What's new

Release Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

There are many more differences between setups 1 and 2. Those AiMesh-connected XT12s don't inspire confidence in me that it is (just) the GT-AX11000 that may be misbehaving.

Have you performed a full network reboot via the GUI; AiMesh, System Settings, System Reboot?

Have you performed a full power shutdown/electrical reset (pull the AC power plugs from both the routers and the wall plugs, and wait for as long as you can; minimum of 2 minutes (I would aim for 10 minutes or longer, including unplugging the ISP ONT/modem too for at least that long), leaving all the power switches 'on', before powering everything back up again)?

Have you turned off the XT12s and seen a difference in the Gui's responsiveness? If simply turning them off doesn't do anything, have you tried removing them from the AiMesh setup, to test?

Have you performed a full reset to factory defaults on the setup 2 GT-AX11000 lately?

After doing a full system reboot, wait for at least 10 to 15 minutes for the routers/network to fully settle down. Then, on the main router, create a backup config file. Disconnect everything from the main router, including USB devices and the WAN port connection to your ISP, and perform a full reset to factory defaults using the reset button, WPS button, or via the GUI. Better yet, do all three. In between, reflash the firmware that is already installed now.

Import the saved backup config file you created and re-associate the AiMesh nodes (XT12s). Test if the issue persists. If it does, I would redo the full reset to factory defaults, and then minimally and manually configure the router to secure it and connect to your ISP. Test. If satisfactory, add one node, test again. Continue building your network to where it was (manually, keeping good notes of your progress), until it is either fully working, or, it shows the same symptoms. If the latter, come back with those details and we may be able to help/diagnose further at that time.
 
There are many more differences between setups 1 and 2. Those AiMesh-connected XT12s don't inspire confidence in me that it is (just) the GT-AX11000 that may be misbehaving.

Have you performed a full network reboot via the GUI; AiMesh, System Settings, System Reboot?

Have you performed a full power shutdown/electrical reset (pull the AC power plugs from both the routers and the wall plugs, and wait for as long as you can; minimum of 2 minutes (I would aim for 10 minutes or longer, including unplugging the ISP ONT/modem too for at least that long), leaving all the power switches 'on', before powering everything back up again)?

Have you turned off the XT12s and seen a difference in the Gui's responsiveness? If simply turning them off doesn't do anything, have you tried removing them from the AiMesh setup, to test?

Have you performed a full reset to factory defaults on the setup 2 GT-AX11000 lately?

After doing a full system reboot, wait for at least 10 to 15 minutes for the routers/network to fully settle down. Then, on the main router, create a backup config file. Disconnect everything from the main router, including USB devices and the WAN port connection to your ISP, and perform a full reset to factory defaults using the reset button, WPS button, or via the GUI. Better yet, do all three. In between, reflash the firmware that is already installed now.

Import the saved backup config file you created and re-associate the AiMesh nodes (XT12s). Test if the issue persists. If it does, I would redo the full reset to factory defaults, and then minimally and manually configure the router to secure it and connect to your ISP. Test. If satisfactory, add one node, test again. Continue building your network to where it was (manually, keeping good notes of your progress), until it is either fully working, or, it shows the same symptoms. If the latter, come back with those details and we may be able to help/diagnose further at that time.

Thank you for your detailed instruction. I did try to reboot the setup 2 gt ax11000 with the power button and also via the admin page few times.

After reboot for first few mins things are fast but then after a while the admin page started to lag again. I haven't try to reboot the nodes as the 2x xt12 nodes just auto connects every time the router is rebooted.

So far everything is running stable and fast it's just the web GUI is extremely slow when I try to login and change settings.

my setup 1 GT AX11000 router is running flawlessly uptime is over 22days I think and the web GUI is fast as well.

