curious about enabling DoS protection too. If enabling it increases CPU load as claimed, why would a home user enable it? I can understand why the NYTimes or Amazon may be subjected to Denial of Service attacks, but any one of the millions of home network users?

I'm not a network tech, so I fully understand I may be missing some benefit to enabling DoS on a home network. So any advice appreciated.

Thanks.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top