Asus AIMesh Guest network issues
- Thread starter Swindiff
- Start date
Yes we did, but this won't work if Sync = ALL and Intranet = Disable.
kipperdawn
New Around Here
Wow, so glad i found this thread. I too have this problem - rt-ax86u & rt-ac1900p (same as rt-ac68u). I originally was using Merlin firmware on both routers (primary and node) but I couldn't get the guest wifi to work - like others have mentioned, I can get an ip from the main router, but the moment i go within range of the mesh node, it would disconnect. If i start trying to connect via the mesh node, i couldn't get an ip. I then decided to switch to asus firmware as i couldn't find people complaining about this issue so assumed it was the merlin firmware. I also did a hard reset when i switched. Even after the switch, the behavior is the same. By default, i have access to my lan disabled for guest. Like others pointed out, why would i want to give a guess full access... but i will try enabling it to see if that makes it work. I feel like this is no longer an isolated incident, but at the same time, it sounds like it is working for others so not sure what steps to try next.
I have the same problem with one of my AIMesh nodes not being able to assign IP addresses for the guest network. I have the latest firmware. Hoping this issue will be resolved sooner then later since I really have no interest in opening up access to my local network for guests. My main router is a RT-AC68U with 2 ethernet connected nodes (RT-AC68U and RT-AC66U B1) all running Merlin firmware 3.0.0.4.386.3_2. The RT-AC68U has no problems connecting to the guest network. The other node, will is able to connect for a day or so but eventually stops working with the ip address not able to be assigned. Hope this helps.
Last edited:
See Update 1
Hi guys, the exact same issue. Using AX-3000 as primary router and another AX-3000 as a node. Guest Network 1 does not work on mesh node, IP address will not be assigned unless intranet access is set to enabled. Guest Network 2 does not have mesh functionality so it defeats the purpose.
Using latest firmware 3.0.0.4.386_43588 but to no avail. I do use custom Lan IP and DHCP range. Some people are saying that not changing the LAN IP address works, can anyone who faced this issue confirm the same?
Looking for a solution.
Update 1: I tried using wireless backhaul and everything works as it should. I am able to get the IP address on GN1, 192.168.102.xx (5g) and intranet access is disabled. But the connection is weak. Has anyone been able to check whether it works with direct ethernet backhaul? (without switch).
Hi guys, the exact same issue. Using AX-3000 as primary router and another AX-3000 as a node. Guest Network 1 does not work on mesh node, IP address will not be assigned unless intranet access is set to enabled. Guest Network 2 does not have mesh functionality so it defeats the purpose.
Using latest firmware 3.0.0.4.386_43588 but to no avail. I do use custom Lan IP and DHCP range. Some people are saying that not changing the LAN IP address works, can anyone who faced this issue confirm the same?
Looking for a solution.
Update 1: I tried using wireless backhaul and everything works as it should. I am able to get the IP address on GN1, 192.168.102.xx (5g) and intranet access is disabled. But the connection is weak. Has anyone been able to check whether it works with direct ethernet backhaul? (without switch).
Last edited:
Hi All,
After reading this thread, I decided to Turn on my Guess Network 1, sync to All AiMesh Nodes, it is working as expected for my configuration and Firmware:
After reading this thread, I decided to Turn on my Guess Network 1, sync to All AiMesh Nodes, it is working as expected for my configuration and Firmware:
- AiMesh Router: AX88U 3.0.0.4.386_45375-ge5f218b + 2 x AiMesh Nodes: AC86U 3.0.0.4_386_44470-g53bccb8
- Wired Backhaul (Priority:"Auto"), Asus GX-U1051 5-Port Gigabit Switch from Router to Nodes, ISP: 1 Gbps Fibre
Have you set Intranet Access = Disable? It starts NOT WORKING only if 1) Intranet Access Disable + 2) Sync to All AiMesh Nodes.
Yes.
PS:
- However, please note the hardware and the stock version of Firmware that I used for AiMesh Router and Node that may be different from yours
- I also noticed that for AiMesh Router Firmware: RT-AX88U_3.0.0.4_386_45375, I do not get the annoying and endless "... protocol ..." messages in my syslog
for older Firmwares including Merlin's 386.3_2 that uses an older GPL that Merlin mentioned.
Last edited:
Everything breaks for me as well the moment the setting "Access Intranet = Disabled" [ Note: "Sync to AiMesh Node = All" ]
All devices connected to the nodes (not the main router) will not work.
Diveblaster
Regular Contributor
Hi!
I read this thread because i exp the same with my setup. I wonder if someone from ASUS staff has taken up the issue.
Regards
Dive
I read this thread because i exp the same with my setup. I wonder if someone from ASUS staff has taken up the issue.
Regards
Dive
Interesting to hear it works for someone!Yes.
