Menu
What's new
By:
Filters Better Search

Is it possible to upgrade firmware remotely via VPN?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

XIII

XIII

Very Senior Member
The fact that @RMerlin holds back the source code and the description of the security issues fixed in 384.4_2 to allow us to update our routers first (which I appreciate!) gives me the feeling that I should update all routers in the family ASAP. However, I won’t be able to visit one of them in the timeframe (a couple of days).

Is it possible to upgrade firmware remotely via VPN instead?

In this case I would need to update an AC56U running 384.4 to 384.4_2, using OpenVPN.

I can do it when somebody (non-technical) is nearby the router to physically reset it, if needed.
 
XIII said:
The fact that @RMerlin holds back the source code and the description of the security issues fixed in 384.4_2 to allow us to update our routers first (which I appreciate!) gives me the feeling that I should update all routers in the family ASAP. However, I won’t be able to visit one of them in the timeframe (a couple of days).

Is it possible to upgrade firmware remotely via VPN instead?

In this case I would need to update an AC56U running 384.4 to 384.4_2, using OpenVPN.

I can do it when somebody (non-technical) is nearby the router to physically reset it, if needed.
Click to expand...

I see no reason why it would not work on the basis as long as you can access the router web-gui which you can if running a vpn server on router and giving yourself access to LAN, however bit risky in my opinion as when router starts to upgrade you will loose connection, also when i upgrade sometimes it says i have to manually reboot. It's only a few days so i would not be too worried and if i were you i would wait til you get back home. As long as aicloud stuff is off and web access from WAN is turned off i would not be to concerned, you just may give yourself a bigger headache if something goes wrong.
 
Last edited:
Here’s Merlin’s advice:

“There's always a chance that a physical power cycle is required after a firmware upgrade since you are writing on top of a live filesystem. Never do so unless you have someone on site ready to do so if necessary.”

https://www.snbforums.com/threads/update-remotely.44694/#post-381909

And you indicated you had that possibility covered. Of course, this would not be possible with a firmware upgrade that Merlin had specified a mandatory reset to factory default settings.

You’re obviously someone who likes the thrill of risk!
 
I have done remote updates by VPN. Make sure to allow the router to download the firmware directly from ASUS rather than you trying to manually upload the firmware. And as was just said, there is a chance that a manual reboot will be needed. In general, its a good idea to do a manual power cycle after any firmware update.
 
maxbraketorque said:
Make sure to allow the router to download the firmware directly from ASUS rather than you trying to manually upload the firmware.
Click to expand...
How does one do that?

PS: I want to update Asuswrt-Merlin, so it’s not hosted by ASUS.

PS*2: Still curious how that works for stock firmware.
 
I've done it a few times in the past. It should in theory be fine, but if you are unsure or you don't trust your VPN connection, I recommend doing it from a computer within that LAN. That way even if the tunnel were to go down during the firmware upload, the computer doing the upload would still be able to complete the procedure.

You can temporarily use something like TeamViewer to do this. You need the complete version, but the remote end only need to download the QuickSupport tool from their website.
 
Finally could try this. Performed an update of 384.4 to 384.4_2 over OpenVPN. The RT-AC56U did indeed request a manual update... (unlike the AC86U and AC68U that I updated locally). However, I was still able to ssh to the router and could reboot it from the command line. Unfortunately the OpenVPN server did not seem to start after that reboot, but I could ssh into it again and could restart the VPN server from the command line (using the search on this forum). Seems OK now?
 
You must log in or register to reply here.

Similar threads

O
Assigned IP address to the WAN interface via VPN director: no internet connection - why?
Replies
1
Views
161
OB1
O
M
OpenVPN / site to site with special security/routing constraints
Replies
7
Views
316
elorimer
E
johndoe85
  • Locked
Is it possible to update all addons through the GUI?
Replies
8
Views
384
thiggins
thiggins
johndoe85
VPN site to site with additional VPN client to hide IP
Replies
14
Views
671
johndoe85
johndoe85
N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
394
nino_070
N
Similar threads
Thread starter Title Forum Replies Date
L Unbound + Wireguard: is this combination possible at all? Asuswrt-Merlin 6
TanyaC Possible DNS-Rebind attack detected and unresponsive router plus one more Asuswrt-Merlin 3
C Running dnsmasq with a huge config file like pihole - possible/sensible? Asuswrt-Merlin 10
A possible DCD tainted causes? Asuswrt-Merlin 1
P Custom DNS for Guest Network Possible? Asuswrt-Merlin 15
mixels Possible to configure RT-AX86U w/ Merlin with more than 64 port forwarding rules? Asuswrt-Merlin 9
T A possible bug with QOS traffic classification? Asuswrt-Merlin 14
S Quick one. Possible to back up AX88U config and apply to AC88U router? Asuswrt-Merlin 2
K AX58U Merlin - Is it possible to subnet? Asuswrt-Merlin 7
BlueOrbit Merlin - automatic firmware update possible? Asuswrt-Merlin 45

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 750 (members: 15, guests: 735)
Top