[Release] Asuswrt-Merlin 384.6 is now available

[john9527]

I don't see that option 'Start with WAN' on the VPN client page ??

Merlin renamed the option....it's now called "Automatic start at boot time" near the top of the page (it's really not only boot, it's also WAN restart). Make sure it's set to yes

 

[ColinTaylor]

@pusb87 Thanks for the log. It does match your router's syslog. The timestamps in the VM log is in GMT whereas Asus' is in BST so there's a 1 hour difference.

Your VM router is loosing connection to Virgin's upstream network and that is what is causing your problem. Been there, had that same error.

You'll see this sometimes if you've just changed your VM package or modem, in which case it might clear in 48 hours. Otherwise I'm afraid you need to call VM support and log it as a problem.

 

[pusb87]

Merlin renamed the option....it's now called "Automatic start at boot time" near the top of the page (it's really not only boot, it's also WAN restart). Make sure it's set to yes

ah ok...it was off so have set to yes
your help much appreciated, many thanks

 

[pusb87]

@pusb87 Thanks for the log. It does match your router's syslog. The timestamps in the VM log is in GMT whereas Asus' is in BST so there's a 1 hour difference.

Your VM router is loosing connection to Virgin's upstream network and that is what is causing your problem. Been there, had that same error.

You'll see this sometimes if you've just changed your VM package or modem, in which case it might clear in 48 hours. Otherwise I'm afraid you need to call VM support and log it as a problem.

ok, many thanks for all your help
if the problem persists I will be I touch with VM !

 

[telUK]

384.5 and now 384.6, had occurrences of 2.4ghz and 5ghz wifi dropping. Reboot fixes issue.

Anyone found the issue yet, seems like i'm always seeing someone mention about wifi dropping on here.

It used to be ok but something is definitely problematic in the later releases.

AC86U here.

 

[Xentrk]

I couldn’t agree more!! And I so wish that there was a setting next to each post that all of us could click and save in various customized folders for future reference!!! I like saving/watching threads but I am thinking having quicker access to some of these great posts would definitely be useful not only to those who are new at networking but everyone.

@thiggins—would this be possible in the future?

Thank you for considering![emoji120]


Sent from my iPhone using Tapatalk

@john9527 did an excellent job of helping me understand the DNS issue with Policy Rules. I documented the issue in my blog post here https://x3mtek.com/torguard-openvpn-2-4-client-setup-for-asuswrt-merlin-firmware/ in the section
DNSmasq and OpenVPN DNS. I am still updating the site and I may need to do some SEO fine tuning so it will get a hit. I will review @john9527 latest posts and make updates accordingly. AB-Solution FAQ has a link to my blog post as ABS will not work when using Policy Rules and Accept DNS Configuration is set to Exclusive as dnsmasq is bypassed.

 

[Xentrk]

This is a way to force the VPN to use dnsmasq and prevent DNS leaks. It should actually be faster than using 'Exclusive' mode since you now have dnsmasq caching available. But now, your WAN clients are also using your VPN DNS servers, and this may make it appear as if your WAN clients are slower. In most cases, your ISP servers will give the best overall performance.

I am close to releasing my Selective Routing script to the community and came across this issue again in my testing. Glad that it hit the forums again so I am not the only one making noise.

If routing ALL TRAFFIC thru the VPN client AND Accept DNS Configuration is set to Exclusive, dnsmasq is not bypassed and AB-Solution works.

For VPN Policy Rule users who use AB-Solution, dnsmasq is bypassed when using Policy Rules and Accept DNS Configuration = Exclusive. My x3mtek work around method is to set Accept DNS Configuration = Strict and in the Custom Config section, add "dhcp-option DNS some.dns.ip.address e.g. dhcp-option DNS 9.9.9.9. However, DNS will now leak.

Please tell me more about your method to force VPN to use dnsmasq and prevent DNS leaks. I am looking into unbound as a solution. I use unbound to send all DNS queries for WAN and VPN clients on pfSense but have not been successful in duplicating on Asuswrt-Merlin. More testing is needed.

In my scripts, I am routing individual LAN clients to a tunnel using the ip rule command:

ip rule add from "$IP" table 112 prior $count

AB-Solution works fine if using my work around method. But DNS leaks. The DNS leak does not appear to cause any issues with using geo restricted sites.