View attachment 36266
PS:
- However, please note the hardware and the stock version of Firmware that I used for AiMesh Router and Node that may be different from yours
- I also noticed that for AiMesh Router Firmware: RT-AX88U_3.0.0.4_386_45375, I do not get the annoying and endless "... protocol ..." messages in my syslog
I thought of upgrading my home network that today consists of 3 old RT-n66u (router + 2 in AP mode) (Merlin firmware) and then I found this thread and think I have to wait....
I emailed Asus support and linked to this thread and asked regarding status and they confirmed they are aware of the problem and are working to sort it(!)
It looks to have been going on for a while though...
Anyhow, the representative also replied it works for some devices and not for others (so JimLK looks to have found one of them!), but he didn't mentioned for what combinations it is known to work...
Obviously it can work for AX88U + 2x AC86U
Anyone else with the AX88U as aimesh router who have got it to work with guest network propagated to nodes and wireless device connected to nodes and roaming between router-node-router-node-node etc?
My requirements for upgrade is
- Better/faster WiFi roaming than today where it for some reason takes long time (30-60 seconds) to roam back from APs to Router, but the opposite direction is just 2-5 seconds.
- 2x OpenVPN servers (TUN+TAP) with AES-NI
- More router performance for the kids and their gaming (not sure the n66u is a bottleneck, but I use to be able to fry eggs on the chassi...
- WiFi6, so I don't need to upgrade in a year or two again...
Edit: and I will use wired backhaul.
Edit 2:
- Guest network
I'm looking to buy:
- Router: AX88U
- Nodes: 2x RX58U or 2x XT8 as nodes (I prefer the extra switch port of the RD58U if possible, otherwise XT8 could be an option as well..or maybe the XD6 could be enough(?)
Anyone tried one of these combinations with guest network propagated to nodes?
Little of topic: Does Asus stock firmware contain dual VPN servers where I can set one TUN and one TAP...if I need to run stock until Merlin is updated and working with guest network nodes....
Last edited:
L&LD
Part of the Furniture
I had an RT-AX88U main with an RT-AX58U AiMesh (wired and wireless backhaul, briefly) less than a year ago. Not a setup that could be considered 'worth the money'.
The current 2x RT-AX86U's in wired 2.5GbE backhaul mode are far, far superior.
The recently experienced 2x RT-AX68U's in wireless backhaul mode for a customer was also superior to the RT-AX88U + RT-AX58U setup (from memory and from the increase in performance/throughput from 2x RT-AC86U's for that same customer).
Report - 2x RT-AX68U upgrade over 2x RT-AC86U in wireless backhaul mode
Report - 2x RT-AX68U upgrade - Followup questions/answers
The current 2x RT-AX86U's in wired 2.5GbE backhaul mode are far, far superior.
The recently experienced 2x RT-AX68U's in wireless backhaul mode for a customer was also superior to the RT-AX88U + RT-AX58U setup (from memory and from the increase in performance/throughput from 2x RT-AC86U's for that same customer).
Report - 2x RT-AX68U upgrade over 2x RT-AC86U in wireless backhaul mode
Report - 2x RT-AX68U upgrade - Followup questions/answers
GT-AX11000 and two RT-AX92U. Same here, first I did not know of the new feature concerning the guestnetwork being propagated to the nodes. I was playing with WPA 3. I completely screwed that up and had to reset everything and left WPA 3 for what is was and got back to WPA 2 again. When I did reset everything and wanted to setup the guestnetwork again I discovered this new feature. Great, but after some time I discovered that the 2.4 band was disconnecting all the time. No good for me, because I have some streaming domotica working on that band (homey from athom). So I switched of the 2.4 band for guestst and only use the 5 band now for guests. This works great. I guess it is a bug.
That's something! Hopefully they will fix it soon. So MerlinWRT can create an updated firmware.
Currently the guest access is not as useful...
Hi Folks,
Just to add to this thread a bit, we've been bringing up a network here as follows:
- Three RT-AC68U devices
- AiMesh using Merlin 386.3_2
- Ethernet Backhaul
--> Nodes are Daisy Chained (AiMesh correctly detects this topology)
- Single client, also connected via ethernet to last node in daisy-chain
Not that it matters, but the GUI is being accessed via the WAN port as a side effect of the network being built.
With Guest Networks active and pushed to nodes with Guest Isolation turned ON (Intranet DISABLED) , there is SIGNFICANT packet loss on the network. Symptoms include:
- Immense loss via continuous ping from client mentioned above connected to last node in chain.
- Slow, and lossy UI. Sometimes requiring multiple reloads to get proper render of page (this is on the WAN port of the root node) Content loads VERY slowly into the GUI.
If these two Guest networks are deleted, ping loss and Management GUI rendering return to normal.
