My setup:
- I have a Local WISP, issues a 172.16.x.x address.
- 2 RT-AX88U, one as an AiMesh node, current firmware 386.3_2
- Router operating as an AiMesh node has 3 physically connected clients on the LAN ports
Cliff Notes: I get booted from my ISP with the 386.8 firmware when the AiMesh router had more than physical client connected, but not with 386.3_2. ISP suspects malware.
We recently switched to a new ISP, a local WISP. I decided to update the firmware from 386.3_2 to 386.8 on both. We had no problem with this setup with the 386.3_2 firmware with the ISP, but when I updated the routers to 386.8, our access to the internet gets blocked by the ISP when the AiMesh node had more than one physical client connected/powered on. Wireless clients connected to the node don't seem to trigger this. It doesn't matter what other PC was powered on. When this happens, we have to call the ISP to get internet access back, and they claim it is because of malware on one of our computers. They even suggested having one of their IT guys inspect our computers before letting us back on.
Turns out there is something with the 386.8 firmware or the firmware between these two that causes them to think we are attacking their network or our systems compromised. They are pretty adamant that it is our systems being compromised.
Any ideas to narrow the scope why the ISP thinks we have malware as a result of updating the router firmware? I have to call them to regain internet access so hopefully we can keep testing to a minimum, and like I said, they think it is because of malware on one of our computers.
- I have a Local WISP, issues a 172.16.x.x address.
- 2 RT-AX88U, one as an AiMesh node, current firmware 386.3_2
- Router operating as an AiMesh node has 3 physically connected clients on the LAN ports
Cliff Notes: I get booted from my ISP with the 386.8 firmware when the AiMesh router had more than physical client connected, but not with 386.3_2. ISP suspects malware.
We recently switched to a new ISP, a local WISP. I decided to update the firmware from 386.3_2 to 386.8 on both. We had no problem with this setup with the 386.3_2 firmware with the ISP, but when I updated the routers to 386.8, our access to the internet gets blocked by the ISP when the AiMesh node had more than one physical client connected/powered on. Wireless clients connected to the node don't seem to trigger this. It doesn't matter what other PC was powered on. When this happens, we have to call the ISP to get internet access back, and they claim it is because of malware on one of our computers. They even suggested having one of their IT guys inspect our computers before letting us back on.
Turns out there is something with the 386.8 firmware or the firmware between these two that causes them to think we are attacking their network or our systems compromised. They are pretty adamant that it is our systems being compromised.
Any ideas to narrow the scope why the ISP thinks we have malware as a result of updating the router firmware? I have to call them to regain internet access so hopefully we can keep testing to a minimum, and like I said, they think it is because of malware on one of our computers.
Last edited: