A suggestion. Provide information about how you have configure your router including the DNS Director settings if you have enabled that feature, and any addon scripts you may be using. Without any information on how you have configured your router one generally cannot provide any suggestions to your question or issue with the firmware.
Basically - a very simple system, with a few security settings tweaked for improved security. And with an Ethernet VLAN added to ring fence my Amazon Fire-Stick from my Main Network.
As I stated above I have set DNS Director to OFF.
3 Clients:-
Desktop on Ethernet on Main Network.
Mobile Phone on Wi Fi on Main Network.
Amazon Fire Stick on Ethernet with separate VLAN.
There is also a separate WiFi IoT Network, which I have set to have no connection to the Main Network.
I'm not currently using that IoT Network, but found that to set up the Wired VLAN it was also added...
I'm NOT using any of the following:-
AI Protection - since I don't want Trend Micro on my system.
Parental Controls - since I have no kids
Adaptive QoS - since my system is so simple it would be overkill
Game Features
Open NAT
Any of the USB applications
AI Cloud
And I'm most certainly NOT using Amazon Alexa!!
In LAN:-
I'm using the DHCP server
DNS is set to both Cloudflare servers 1.1.1.1 and 1.0.0.1
DNS Director is set to OFF, since I found that it did not work with the Quad9 or Cloudflare DNS settings I was using.
(I had tried Quad9, but found that for some reason it was SLOW, while Cloudflare is very snappy.)
In WAN:-
Automatic IP - set
UPnP - DISABLED
Once again DNS servers set here to both Cloudflare servers.
DNS Privacy Protocol - DNS over TLS (DoT)
With Strict DoT profile
My ISP uses VLANs for WAN connection, so those ISP settings are made here.
IPV6:- Currently not using
VPN:- I have a VPN, which I can use on all my clients, so I'm not using the hard coded VPN on the Router. Some sites I require do not work with VPNs, so having the Router VPN doesn't make sense.
Firewall:-
Enabled.
DoS Protection - Enabled
ICMP Echo - Disabled
No rules currently set
Administration:-
Authentication - HTTPS
Remote Access - DENIED
Basically - a very simple system, with a few security settings tweaked for improved security. And with an Ethernet VLAN added to ring fence my Amazon Fire-Stick from my Main Network.
- - -
The system is simple, and was fully working on the previous firmware, which is why I find it puzzling that SOME sites I need to visit regularly do not work on the new RT-BE86U_3006_102.4_0 firmware, which is supposed to sort out problems with DNS Director. Meanwhile other sites worked fine.
The message I got after waiting for the sites to load, was that a secure connection could not be established on those sites...
Clearly I can't upgrade to the new firmware till I can sort out the connection issue here.
Any help gratefully received Greg