AX11000 Internet red light and vpn fusion

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

yellowdog22

Occasional Visitor
Hi, I bought AN AX11000 a few days ago from amazon and I'm already considering sending it back. I find it hard to believe that a router that costs over €400 that came out quite while ago still has so many problems.
Unaware of these issues when it arrived the first thing I did was update the firmware to the latest version 3.0.0.4.386_41700.
After that I moved our 20 or so devices to the new wifi and then I set up the vpn fusion connecting to a nordvpn openvpn udp and tcp server as well as an express vpn server.
The final step was to remove our existing router and connect the Asus directly to the FTTH 1gbs gpon internet using PPoE and IPTV, which went fine.
A few hours later I noticed the internet connection light was red on the router which was confirmed by checking the Asus app.
So I started going over everything and eventually I removed vpn fusion and restarted the router as I’d heard that it has problems. But stil the red light appeared. I never tried to connect to the internet because I took it for granted that there was no connection.
So I reconnected my old router and then connected the asus to that router and put the wan setting back into automatic IP. Then the internet light went white.
Next day I tried connecting the asus directly to the gpon and again I got the red light but I realised that actually it still connects to the internet!
After which the connection stayed solid all day. Late that evening for some explicable reason the internet light went white and then this morning it was red again.
Yesterday evening I also tried using the VPN Fusion but it will not connect, when I click activate on any server it just spins endlessly.
I'm attaching the log in case anyone can help. I've contacted ASUS but I'm not holding my breath.
Any help is much appreciated!
 

Attachments

  • syslog.txt
    47.6 KB · Views: 22

ColinTaylor

Part of the Furniture
First let me say that I don't have your model of router... That said your VPN problem appears to be caused by the fact that your router isn't setting its clock with the correct date and time. Every time the router boots up it starts with the default date and time (5th May). After it has connected to the internet it should set the correct date and time from NTP.

Check that a valid NTP server is set in Administration > System (e.g. pool.ntp.org).
 

yakuzah

Occasional Visitor
First let me say that I don't have your model of router... That said your VPN problem appears to be caused by the fact that your router isn't setting its clock with the correct date and time. Every time the router boots up it starts with the default date and time (5th May). After it has connected to the internet it should set the correct date and time from NTP.

Check that a valid NTP server is set in Administration > System (e.g. pool.ntp.org).
Indeed, fully support Colin's theory. I have the AX11000 and have no issues with the router at all! It is quite excellent, and very stable working in an AiMesh with a RT-AX92U.

Not exactly sure why you need all the VPN setups, but If you are not picking up a correct NTP Time, you will experience strange issues with this router, including disconnects and WAN issues.

I would manually set your DNS Servers as well for IPV4 and IPV6 if your using both.
 

yellowdog22

Occasional Visitor
Hi, thanks both of you for the reply. Most appreciated. I did see the time difference and I didn't realise that would be a problem but as I read Colin's post I realised it could cause issues.
So I added my closest NTP server - it.pool.ntp.org. Originally it was pool.ntp.org. Then I applied and restarted and all was good, white light and vpn fusion working. However around 3hrs ago I passed by the router and the light was red again. Looking at the log and the system log it seems that somehow the time has changed again and its showing up as May 5.
I've attached the config.
As for the DNS server and IPV4 and IPV6 can you point me to where I should adding that info?

Screenshot 2021-01-25 at 14.50.55.png
 

ColinTaylor

Part of the Furniture
If you are seeing the 5th May entries in the log that would indicate that your router has rebooted and doesn't have a connection to the internet. Look in the System Log for reasons why it rebooted.

The DNS servers are set on the WAN page. From your log file it looks like you have them set to 213.205.32.70 (Tiscali) and 8.8.8.8 (Google).

If you don't use IPv6 you don't need to set IPv6 DNS servers.
 

yakuzah

Occasional Visitor
If you are seeing the 5th May entries in the log that would indicate that your router has rebooted and doesn't have a connection to the internet. Look in the System Log for reasons why it rebooted.

The DNS servers are set on the WAN page. From your log file it looks like you have them set to 213.205.32.70 (Tiscali) and 8.8.8.8 (Google).

If you don't use IPv6 you don't need to set IPv6 DNS servers.
Hi,

IPV4 DNS is under WAN -

WAN DNS Custom.JPG


The IPV6 Settings are under the IPV6 Menu. Obviously only required if you use IPV6 :)

WAN DNS Custom IPV6.JPG


If your router is defaulting it's time and date then connectivity to the internet is being lost (stating the obvious) Sorry :)

A question on Fusion VPN. What are you using this for? Is your whole house connecting through the VPN?

You fibre to the house, I presume you connect the WAN port on the ASUS directly to the Fibre input, uyse correct PPPoE credentials and you get connected and recieve and IP Address?

