Recent content by galapogos01

:( Software support sucks hey. The hardware is fine, AC speeds are more than sufficient for a home network. Just puts perfectly working hardware in landfill.

To the mod who deleted my post -- my findings suggest a bug in this very firmware version! Summary follows: I recently updated firmware on my AiMesh router and node to get the latest security fixes: ASUS RT-AC86U Firmware version 3.0.0.4.386_51925 ASUS RT-AC66U B1 Firmware version...

I downgraded the RT-AC86U router to Firmware version 3.0.0.4.386_51915 (leaving the ASUS RT-AC66U B1 on Firmware version 3.0.0.4.386_51685) and the AC66U_B1 node came back. There is some compatibility problem with the AiMesh security update in ASUS RT-AC86U Firmware version 3.0.0.4.386_51925.

Hi guys, I recently updated firmware on my router and node to get the latest security fixes: ASUS RT-AC86U Firmware version 3.0.0.4.386_51925 ASUS RT-AC66U B1 Firmware version 3.0.0.4.386_51685 The router no longer shows the node in the admin screen and the node says it can not connect to the...

I understand what you're saying, but I think you're missing my point. I have VPN connections configured to many other VPN servers. By forcing this setting on the client, Asus is potentially compromising all other VPN connections my client makes. This is a global setting not per connection.

It's a risk because making a connection requires that the client has a setting applied that will allow any other certs issued to act as the router. This applies not just to the connection, but to all VPN connections. There are multiple guides online suggesting this is simply poor configuration...

Hi guys, I was setting up an IKEv2 VPN on my Asus AX86S with stock firmware and I noticed in the official guide the step to disable Extended Key Usage (EKU) checks on the client. Without doing this, Windows will not connect to the VPN server. Per the Strongswan documentation, Is anyone else...

@john9527 How are new builds being released yet your git repo has not been updated since 2021?

Use the stock output above to work out which of the interfaces is the 5ghz ssid. Your script does not seem to include all of the ifs in your stock output. That all I have to suggest.

I am far from an expert, but iirc if you use a separate ssid for 5ghz you get either an additional eth interface or wl interface. Also why do you drop vlan1? btw your original post says the guest network is VLAN 20 but in your script it's 30.

It works! Thanks heaps for your help. ip_forward is turned off on the Asus. Now to tidy up the routing on my gateway. Jason

Thanks heaps for your help & patience. I finally got a hour or two to play and after making a rookie mistake (dropping the t on the vlan 9 port definition) I got the vlan working on the router. Without the t it would drop the untagged traffic. Now from the router I can ping my vlan interface...

Yours was one of the few scripts I saw that came close. The other was http://www.snbforums.com/threads/wap-guest-ssid-port-based-vlan.12750/ but the people who were close moved to Tomato! If I understand it correctly, your setup has a dedicated port (Port 4) for the VLAN9 traffic to your AP...

Agre. Maybe my question was not clear enough - I'm not looking for physical separation. How do I tag traffic coming in on the guest SSID with VLAN2? Jason

Hi guys, I have found loads of threads relating to this topic but unfortunately none that solve my problem. I run my AC66U in AP mode. I have a linux box as my NAT gateway, and have added a VLAN 2 to it's LAN interface, that will keep Guest traffic separate from my default LAN. I would like...