In my testing yesterday, I realize I need to detect if someone has Accept DNS Configuration to Exclusive. If so, I need to duplicate what Asuswrt-Merlin is doing for DNS by issuing the command:

iptables -t nat -A DNSVPN1 -s "$IP" -j DNAT --to-destination 10.9.0.1 (where DNSVPN1 is changed to the appropriate VPN tunnel depending on the tunnel assigned to the lan client). But this will result in dnsmasq being bypassed and ABS not working.

old_IFS="$IFS"
IFS=" "

while IFS=" " read -r iface ip description
    do
        case "$iface" in
            1) iptables -t nat -A DNSVPN1 -s "$ip" -j DNAT --to-destination 10.9.0.1 ;;
            2) iptables -t nat -A DNSVPN2 -s "$ip" -j DNAT --to-destination 10.9.0.1 ;;
            3) iptables -t nat -A DNSVPN3 -s "$ip" -j DNAT --to-destination 10.9.0.1 ;;
            4) iptables -t nat -A DNSVPN4 -s "$ip" -j DNAT --to-destination 10.9.0.1 ;;
            5) iptables -t nat -A DNSVPN5 -s "$ip" -j DNAT --to-destination 10.9.0.1 ;;
        esac
    done < /jffs/configs/x3mRouting_rules
IFS=$old_IFS

 

[Marin]

@john9527 did an excellent job of helping me understand the DNS issue with Policy Rules. I documented the issue in my blog post here https://x3mtek.com/torguard-openvpn-2-4-client-setup-for-asuswrt-merlin-firmware/ in the section
DNSmasq and OpenVPN DNS. I am still updating the site and I may need to do some SEO fine tuning so it will get a hit. I will review @john9547 latest posts and make updates accordingly. AB-Solution FAQ has a link to my blog post as ABS will not work when using Policy Rules and Accept DNS Configuration is set to Exclusive as dnsmasq is bypassed.

Thank you @Xentrk! I always appreciate your contributions to these forums!

 

[ablatt]

Sorry if this has been answered but why is it that host names don't show up for devices in the Network Map (only mac addresses), but do under assigned DHCP leases?

On a RT-AC86U. Merlin 384.6.

 

[Xentrk]

Sorry if this has been answered but why is it that host names don't show up for devices in the Network Map (only mac addresses), but do under assigned DHCP leases?

On a RT-AC86U. Merlin 384.6.

I have not seen anyone report this issue. You can run some commands from SSH session and compare it with what you are seeing in the gui.

This will show you the static DHCP assignments in nvram:

nvram get dhcp_staticlist | sed 's/<//;s/>/ /g;s/</ /g'

It should match the static DHCP assignments on the LAN->DHCP Server page.

This will show you the IP and mac addresses of connected clients

ip neigh

Other things to try is flush browser cache. If it worked on a prior firmware version, then factory reset and manually reenter the settings. A how-to link is in my signature.

 

[Grisu]

I have not seen anyone report this issue. You can run some commands from SSH session and compare it with what you are seeing in the gui.

Had exactly the same!
completely empty name field.

Now at least with stock beta 9.0.0.4.384_32683 it seems to be corrected.

 

[Makaveli]

Sorry if this has been answered but why is it that host names don't show up for devices in the Network Map (only mac addresses), but do under assigned DHCP leases?

On a RT-AC86U. Merlin 384.6.

Are you using Static IP's or dynamic?

 

[0014]

Something really wrong with this on my RT-AC88U.

It was rock solid stable on 384.5 beta 2. Yet on the official version of 384.6 I keep losing 2.4ghz. The router light shows it’s on. But going into the router it says control channel [emoji646] and even though the button is switched on and radio is enabled. It tells me in the WPS tab to turn the frequency on. But it already is.

At least I am hoping it’s the firmware and not a hardware issue. Reverting back to 384.5 beta 2 to test.

 

[scjr]

I upgraded to the refreshed 384.7 alpha 1 build, over the previous build and everything working great thus far.

 

[muffintastic]

384.5 and now 384.6, had occurrences of 2.4ghz and 5ghz wifi dropping. Reboot fixes issue.

Anyone found the issue yet, seems like i'm always seeing someone mention about wifi dropping on here.

It used to be ok but something is definitely problematic in the later releases.

AC86U here.

Yes, 5Ghz kept dropping for me, the only fix is a reboot, this is on a AC3200, I hope @RMerlin has a fix in the next build for us?

 

[chris.at]

I can reproduce strange problems on wifi with this release on 68u. I took my second one and did a fresh install, same problem. with .5 I can get full 220 Mbps copy speed in wifi, with .6 only about 80. No changes made on settings, so whats wrong?

Regards,
chris

 

[win465]

Any news from Asus on getting the code for the 87u?

 

[Zastoff]

I can reproduce strange problems on wifi with this release on 68u. I took my second one and did a fresh install, same problem. with .5 I can get full 220 Mbps copy speed in wifi, with .6 only about 80. No changes made on settings, so whats wrong?

Regards,
chris

Maybe try 384.7 alpha1 and see how that works

 

[chris.at]

Additional Info: With .6 "reduce usb 3.0 interference" is missing at 2.4G professional settings, instead there is a "wmm no ack" setting which wasn't there in any release before. Maybe this is related to the wifi problems?

 

[Mihai]

Any news from Asus on getting the code for the 87u?

Trimis de pe al meu ONEPLUS A3000 folosind Tapatalk