How long before AC3200 is "unsafe"?

  • ATTENTION! As of November 1, 2020, you will not be able to reply to threads 6 months after the thread is opened. Threads will not be locked, so posts may still be edited by their authors.

cmkelley

Very Senior Member
NB: I wholeheartedly agree with Merlin's reasoning for not supporting the AC3200 any more.

I am thinking of giving my "spare" AC3200 to my dad as he just moved into a new place and needs a wifi router. Of course, no support mean no vulnerabilities patched. How can I decide when it's no longer safe for the AC3200 to face the internet? Nothing facing the internet will be open except an OpenVPN port so I can remotely troubleshoot.

Thoughts?
 

Crazy

Regular Contributor
I have the original RT-AC66U that have been unsupported many years ago. But even at it’s end of life it still had a few new updates every so often. There was another firmware update last month.
 

bbunge

Very Senior Member
The AC3200 got an update from Asus last month. So use the Asus firmware. Unless dad is a geek he won't notice.
 

grifo

Regular Contributor
I'd leave it on Merlin firmware which is more secure and has several real benefits compared to Asus stock, just think of Skynet and Diversion on top of everything else RMerlin provides.

Skynet's inbound and outbound protection from malicious players without needing to sign away your privacy and a properly working ad blocking solution for all your devices aren't benefits only geeks can enjoy if you're running Merlin firmware.

Then if and when a serious security vulnerability is published affecting it you can move it to stock. Asus will likely keep providing security fixes for it for another couple of years at least.
 

QuikSilver

Very Senior Member
NB: I wholeheartedly agree with Merlin's reasoning for not supporting the AC3200 any more.

I am thinking of giving my "spare" AC3200 to my dad as he just moved into a new place and needs a wifi router. Of course, no support mean no vulnerabilities patched. How can I decide when it's no longer safe for the AC3200 to face the internet? Nothing facing the internet will be open except an OpenVPN port so I can remotely troubleshoot.

Thoughts?
Could always use the old router BEHIND the new and more secured router to create an mesh network. I'm actually looking at a few older models on ebay to do just this.
 

RMerlin

Asuswrt-Merlin dev
Since I doubt your father will need any of the advanced features, I would switch it to the stock firmware. That's assuming your father will ever update its firmware, otherwise it wouldn't matter which firmware you install on it.
 

cmkelley

Very Senior Member
Since I doubt your father will need any of the advanced features, I would switch it to the stock firmware. That's assuming your father will ever update its firmware, otherwise it wouldn't matter which firmware you install on it.
Admittedly I hadn't looked to see if ASUS was still updating the firmware. He wouldn't be updating the firmware, but I would, since I'll be over there a lot more. He now lives 5 miles from me 2 exits west instead of 50 miles and on the other side of downtown L.A. But yeah, he doesn't need any of the advanced features, although it's been so long since I've run stock I'm not sure I remember what's not there. :) I can always switch it to stock and see if I lose anything that will matter.
 

cmkelley

Very Senior Member
The AC3200 got an update from Asus last month. So use the Asus firmware. Unless dad is a geek he won't notice.
Dad's legally blind. :-( Just got him a Dell all-in-one with a 27" screen so he can enlarge the text to where he can read it, and still have more than 3 words per line on the screen. As long as it "just works" he shouldn't miss anything.
 

cmkelley

Very Senior Member
I'd leave it on Merlin firmware which is more secure and has several real benefits compared to Asus stock, just think of Skynet and Diversion on top of everything else RMerlin provides.

Skynet's inbound and outbound protection from malicious players without needing to sign away your privacy and a properly working ad blocking solution for all your devices aren't benefits only geeks can enjoy if you're running Merlin firmware.

Then if and when a serious security vulnerability is published affecting it you can move it to stock. Asus will likely keep providing security fixes for it for another couple of years at least.
Dad will have one computer in the house, plus his cell phone and our phones when we visit. I'm not sure he needs the likes of Skynet and Diversion, particularly when every so often a legit site gets blackholed because someone else in the same server farm isn't playing nice. I'm seriously not worried about any info passed to Trend Micro. I suspect he'll use the computer mainly for email and solitaire.
 
Last edited:

cmkelley

Very Senior Member
Could always use the old router BEHIND the new and more secured router to create an mesh network. I'm actually looking at a few older models on ebay to do just this.
The AC3200 doesn't support AiMesh, and I doubt it ever will. I bought an AC68U to be a mesh node behind my AC86U. I'm too old to crawl under my house to run ethernet to other rooms in the house.
 

grifo

Regular Contributor
Dad will have one computer in the house, plus his cell phone and our phones when we visit. I'm not sure he needs the likes of Skynet and Diversion, particularly when every so often a legit site gets blackholed because someone else in the same server farm isn't playing nice. I'm seriously not worried about any info passed to Trend Micro. I suspect he'll use the computer mainly for email and solitaire.
Email is one of the major threats, he just needs to click on a spammer's link to land on a malicious site that may ask for his personal or financial details, an especially risky situation if his eyesight isn't as good as it once was, or download some malware.

OTOH adverts are annoying for everyone but even more so for someone with diminished eyesight. It's harder to read some text when banners are showing up all over the place and if by mistake he clicks on one he'll be on a new page he didn't want.

Skynet and Diversion issues with false positives are overblown IMO, I never had to whitelist anything on Diversion using the standard list and on Skynet I did it
three times in over two years with the default lists (which can be reduced if required) and I use the Internet quite a bit. Though I did assume that you would have taken care of the odd whitelisting and any housekeeping easily and remotely since you wrote Scribe, a script that I use and like a lot.
 

cmkelley

Very Senior Member
Email is one of the major threats, he just needs to click on a spammer's link to land on a malicious site that may ask for his personal or financial details, an especially risky situation if his eyesight isn't as good as it once was, or download some malware.

OTOH adverts are annoying for everyone but even more so for someone with diminished eyesight. It's harder to read some text when banners are showing up all over the place and if by mistake he clicks on one he'll be on a new page he didn't want.

Skynet and Diversion issues with false positives are overblown IMO, I never had to whitelist anything on Diversion using the standard list and on Skynet I did it
three times in over two years with the default lists (which can be reduced if required) and I use the Internet quite a bit. Though I did assume that you would have taken care of the odd whitelisting and any housekeeping easily and remotely since you wrote Scribe, a script that I use and like a lot.
But with a single computer, it's not a big deal to keep malware/virus software up to date on the computer, and by switching back to stock on the router, at least I'm getting security updates from ASUS, since they are still releasing new firmware for the AC3200. If I was giving dad a router that Merlin was still supporting, it would be a no-brainer to keep Merlin's software on it. But since he's no longer supporting it (again, I think he made the right choice there, this is NOT a knock on Merlin by any means), even he says it's probably better to switch back to stock. (https://www.snbforums.com/threads/how-long-before-ac3200-is-unsafe.65651/#post-608590)
 

grifo

Regular Contributor
But with a single computer, it's not a big deal to keep malware/virus software up to date on the computer, and by switching back to stock on the router, at least I'm getting security updates from ASUS, since they are still releasing new firmware for the AC3200. If I was giving dad a router that Merlin was still supporting, it would be a no-brainer to keep Merlin's software on it. But since he's no longer supporting it (again, I think he made the right choice there, this is NOT a knock on Merlin by any means), even he says it's probably better to switch back to stock. (https://www.snbforums.com/threads/how-long-before-ac3200-is-unsafe.65651/#post-608590)
Sure, it's your call. I shared my thoughts as you asked for on your OP.
 

DonPachuco

New Around Here
Not sure about safe/unsafe, and I'm not sure when I got mine, just know it was a new release at the time. If there aren't going to be anymore updates, are they pretty much useless now? Wi-Fi 6 routers of name brand are expensive AF. Don't know what I can afford to do if they're that outdated.
 

grifo

Regular Contributor
Not sure about safe/unsafe, and I'm not sure when I got mine, just know it was a new release at the time. If there aren't going to be anymore updates, are they pretty much useless now? Wi-Fi 6 routers of name brand are expensive AF. Don't know what I can afford to do if they're that outdated.
They aren't useless, they'll keep working fine for years, the only problem is that as some point there'll be a serious security vulnerability published that affects them and they won't get a fix for it as they're no longer supported so at that point it'd be safer to retire them.

If you're using any of the addons, some may soon become unsupported on this last firmware, nor will these routers be getting any new Merlin features or updates to the existing ones. But there's no need to buy a new router if you can do without them.

You could also move it to Asus stock firmware, which is still being updated, if you can do without Merlin's enhancements.
 

DonPachuco

New Around Here
I think mine may be on the way out. I'm on the last update from Merlin, and despite that and trying the latest "official" Asus firmware, it restarts itself 6 plus times per day, and reset to defaults didn't fix. Been on two cooling fans since day one and never gets warm. Unrelated to modem either, as it doesn't restart. Was just thinking if they were on their way out anyway, I would have to be forced to suck it up and get a new wifi 6 one.
 

grifo

Regular Contributor
I think mine may be on the way out. I'm on the last update from Merlin, and despite that and trying the latest "official" Asus firmware, it restarts itself 6 plus times per day, and reset to defaults didn't fix. Been on two cooling fans since day one and never gets warm. Unrelated to modem either, as it doesn't restart. Was just thinking if they were on their way out anyway, I would have to be forced to suck it up and get a new wifi 6 one.
In that case I'd get a replacement. Have a look at the list of Merlin supported models and choose the one that fits your budget, he's just added new wifi 6 models last April so you're in luck.

Based on specs the RT-AX56U would likely be a good choice with a limited budget, though I don't own one so I can't really vouch for it but you can search the forum for any info on it plus reviews etc.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top