Release [Fork] Asuswrt-Merlin 374 LTS release 49E4

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

john9527

Part of the Furniture
LATEST RELEASE: Update-49E4
2 May 2021
Merlin fork 374.43_49E4j9527
============================

Update-49E4 Highlights
  • Updated OpenVPN to 2.5.2
  • Updated Dnsmasq to 2.85
  • Updated Nettle to 3.7.2
  • Rate limit IPv6 ping when firewall 'Allow ping request' is disabled
  • Added validator.js for Merlin Addon webui compatibility
  • Fix to limit Samba workgroup name to 15 characters
  • Fix for VPN server local access when VPN client is enabled first (thanks to @eibgrad)
  • Fix for incrementing AVAHI host names

Full ChangeLog: Changelog.txt in the download directory

Downloads:
https://1drv.ms/f/s!Ainhp1nBLzMJrEayV5NOiKa8zDA3
Folder 'Public-Release/Update-49E4'

Overview / Supported Routers / Installation:
or
LTS_OVERVIEW.pdf in the download directory

Previous release threads:
https://www.snbforums.com/threads/fork-asuswrt-merlin-374-lts-release-48e7.71000/
https://www.snbforums.com/threads/f...ease-47eb-rt-ac68u-v3-lets-encrypt-cli.70777/
https://www.snbforums.com/threads/fork-asuswrt-merlin-374-lts-release-46e9-dnspooq.69896/
https://www.snbforums.com/threads/fork-asuswrt-merlin-374-lts-release-46e8-superseded.68757/
https://www.snbforums.com/threads/fork-asuswrt-merlin-374-lts-release-45ec.67509

SHA256
(Default Build - All supported routers)
df2ded409007e388a2b23e046ae933493501b3e7f3b031bc6c5d9427d0e55f03 RT-N16_374.43_49E4j9527.trx
8ef03c2cd413bf6ddc871fa4340218d7435ecabe0625e790f828331590122dd5 RT-AC66U_374.43_49E4j9527.trx
cd1bedb488ac91e65f3d9f80c6c3e4391dede4218134bab8c9ae4c165ed4b5af RT-N66U_374.43_49E4j9527.trx
c4333b12e9e8175131bbb97d8883b9e12ea7a0cf024d2f47036a950b3ea4c872 RT-AC68U_374.43_49E4j9527.trx
9b005fa923db87a5b37ab530654b814855ce9ad5bb7e348bca5c918e38968bcc RT-AC56U_374.43_49E4j9527.trx
 
Last edited:

Wallace_n_Gromit

Senior Member
Updated my RT-N16 to version 49E4.

Went through all the menu tabs on AsusWRT GUI. Nothing out of the ordinary. amtm and all the scripts I use seem to be working normally in ssh session. So far so good.
 

atkinsom

Regular Contributor
Quick Question on an AC-68U. I'm running John's fork and have always wondered whether disabling Spanning-Tree Protocol in Lan-Switch Control would have a performance improvement with this Fork. I've read a few threads in this forum about this but curious as to whether changing to disable affects the Fork negatively from a speed or performance perspective. Thanks for any insight.
 

john9527

Part of the Furniture
Quick Question on an AC-68U. I'm running John's fork and have always wondered whether disabling Spanning-Tree Protocol in Lan-Switch Control would have a performance improvement with this Fork. I've read a few threads in this forum about this but curious as to whether changing to disable affects the Fork negatively from a speed or performance perspective. Thanks for any insight.
I've seen the same posts, but have never been able to see a real difference either way with STP. I only have a 300/30 connect, so can't speak about higher ISP speeds.
 

DeepAnger

Occasional Visitor
LATEST RELEASE: Update-49E4
2 May 2021
Merlin fork 374.43_49E4j9527

Thank you. I have upgraded 2 RT-AC68U (I like having hardware backup so the config is, as close as possible, the same) from previous version. Again, the router (both) did not properly upgrade after the first flash. It was still on the previous version and had lost Internet connection after the reboot. I did again the upgrade and it worked as intended the second time. It's no big deal but am I the only one having to flash twice ?
I tried with 2 different browser (SlimJet and Iron) but had the same result.

About something unrelated, my VPN provider recommends using OpenVPN ECC (with their Windows client) but does not provide the corresponding ovpn files. I somehow "patched" one of their "normal" ovpn file with some parameters I found in their Windows client and I have been able to connect using what I wanted (Elliptic curve Diffie–Hellman):

Code:
openvpn[5394]: Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, peer certificate: 256 bit EC, curve secp256k1, signature: ecdsa-with-SHA512

It is said that it should be faster than RSA but I probably cannot measure it as I have a quite slow VDSL line.
 
Last edited:

john9527

Part of the Furniture
It's no big deal but am I the only one having to flash twice ?
I've never run into it during my development? Do you have a heavily used USB attached? The USB is important because of caching of data/inode info,
The update process needs to free up about 1.5X the size of the firmware in memory...enough to hold the code image and enough to create a temporary boot partition. If it can't free it up, it will end up failing.
I somehow "patched" one of their "normal" ovpn file with some parameters I found in their Windows client and I have been able too connect using what I wanted (Elliptic curve Diffie–Hellman):
Can you share your changes?
 