Is the Cable your using from Asus to Fibre of good quality? I use CAT 6 or CAT 7 Rated cables usually. I know CAT5E is rated upto 1Gbps, but not all cables are created equal.

Sorry about questions just trying to understand?

Also here are my settings for NTP including keepalive settings. ( I run Dual-WAN Failover)

NTP Setting.JPG
 

yakuzah

Occasional Visitor
One more thing :)

In your logs. You have a verify Certificate error.

Then your TLS Handshake breaks.

Looking at the log, it looks like your trying to redirect all your traffic through a VPN, is that correct?

Have you tried a standard Internet connection without VPN as well?

Do you experience the same stability issues?

If you are directing all traffic through a VPN, I would be very surprised if you will ever be able to use your full allocated ISP Bandwidth.

Let me know :)
 

yellowdog22

Occasional Visitor
In answer to you questions!

A question on Fusion VPN. What are you using this for? Is your whole house connecting through the VPN?
I want to use vpn fusion so that a few, certain devices like my amazon firestick, connect to a uk nordvpn server so I can get uk tv. The other devices go straight to the web.

You fibre to the house, I presume you connect the WAN port on the ASUS directly to the Fibre input, uyse correct PPPoE credentials and you get connected and recieve and IP Address?
Exactly.

Is the Cable your using from Asus to Fibre of good quality? I use CAT 6 or CAT 7 Rated cables usually. I know CAT5E is rated upto 1Gbps, but not all cables are created equal.
Yep I swapped the box cable for a good quality cat 6 the other day. I think I'll order a cat7 1m cable as well.

I've copied your settings apart from the time zone, applied and restarted the router.

Nothing changed but I was going through the syslog (attached) and on line 418 its says 'May 5 07:05:14 miniupnpd: it is advised to use network interface name instead of 192.168.50.1/255.255.255.0' so in the LAN Settings I added a domain name and rebooted and hey presto the time is correct.
Or so I thought as I rebooted a second time and I'm back with the same message above, the red light and the rest.
Screenshot 2021-01-25 at 16.10.01.png
 

yellowdog22

Occasional Visitor
Here is the log from the restart and just before when the date was set correctly.
The VPN is actually off at the moment. I deactivated this morning when I saw the red light.
 

Attachments

  • syslog2.txt
    58.6 KB · Views: 18

yellowdog22

Occasional Visitor
So I was just looking at the DNS server and I set it to the same as you, Cloudflare. I then applied and it. I went to the log to see what was written. I can't see any mention of the DNS but for some reason there is entry at the end:
Jan 25 16:53:56 rc_service: ntp 2004:notify_rc restart_diskmon
Jan 25 16:53:56 disk_monitor: Finish
Jan 25 16:53:56 disk monitor: be idle
Jan 25 16:54:13 crond[1458]: time disparity of 1434859 minutes detected
And now the time is correct. What is going on!? o_O
 

ColinTaylor

Part of the Furniture
So I was just looking at the DNS server and I set it to the same as you, Cloudflare. I then applied and it. I went to the log to see what was written. I can't see any mention of the DNS but for some reason there is entry at the end:
Jan 25 16:53:56 rc_service: ntp 2004:notify_rc restart_diskmon
Jan 25 16:53:56 disk_monitor: Finish
Jan 25 16:53:56 disk monitor: be idle
Jan 25 16:54:13 crond[1458]: time disparity of 1434859 minutes detected
And now the time is correct. What is going on!? o_O
It seems to be taking an unusually long time for the NTP update to kick in after a reboot (which in turn stops the VPN from starting up). If I were you I'd go back to the previous firmware version (3.0.0.4.384.9566) and see if that works any better. There are significant changes between the 384 firmware branch and the new 386 branch so I wouldn't be surprised if there are some bugs in it.
 

ColinTaylor

Part of the Furniture
ok, if I do that I'll lose all my settings?
Probably not, but when making a significant backward change in the firmware version (e.g. v386 to v384) it's strongly recommended that you follow that with a factory reset and manual configuration.
 

yellowdog22

Occasional Visitor
ok I'll see how it goes, at the moment its working and I've learnt a bit about the router along the way.

Thanks for the help!
 

yakuzah

Occasional Visitor
Probably not, but when making a significant backward change in the firmware version (e.g. v386 to v384) it's strongly recommended that you follow that with a factory reset and manual configuration.
You should be ok with a single router, moving back a version on software. If you were working in a mesh, I would wipe both devices and start again :)
 

yellowdog22

Occasional Visitor
Ok one week on and the router has been solid, added a cat 8 cat cable from gpon to router. VPN fusion working fine. Time is staying in sync. Happy days!
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top