I haven't reset to factory default on the setup 2 AX11000 for few years. as it's been running fine with Merlin. even on the 388.1 ROG firmware everything else works fine except the slow web GUI. Because I've many custom settings on the setup 2 ax11000 atm with 2 VPN connection and 1 VPN server running also connected to a unifi 10GBE switch and connected to a Synology NAS all running 10GBE connection and fixed IP. even the 10GBE connection is getting full speed as well.

The AXE 16000 I ordered should arrive in the next few days when I receive it I will do a clean install for everything and then install the 388.1 firmware and see how it goes.

also another interesting problem is on the setup 1 GT AX11000 logging in with the IOS Asus app it load fast and can see all devices connected to it. about 30 clients atm.

but on the setup 2 GT AX11000 when logging in with the IOS asus app. it is showing only 3 devices which are the router and the 2 nodes but unable to see details of all other 50 clients. some times it will show up after waiting for few mins sometimes it won't. But all wifi and lan devices are working at full speed and stable. the only problem is just the slow web GUI When I need to login and change settings.

I will report back once I have the AXE16000 setup with the 2 nodes and all the extra custom settings. I will do them manually 1 by 1 instead of restoring settings from the ax11000.
 
Yes, it seems like a full reset to factory defaults is required.

When you have the time, this will get you the network experience you have on the other router, on this one too. :)
 
Any estimate on when gpl 21709 or newer will be available? Really looking forward to the FiOS connection speed fix
 
Any estimate on when gpl 21709 or newer will be available?
I don`t expect to have any new GPL to merge until next month at the earliest.
 
On 386.7 with my RT-AX86U It's been fine for me for a while. Can I just upgrade to 388.1 and not reset everything?
 
Possibly. You can certainly try. :)

Before you do, download the firmware you have installed now. Reboot the router, and wait for 10 to 15 minutes for it to settle. Create a backup config file of your current settings. Create a JFFS backup too. Put all these files in a safe place.

Safely (and physically) Remove all USB devices/drives from the router, and reboot. If any of these USB devices was used for amtm and/or associated scripts, do not plug into the router again until the flash has been shown to have 'taken' and the router has settled down (~10 minutes) after the last reboot. Once you insert the USB drive into the router, be sure you wait a few minutes, then perform a reboot via the GUI.

Flash the firmware you want to use/test today. If any issues that a few quick/specific questions don't get you quick resolution from the forums here, use the files above to quickly go back to where you were.

To revert to your previous working setup:
  • Remove all USB drives. Do not plug in these drives again until you've successfully completed all the steps below.
  • Flash the firmware you have installed now (i.e. the firmware you're upgrading from).
  • If the router/network is behaving as you expect, great! You're done.
  • If it isn't, perform a full reset to factory defaults.
  • Restore the saved backup config file you created above.
  • Restore the saved JFFS backup file you created above.
 
Apologies if this has been discussed. Anyone else having issues with download manager? I can’t login. It states my user name/password is incorrect. Any help?
 
Possibly. You can certainly try. :)

Before you do, download the firmware you have installed now. Reboot the router, and wait for 10 to 15 minutes for it to settle. Create a backup config file of your current settings. Create a JFFS backup too. Put all these files in a safe place.

Safely (and physically) Remove all USB devices/drives from the router, and reboot. If any of these USB devices was used for amtm and/or associated scripts, do not plug into the router again until the flash has been shown to have 'taken' and the router has settled down (~10 minutes) after the last reboot. Once you insert the USB drive into the router, be sure you wait a few minutes, then perform a reboot via the GUI.

Flash the firmware you want to use/test today. If any issues that a few quick/specific questions don't get you quick resolution from the forums here, use the files above to quickly go back to where you were.

To revert to your previous working setup:
  • Remove all USB drives. Do not plug in these drives again until you've successfully completed all the steps below.
  • Flash the firmware you have installed now (i.e. the firmware you're upgrading from).
  • If the router/network is behaving as you expect, great! You're done.
  • If it isn't, perform a full reset to factory defaults.
  • Restore the saved backup config file you created above.
  • Restore the saved JFFS backup file you created above.
Well I always update with the USB stick attached (Diversion and Entware on it) and it always gives no hussle at all.
That means not that one can not have troubles with it attached but for me it just works after every update out of the box.
Only extra I do after updating is powercycle the router.
It is running now for 35 days in a row without problems.
 
The newly added WireGuard client feature works really well except for one thing: The DNS server. In fact, if only one client is active on the router, the DNS server customization will work fine. Unfortunately, things get complicated when multiple WireGuard clients are active with the same DNS server (for example, the VPN provider's internal ad-blocking DNS server address) set. In this scenario, devices connected to 3-4 active WireGuard clients will have their DNS queries made through the other client's tunnel instead of their own. I don't understand the which WireGuard client forces DNS queries to be made through its own tunnel why, because my technical knowledge is insufficient.

While this may not seem like a critical problem like IP/DNS leakage, it should be considered a problem. This is because normally all internet traffic for devices is expected to go through the VPN client set up in the VPN director. To overcome this problem in WireGuard clients, it was suggested that the DNS server address line in the clients should be left blank and the VPN's internal DNS server address should be manually added to the DNS director, followed by a DNS redirection rule for each device.

However, this method is in itself limited and impractical. Devices selected for the DNS director can be added by typing the MAC address instead of the CIDR notation, and this seems to be limited to 64 rules. For example, in the VPN director, let's say the range 192.168.1.1/25 is routed to WireGuard client 1 and 192.168.1.128/25 is routed to WireGuard client 2. In this case, the DNS director would have to add 254 rules, but the upper limit is 64. The logic would say that "Global redirection" should be used instead. However, sometimes some devices may be temporarily redirected to the WAN instead of VPN clients, in which case DNS queries will fail (because the VPN's internal ad-blocking DNS server is set in the DNS director) and internet access will suffer. This is why the "Global redirection" option cannot be set (i.e. no redirection should be preferred). This is an example of limited use.

Since rules cannot be set according to CIDR notation, let's move on to another scenario that falls within the maximum limit of 64 rules. Every time we redirect a device in the VPN director to the WAN, we also have to set the corresponding device in the DNS director to "no redirection". This is an example of impractical use.

It is certainly not my intention to impose an idea or a change on the developers, but shouldn't WireGuard clients have a more practical solution to the DNS server confusion? Maybe the client tunnel confusion in the first paragraph could be solved somehow. Maybe assign a DNS server address on that screen for devices that are included in the VPN director, which ignores the DNS director settings, even if active, until the device(s) are routed to the WAN. I don't know, it's just a simple thought, maybe there are many factors that I didn't take into account so that this can't be done.

Anyway, I hope you don't think I'm being impolite or patronizing with less technical knowledge. @RMerlin
 
@Caesar the Dictator :
IMO there's a general misunderstanding about what WireGuard (is/isn't) most people quickly go from a fairly basic remote connection into full-blown (encryption/scrambling/obfuscation).
When initially testing WireGuard, I quickly learned that many networks implore deep packet analysis & therefore refuse WireGuard connections through.
But because of the limited feedback (for troubleshooting)... You're left just shrugging your shoulders or scratching your head thinking WTF???
+
We as consumers keep wanting & expecting more & more from our networks...
But eventually if you add enough features & complexity, at some point don't the expectations cross over into the professional, commercial, or corporate realm?
 
@capncybo You are absolutely right about the things you mentioned. I personally don't always ask for more, but it's usually the case as you say. I have mentioned in the back pages that the above complexity or problem, whatever you want to call it, also affects OpenVPN clients.

This is where I have a problem -if this is a real problem-. When no OVPN clients are running and 2 Wireguard clients are running, or when OVPN-1 and WG-1 clients are running, the DNS redirects seem to be broken. When I set the DNS addresses on WG-1 and 2 to 10.26.xx.xx, WG-2's DNS queries are made from WG-1, or when I turn off WG-2 and run OVPN-1 ("exclusive" and "dhcp-option" DNS set to 10.26.xx.xx), OVPN-1's DNS queries are made from WG-1.

Anyway, basically what I'm trying to say is that there is now a complexity or a problem that didn't exist before firmware 388.1, and if this is going to continue, then of course consumers should understand that. If we want more, we should go for networking devices that are made for specialists.
 
Just for your information. I had some problems on my 3 RT-AX88U setup in AiMesh.
2 days ago I updated to native FW from ASUS:
ASUS RT-AX88U Firmware version 3.0.0.4.388.22237
Version 3.0.0.4.388.22237 66.33 MB
1. Improved system stability.
2. Fixed the IPsec VPN compatibility issue with Win10.
3. Fixed the VPN fusion user interface issues under the HTTPS connection.
4. Fixed Client DOM Stored XSS vulnerability.
5. Improved Wireguard performance.
6. Optimized memory usage and improved system stability.
7. Fixed USB HDD compatibility issue with the Time machine.
8. Added a new web GUI login URL http://www.asusrouter.com
9. Fixed IPTV compatibility issue with Movistar. Thanks to Sergio de Luz from RedesZone.net.
10. Fixed VPN fusion, AiMesh, and Network map GUI bugs.

All problems gone, but I miss the nice features from Merlin.
I hope Merlin will get the new source from ASUS, and will implement it.
 
Running 388.1 on a new AX86S and it all seems stable. I had to disable the AX wifi option as older Iphones would not connect. Will decide if I'm going to keep this router before moving to latest Merlin firmware.

One issue is with the information displayed on the Network Map page.

It shows a warning (port displayed in yellow) for one of my LAN Ethernet ports and the explanation suggests that it might be a bad cable. What it is actually is that I have a device with a 100Mbps fast Ethernet port connected and changing the cable makes no difference.

Under Tools/sysinfo the port is displayed correctly and is listed as 100 Mbps.
 
Running 388.1 on a new AX86S and it all seems stable. I had to disable the AX wifi option as older Iphones would not connect. Will decide if I'm going to keep this router before moving to latest Merlin firmware.

One issue is with the information displayed on the Network Map page.

It shows a warning (port displayed in yellow) for one of my LAN Ethernet ports and the explanation suggests that it might be a bad cable. What it is actually is that I have a device with a 100Mbps fast Ethernet port connected and changing the cable makes no difference.

Under Tools/sysinfo the port is displayed correctly and is listed as 100 Mbps.
Yellow is normal for 100 Mb link. Nothing is wrong
 
Running 388.1 on a new AX86S and it all seems stable. I had to disable the AX wifi option as older Iphones would not connect. Will decide if I'm going to keep this router before moving to latest Merlin firmware.

One issue is with the information displayed on the Network Map page.

It shows a warning (port displayed in yellow) for one of my LAN Ethernet ports and the explanation suggests that it might be a bad cable. What it is actually is that I have a device with a 100Mbps fast Ethernet port connected and changing the cable makes no difference.

Under Tools/sysinfo the port is displayed correctly and is listed as 100 Mbps.
Any connection at a speed less than maximum port speed is subject to the warning.
 
Any connection at a speed less than maximum port speed is subject to the warning.
All I'm saying is at least it would be helpful if when someone clicks on the information Icon it listed that as a possible source for the warning that there is a 100 Mbps device connected on this port.
 
All I'm saying is at least it would be helpful if when someone clicks on the information Icon it listed that as a possible source for the warning that there is a 100 Mbps device connected on this port.
Oh I AGREE 100%, IMO it's definitely an over-site on the part of ASUS. I'm still using "Connected by TCP" smart bulbs which use a 100 Mbps Ethernet port on the HUB. Newer isn't always better LOL
 
All I'm saying is at least it would be helpful if when someone clicks on the information Icon it listed that as a possible source for the warning that there is a 100 Mbps device connected on this port.

We all agree with you. Complain to Asus support
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top