Last edited:

DeepAnger

Occasional Visitor
I've never run into it during my development? Do you have a heavily used USB attached? The USB is important because of caching of data/inode info,
The update process needs to free up about 1.5X the size of the firmware in memory...enough to hold the code image and enough to create a temporary boot partition. If it can't free it up, it will end up failing.
That's what I thought this night, that it could be lack of memory because I use Skynet and Diversion with very large blocklist (eg. OISD). The USB 32 GB has plenty of free space but I guess it needs RAM too. So if I don't want it to fail next time, I suppose I'll have to stop Skynet and Diversion.


Can you share your changes?

Here is one of their ovpn for AES-128-UDP (I removed the cert content).

remote-random
remote pl2.vpn.ac 12200
remote pl2.vpn.ac 26000
remote pl2.vpn.ac 88
;comment the 3 options above and leave only port 53 for better firewall by-passing support
remote pl2.vpn.ac 53
proto udp
dev tun
tls-client
persist-key
persist-tun
nobind
pull
redirect-gateway def1
route-delay 3
verb 3
remote-cert-tls server
auth SHA256
auth-user-pass
cipher AES-128-CBC
mute-replay-warnings
key-direction 1
explicit-exit-notify 2
comp-lzo
persist-remote-ip
<ca>
-----BEGIN CERTIFICATE-----
removed
-----END CERTIFICATE-----
</ca>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
removed
-----END OpenVPN Static key V1-----
</tls-auth>

And here is a modified version (all their servers don't support ECC and Wireguard) that works in this version and in OpenWRT in my BRUME GL-MV1000 router.

remote 137.120.140.115
rport 4431
proto udp
dev tun
tls-client
persist-key
persist-tun
nobind
pull
redirect-gateway def1
route-delay 2
verb 3
remote-cert-tls server
auth SHA512
auth-user-pass
key-direction 1
tls-version-min 1.2
mute-replay-warnings
explicit-exit-notify 2
persist-remote-ip
tls-groups secp256k1
<ca>
-----BEGIN CERTIFICATE-----
removed
-----END CERTIFICATE-----
</ca>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
removed
-----END OpenVPN Static key V1-----
</tls-crypt>
 
Last edited:

jeff288

Regular Contributor
I've downloaded 49E4 for the N66U twice and double-checked the checksum but still get "Firmware upgrade unsuccessfully. It may result from incorrect image or error transmission. Please check the version of firmware and try again." Maybe wireless issues on my part? But pinging my router I keep getting >1ms and no dropped packets.
 

john9527

Part of the Furniture
I've downloaded 49E4 for the N66U twice and double-checked the checksum but still get "Firmware upgrade unsuccessfully. It may result from incorrect image or error transmission. Please check the version of firmware and try again." Maybe wireless issues on my part? But pinging my router I keep getting >1ms and no dropped packets.
Double checked and downloaded fresh and installed on my N66 without a problem.
Assuming you are coming from a previous fork version, try powering down and unplugging any USB devices before the upgrade.
If you had jumped over to the last Merlin version, see the Install notes in the Overview file.
 

mintoo

Occasional Visitor
I've downloaded 49E4 for the N66U twice and double-checked the checksum but still get "Firmware upgrade unsuccessfully. It may result from incorrect image or error transmission. Please check the version of firmware and try again." Maybe wireless issues on my part? But pinging my router I keep getting >1ms and no dropped packets.
I also had a similar problem. Before that, I had Merlin a few years ago. I did the update using the Firmware Restoration application. On the first computer, I got a message like you every time. The installation was fine on another computer. On both Win 10 64bit computers.
 

Mr_Andy

Occasional Visitor
I've downloaded 49E4 for the N66U twice and double-checked the checksum but still get "Firmware upgrade unsuccessfully. It may result from incorrect image or error transmission. Please check the version of firmware and try again." Maybe wireless issues on my part? But pinging my router I keep getting >1ms and no dropped packets.

I updated my N66U from 48E2 to 49E4 and no problems encountered. I don't have a USB drive attached to the router and the PC to perform the upgrade was connected directly with ethernet cable.

Might be worth also checking the hash checksum of the .trx firmware file to ensure it's not corrupt.
 

Q10

New Around Here
Yesterday's experience (for the first time in history) with the RT-N66U - 48E7 to 49E4 upgrade:
- 2 attempts at FW upgrade via GUI failed - no error!!!,
- router remains on 48E7,
- update process without error message.

The solution:
- factory setting via GUI,
- for sure reset via WPS button,
- classic FW upgrade via GUI,
- router finally on 49E4
- restore setting via GUI with backup from 48E7.

Notes: Win10 / Edge, connected directly with ethernet cable, no USB, checksum of the .trx firmware file O.K.
It has already happened to me that the Linux / Firefox combination failed, working only with Win10 / Edge.
 

jeff288

Regular Contributor
It worked. Not sure why but I just enabled/disabled jffs partition and ssh so I can save my settings. After setting them back it accepted the firmware.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top