Release Asuswrt-Merlin 3006.102.4 is now available

[Muscless]

Bandwidth Monitor is a feature of Trend Micro. Trend Micro on ASUS WiFi7 routers has not been working properly. Perhaps we should expect RMerlin to merge the new GPL source code in the next version?

If that fixes it, that would be great!

 

[jk7gr]

I have upgraded and did factory defaults to the unit and then I tried Dual Wan functionality with a Samsung S23 Android device. Unfortunately, it is not working. Is this a known issue or is related to the latest version. It used to work on the previous firmware version.

 

[madre]

I did not enable, nor do I use, VPN on my Guest Network IoT profiles. All I can say is that the Access Intranet is working in my setup. I have two Guest Network Pro IoT profiles, both configured with Use same subnet as main network set to disable. Each IoT profile is configured for a single WiFi band (one for 2.4 GHz the other for 5 Ghz). I do not have Smart Connect enabled on my main WiFi bands. The attached images show that a Guest Network Pro WiFi client (192.168.52.175) can ping a wired main LAN client (192.168.2.50) and vice versa. And the IoT indicates Main LAN is selected for Access Intranet.

When Access Intranet is disabled (Main LAN unchecked) neither subnet can access the other.

Thank you for your help.
Unfortunately it does not work for me.
I have done the process as you describe but I cannot connect the guest network to the local intranet.
Also there is no ping to any computer on the network.
In the end I did a factory reset of the router but that didn't fix it either.
This is the first firmware version in the 3006 branch for this router (excepting betas), so I can't tell if it worked before.
I could try with the Asus firmware but I'm afraid it would be the same.

 

[MDM]

Thank you for your help.
Unfortunately it does not work for me.
I have done the process as you describe but I cannot connect the guest network to the local intranet.
Also there is no ping to any computer on the network.
In the end I did a factory reset of the router but that didn't fix it either.
This is the first firmware version in the 3006 branch for this router (excepting betas), so I can't tell if it worked before.
I could try with the Asus firmware but I'm afraid it would be the same.

Did you turn off AP isolation...?

 

[madre]

Did you turn off AP isolation...?

Yes, it's off.

 

[Rajjco]

My node connected to RT-BE92U stops broadcasting Guest Network SSID anyone facing the same issue?

May 13 14:59:14 bsd: bsd: wl0.1 Sending act Frame to 5e:60:b8:4e:bf:9c with transition target wl1.1 ssid 62:cf:84:36:93:b5
May 13 14:59:14 bsd: bsd: BSS Transit Response: ifname=wl0.2, event=156, token=f3, status=7, mac=00:00:00:00:00:00
May 13 14:59:14 bsd: bsd: BSS Transit Response: not for interface wl0.1
May 13 14:59:14 bsd: bsd: wl0.1 Sending act Frame to 5e:60:b8:4e:bf:9c with transition target wl1.1 ssid 62:cf:84:36:93:b5
May 13 14:59:14 bsd: bsd: BSS Transit Response: ifname=wl0.2, event=156, token=f7, status=7, mac=00:00:00:00:00:00
May 13 14:59:14 bsd: bsd: BSS Transit Response: not for interface wl0.1

 

[bennor]

Unfortunately it does not work for me.
I have done the process as you describe but I cannot connect the guest network to the local intranet.

Strange. Hopefully others can test on their end to see if they are able to have Guest Network Pro's Access Intranet work.

Did another quick test; setup a third Guest Network Pro profile, a Customized Network profile, with Access Intranet configured for Main Network, with Use same subnet as main network disabled, and it works. Main LAN client can ping Guest Network Pro client and the Guest Network Pro client can access main LAN client(s). See the three attached images.

Normally I have Access Intranet disabled on my Guest Network Pro Profiles.

As a troubleshooting step (if you haven't done so already), setup a Guest Network Pro profile with Use same subnet as main network configured as enabled. That way Guest Network Pro clients pulls an IP address from the main LAN subnet. Then test if Guest Network Pro clients attached to that profile can access main LAN clients and vice versa.

