Recent content by hiluke88

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.
  1. H

    Repeater/Bridge to Guest Network broken on 386.3

    I've tried this with my own setup just now with 2x RT-AC68U routers on 386.3 (I haven't updated to 386.3_2 yet). Primary router IP is 192.168.29.1, second router in repeater mode is set to get assigned an IP via DHCP, and gets assigned 192.168.29.76. The Guest Network on my primary router is in...
  2. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Thanks for replicating! Yep, the only way I have found to prevent guests from accessing the primary network is to completely disable all guest networks in the Asus firmware. Otherwise if you leave a guest network enabled, you are leaving your primary network vulnerable. If you want a...
  3. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Just an update, I raised this issue with Asus, however it looks like they acknowledge that their Guest networks actually have no segregation. If anyone is looking to replicate this issue, it can be done with the following: Primary router running a GUEST network (any slot or frequency), with...
  4. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Okay I installed RT-AC68U_374.43_48E2j9527 on the repeater RT-AC68U and connected it to the primary running Merlin 386.1_2. Initially this looked to be isolated properly, but after waiting for things to propagate properly, I still have access into the primary network.
  5. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Interesting. I'll try installing the 374 LTS fork on the repeater RT-AC68U and see what results I get. I suspect that it may need to be on the primary router though (which I won't be able to install on the RT-AX86U). I get the same issue when I have Merlin 384.19 installed on primary and...
  6. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Thank you! I actually tried both wired and wireless clients on the repeater. Both are able to connect.
  7. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Yep agreed, I have disabled the guest networks now because they are not secure. I might actually look into alternate firmware for the RT-AC68U (DD-WRT or Tomato, which I have used in the past) that offer different repeater options and keep traffic isolated from the main network.
  8. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Thanks. I had been doing a 30-30-30 with the WPS button, but have now followed your instructions instead. I did several more tests, and this issue appears to exist in 384 as well. 1. I swapped the primary RT-AC68U router to stock FW_RT_AC68U_900438641994 firmware. Repeater still on Merlin...
  9. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    So I did a full 30-30-30 reset on both the RT-AX86U and the RT-AC68U and reconfigured from scratch. Using Guest network index 2 to connect the repeater, and I still have the same problem. Any clients connecting via the repeater have access to the primary network. I have now taken the RT-AC68U...
  10. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Any devices that connect directly to the RT-AX86U guest network have no Intranet access as expected. It is only the repeater connecting to the guest network (and any devices connecting through it) that appears to be able to bypass this setting.
  11. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Okay, I 30-30-30 reset the RT-AC68U repeater and reconfigured it with a static IP address of 192.168.53.11 as part of the setup. I connected it to the GUEST_5G network. I still cannot access its web interface. However, I can connect to the STUDIO SSIDs it is broadcasting, and they are assigning...
  12. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    That's exactly what I was expecting! Which is also why I was trying to connect the repeater to the guest Wi-Fi so it's segregated from the primary network. Is anyone able to replicate this with 2x 386 compatible Asus routers? Or alternatively, advise what else I could have misconfigured to...
  13. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    That's awesome, thank you. I'll configure and test when I am back there tomorrow. Just to clarify, the primary router is 192.168.22.1. Should the DNS be 192.168.22.1, not the IP in the new subnet? Or will it default route from 192.168.53.1 to 192.168.22.1? Edit: I was impatient and reconfigured...
  14. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Thanks for the YazFi suggestion. I might need to look at it. What it looks like is Guest networks on this build do not provide segregation at all. They can be completely bypassed with another Asus router in repeater mode. I have just reset the repeater to default, and re-configured as a...
  15. H

    Repeater connected to Guest SSID bypassing Access Intranet = Disable

    Thanks for the response. I think the different subnet may be the next thing I try (by using the guest profile on network index 1, defaulting into the 192.168.101.x or 192.168.102.x subnets). I hadn't tried this index with the repeater configuration as I've been really hesitant of this index...
Top