The above behavior is repeatable (eg. the poor performance can be induced by adding the Guest networks, and resolved by deleting them)
The same applies, as noted previously in the thread that enabling/disabling the "Intranet Access" (Guest network isolation) option invokes the same. Likewise, these behaviors are repeatable. It only takes ONE of these guests to be set to Intranet DISABLE to cause this behavior.
PLEASE NOTE: All of these observations are strictly using WIRED networks. There is no use of any wireless connections in any of the above, though of course the wireless interfaces are on and active. We're just not using them for any of the above tests. So what was observed on this network config seems to be strictly a networking issue. (though for those trying to use WiFi, there may be other bugs/issues)
Presumably there is a routing issue (loop?) which is invoked when the the Intranet is in DISABLE mode, as this causes each Wifi to be on its own network. As mentioned also earlier in the thread, WiFi networks are on 192.168.10x.xxx when in isolation mode (Intranet DISABLED), vs. all interfaces operating on the 192.168.1.xxx network when Guest networks are allowed Intranet access. How these other networks are configured/routed when in isolation mode is perhaps causing packets to circulate within the switch(s). (Speculation)
(is there a way to look at the packet load within the switch via the command line?)
After any adjustment to the Guest Network settings is made, as soon as the GUI returns, there are usually about 6 successful pings before the ping loss starts to occur. This would also point to something like internal switch buffers filling with packets which have no place to go, and that the fill rate is higher than the expiration rate for these unrouteable packets. (Speculation)
CPU load doesn't appreciably increase when the Guests are in Intranet DISABLE, so this seems not to be a local process gone awry.
One more interesting observation:
The problem is "less bad" when only the 2.4G network is set for Intranet DISABLE. Specifically, if only 2.4G Guest network is set for DISABLE, and the other ENABLE, and the root node router is rebooted, the problem seems not to reappear until the setting for either Guest network is adjusted.
Finally, in this "half-guest-mode" (after reboot, and without adjusting any guest settings) an "internet speed test" run on the client causes some ping loss and also causes the test to behave poorly but the system recovers. (pings become non-lossy again).
When both are in "ENABLE" mode, there is no ping loss, and the test operates as expected and smoothly.
If this is indeed the switch filling with junk packets, perhaps with only one of the Guests in "Isolation" (DISABLE) the rate of filling is slow enough that the packets time out and the memory doesn't get saturated? (Speculation)
Also, this seems to be a "root node" issue, since during all of the above tests, the leaf-nodes were never restarted or messed with in any way.
I apologize that there is no solution offered here, but perhaps being able to solidly reproduce the problem will allow those more familiar with the code to be able to isolate and resolve this.
Would be great to hear from others who have been struggling with this to see if the above observations are consistent with their experiences as well.
Cheers!
P.S> Perhaps here is a smoking gun...
With both Guest Nets in Isolation Mode:
With only 2.4G network in Isolation Mode:
Just to add to this thread a bit, we've been bringing up a network here as follows:
- Three RT-AC68U devices
- AiMesh using Merlin 386.3_2
- Ethernet Backhaul
--> Nodes are Daisy Chained (AiMesh correctly detects this topology)
- Single client, also connected via ethernet to last node in daisy-chain
Not that it matters, but the GUI is being accessed via the WAN port as a side effect of the network being built.
With Guest Networks active and pushed to nodes with Guest Isolation turned ON (Intranet DISABLED) , there is SIGNFICANT packet loss on the network. Symptoms include:
- Immense loss via continuous ping from client mentioned above connected to last node in chain.
- Slow, and lossy UI. Sometimes requiring multiple reloads to get proper render of page (this is on the WAN port of the root node) Content loads VERY slowly into the GUI.
If these two Guest networks are deleted, ping loss and Management GUI rendering return to normal.
The above behavior is repeatable (eg. the poor performance can be induced by adding the Guest networks, and resolved by deleting them)
The same applies, as noted previously in the thread that enabling/disabling the "Intranet Access" (Guest network isolation) option invokes the same. Likewise, these behaviors are repeatable. It only takes ONE of these guests to be set to Intranet DISABLE to cause this behavior.
PLEASE NOTE: All of these observations are strictly using WIRED networks. There is no use of any wireless connections in any of the above, though of course the wireless interfaces are on and active. We're just not using them for any of the above tests. So what was observed on this network config seems to be strictly a networking issue. (though for those trying to use WiFi, there may be other bugs/issues)
Presumably there is a routing issue (loop?) which is invoked when the the Intranet is in DISABLE mode, as this causes each Wifi to be on its own network. As mentioned also earlier in the thread, WiFi networks are on 192.168.10x.xxx when in isolation mode (Intranet DISABLED), vs. all interfaces operating on the 192.168.1.xxx network when Guest networks are allowed Intranet access. How these other networks are configured/routed when in isolation mode is perhaps causing packets to circulate within the switch(s). (Speculation)
(is there a way to look at the packet load within the switch via the command line?)