In my testing (both with stock Asus and Asus-Merlin 3006 firmware), when having Use same subnet as main network enabled, it would cause Guest Network Pro profile clients and main LAN clients to have unrestricted access to each other (at least in my testing on a RT-AX86U Pro). Another quick test with Asus-Merlin 3006 just now shows this still to be the case on the RT-AX86U Pro using the Guest Network Pro Customized Network profile.

In my use case I do not have AiProtection (or any Trend Micro) features enabled. I am not using AiMesh nodes. I do not have any add-on scripts running other than YazDHCP. I am not using Dual WAN. I do not have a USB device attached to the RT-AX86U Pro. I do not have any sort of MAC black or white listing or WiFi scheduling enabled. I do have the router configured to use Pi-Hole (and Unbound) as it's LAN DHCP DNS server's. Do have DNS Director configured for use with the Pi-Hole(s). And do have LAN - Route configured to block Google DNS servers (8.8.8.8/8.8.4.4). WPS is disabled. WAN DNS set to Quad9. WAN UPnP disabled. Smart Connect disabled.

 

[madre]

Strange. Hopefully others can test on their end to see if they are able to have Guest Network Pro's Access Intranet work.

Did another quick test; setup a third Guest Network Pro profile, a Customized Network profile, with Access Intranet configured for Main Network, with Use same subnet as main network disabled, and it works. Main LAN client can ping Guest Network Pro client and the Guest Network Pro client can access main LAN client(s). See the three attached images.

Normally I have Access Intranet disabled on my Guest Network Pro Profiles.

As a troubleshooting step (if you haven't done so already), setup a Guest Network Pro profile with Use same subnet as main network configured as enabled. That way Guest Network Pro clients pulls an IP address from the main LAN subnet. Then test if Guest Network Pro clients attached to that profile can access main LAN clients and vice versa.

In my testing (both with stock Asus and Asus-Merlin 3006 firmware), when having Use same subnet as main network enabled, it would cause Guest Network Pro profile clients and main LAN clients to have unrestricted access to each other (at least in my testing on a RT-AX86U Pro). Another quick test with Asus-Merlin 3006 just now shows this still to be the case on the RT-AX86U Pro using the Guest Network Pro Customized Network profile.

In my use case I do not have AiProtection (or any Trend Micro) features enabled. I am not using AiMesh nodes. I do not have any add-on scripts running other than YazDHCP. I am not using Dual WAN. I do not have a USB device attached to the RT-AX86U Pro. I do not have any sort of MAC black or white listing or WiFi scheduling enabled. I do have the router configured to use Pi-Hole (and Unbound) as it's LAN DHCP DNS server's. Do have DNS Director configured for use with the Pi-Hole(s). And do have LAN - Route configured to block Google DNS servers (8.8.8.8/8.8.4.4). WPS is disabled. WAN DNS set to Quad9. WAN UPnP disabled. Smart Connect disabled.

I really appreciate the inconvenience you are taking to help me.
If I set Use same subnet as main network as enabled then the guest network profile clients reach the Lan network and vice versa.
As I commented at the beginning, I need a guest profile with VPN and communicating with the Lan. If I enable Use same subnet as main network and apply a VPN to the guest network profile, then the whole Lan is under the VPN, so this does not work for me.
For information AiProtection is disabled, I have no AiMesh nodes, I have no scrips running, I do not use Dual Wan, I do not have any sort of MAC black or white listing or WiFi scheduling enabled, no Pi-Hole, WPS is disabled and I have Smart Connect enabled (I have disabled it for prober and no change). All testing has been done with VPN disabled.
What strikes me is that when I create the Customized Network profile in Guest Network Pro, the option Access Intranet is not available, it only appears when the network is already created.
It is very strange.

 

[philly4]

Apologies for the noob question...is the note from 102.3 still applicable for this version? "If flashing on top of Asus stock firmware 3006.102_37000 or greater, then you first need to enable downgrade capabilities before flashing". Wanting to move over from stock but want to know correct expectations. RT-BE88U. Thanks.

 

[JohnD5000]

On my GT-AX6000, I did a dirty upgrade from 3004.388.9_2 to 3006.102.4. Everything seems to be working except I can not figure out how to get a guest network to go through VPN.

I'd like to offer guests 2 options: Guest 1 (no VPN) and Guest 2 (with VPN). Guest 1 is working fine. Guest 2 works fine if I do not turn on VPN. Once I turn on VPN, there is no internet connection on guest 2. I have Wireguard VPNs set up using the VPN director. Once I select and add the VPN client to the guest network, the network connects but there is no internet connection.

What am I doing wrong or is this a bug?

 

[bennor]

I have Wireguard VPNs set up using the VPN director. Once I select and add the VPN client to the guest network, the network connects but there is no internet connection.

How is your VPN Director configured? Post a readable screen shot so people can see if it is misconfigured. PS: And to confirm, you have enabled the VPN tunnel, and it shows a connection, correct?

 

[JohnD5000]

How is your VPN Director configured? Post a readable screen shot so people can see if it is misconfigured. PS: And to confirm, you have enabled the VPN tunnel, and it shows a connection, correct?

That was a thought to me, I tried creating a rule, but it didn't do anything (assuming I created it correctly) so I turned the rule off. But here is a screen shot (and the VPN is working fine everywhere else).

 

[JohnD5000]

How is your VPN Director configured? Post a readable screen shot so people can see if it is misconfigured. PS: And to confirm, you have enabled the VPN tunnel, and it shows a connection, correct?

So I changed rule to

192.168.53.1/24

and now it works.

Sorry for wasting your time.

 

[madre]

Well, in the end I installed the original Asus firmware to check if it would work with this one.
It doesn't work, neither does the option to enable Intranet when I create a guest network.
I guess it will be a bug in Asus' implementation of this feature with this model.
I will wait for future updates to see if it gets fixed.

 

[Kees17760]

So I changed rule to

192.168.53.1/24

and now it works.

Sorry for wasting your time.

The correct notation would be 192.168.53.0/24 and not 192.168.53.1/24
Please correct me if i'm wrong

 

[bennor]

So I changed rule to
192.168.53.1/24

Should be 192.168.53.0/24, not 192.168.53.1/24. Note the IP address example shown in the dialog box.

 

[inakaya]

Just tried a quick test on a RT-AX86U Pro (3006.102.4) that has a Guest Network Pro IoT Profile created that has Use same subnet as main network disabled and Access Intranet (Main Network) enabled, and the IoT client could access/ping several main LAN clients (both a wired client and a WiFi client). And a main LAN client could ping that Guest Network Pro IoT client.

Hard reset router and configured from scratch and still not working with Synology for front door camera on IoT Network although recognised on RT-AX86U-Pro and works on my phone app...weird.

 

[bennor]

Hard reset router and configured from scratch and still not working with Synology for front door camera on IoT Network although recognised on RT-AX86U-Pro and works on my phone app...weird.

If by Synology you mean a Synology NAS you may need to double check the NAS settings to ensure it allows access from different IP address subnets. For example with Synology NAS DSM, check that Enable Multiple Gateways is enabled under DSM Control Panel > Network > General > Advanced Settings. One may also need to configure the NAS firewall to allow alternate IP address subnets if one has locked down the NAS firewall. PS: If using Synology Surveillance Station, not sure if anything needs to be adjusted or set there to deal with devices in different IP address subnets (or VLAN's).

 

[fotingo]

Wow, I just updated to the latest Merlin version and realized YazFi doesn't work. It was working so well for me. I can't get some wireless devices to connect to the guest network anymore.

 

[bennor]

Wow, I just updated to the latest Merlin version and realized YazFi doesn't work. It was working so well for me. I can't get some wireless devices to connect to the guest network anymore.

Reposting a reminder for people to check the following link for addon compatibility with the 3006 firmware:
https://www.snbforums.com/threads/c...ons-with-gt-be98-pro.90657/page-7#post-947006
YazFi as mentioned earlier in this release thread is not supported under 3006, several other scripts likewise may not be supported. Others need to be manually updated to their develop branch.