After any adjustment to the Guest Network settings is made, as soon as the GUI returns, there are usually about 6 successful pings before the ping loss starts to occur. This would also point to something like internal switch buffers filling with packets which have no place to go, and that the fill rate is higher than the expiration rate for these unrouteable packets. (Speculation)
CPU load doesn't appreciably increase when the Guests are in Intranet DISABLE, so this seems not to be a local process gone awry.
One more interesting observation:
The problem is "less bad" when only the 2.4G network is set for Intranet DISABLE. Specifically, if only 2.4G Guest network is set for DISABLE, and the other ENABLE, and the root node router is rebooted, the problem seems not to reappear until the setting for either Guest network is adjusted.
Finally, in this "half-guest-mode" (after reboot, and without adjusting any guest settings) an "internet speed test" run on the client causes some ping loss and also causes the test to behave poorly but the system recovers. (pings become non-lossy again).
When both are in "ENABLE" mode, there is no ping loss, and the test operates as expected and smoothly.
If this is indeed the switch filling with junk packets, perhaps with only one of the Guests in "Isolation" (DISABLE) the rate of filling is slow enough that the packets time out and the memory doesn't get saturated? (Speculation)
Also, this seems to be a "root node" issue, since during all of the above tests, the leaf-nodes were never restarted or messed with in any way.
I apologize that there is no solution offered here, but perhaps being able to solidly reproduce the problem will allow those more familiar with the code to be able to isolate and resolve this.
Would be great to hear from others who have been struggling with this to see if the above observations are consistent with their experiences as well.
Cheers!
P.S> Perhaps here is a smoking gun...
With both Guest Nets in Isolation Mode:
Code:
Oct 27 03:46:15 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:46:15 kernel: br2: received packet on eth0.502 with own address as source address
Oct 27 03:46:15 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:46:15 kernel: br2: received packet on eth0.502 with own address as source address
Oct 27 03:46:15 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:46:15 kernel: br2: received packet on eth0.502 with own address as source address
Oct 27 03:46:15 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:46:15 kernel: br2: received packet on eth0.502 with own address as source address
Oct 27 03:46:15 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:46:15 kernel: br2: received packet on eth0.502 with own address as source addressWith only 2.4G network in Isolation Mode:
Code:
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Oct 27 03:51:44 kernel: br1: received packet on eth0.501 with own address as source address
Last edited:
Sorry to butt in and ask stupid questions, but:
I don't have AI-Mesh (only main router supports it and my two older ones do not). I have my two others setup simply in AP mode. That seems to work just fine (guest network, that is). So what's the benefit of using AI Mesh vs. AP mode when it seems Guest network functionality isn't "quite there" yet with AI Mesh?
I don't have AI-Mesh (only main router supports it and my two older ones do not). I have my two others setup simply in AP mode. That seems to work just fine (guest network, that is). So what's the benefit of using AI Mesh vs. AP mode when it seems Guest network functionality isn't "quite there" yet with AI Mesh?
L&LD
Part of the Furniture
AiMesh has arrived (already) and for over a year now. Including functional Guest Network 1 on each band.
www.snbforums.com
Asus AIMesh Guest network issues
You need to go into each of the guest wifi bands and set the option to Sync with AIMesh nodes to ALL.
www.snbforums.com
OzarkEdge
Part of the Furniture
Similar threads
Similar threads
Similar threads
-
-
-
Release ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15)- Started by Intrepid
- Replies: 12
-
ASUS RT-AX58 - Firmware version 3.0.0.4.388.24762
- Started by prosperot
- Replies: 7
-
Release ASUS GT-BE25000 Firmware version 3.0.0.6.102_33570- Started by PR3MIUM
- Replies: 1
-
-
ASUS RT-AX55U\56v2 Firmware version 9.0.0.4.386_52297-g05e2188
- Started by tarzan2000
- Replies: 3
-
Release ASUS RT-AX88U Firmware version 3.0.0.4.388_24209 (2024/03/29)- Started by visortgw
- Replies: 16
-
Release ASUS RT-AC86U Firmware version 3.0.0.4.386_51925 (2024/03/29)
- Started by lepicane
- Replies: 10
-
Release ASUS RT-BE88U Firmware version 3.0.0.6.102_33911
- Started by PR3MIUM
- Replies: 2
Latest threads
-
Accidentally flashed XT12 latest merlin on a ET12 Asus Zenwifi Pro. Can't flash back stock FW.
- Started by zapahacks
- Replies: 0
-
-
-
-
ASUSwrt DNSMASQ service can't be restarted
- Started by pseu_asus
- Replies: 1
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!