Menu
What's new
By:
Filters Better Search

RT-AC56U - alternative firmware?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

B

Bensrouter

Occasional Visitor
Hi,

Quick naive question: I use an older Asus RT-AC56U with the latest Asus Merlin LTS release. It works perfectly (thanks!). Considering the latest release is from December 2021, does it make sense security-wise to switch to another firmware like FreshTomato‑ARM (latest firmware from November 2022)?

I don't need much from my router except stability and speed. Asus Merlin LTS has worked perfectly for a few years, but I have also used Tomato on another router in the past. Not trying to start an ideological discussion here, I am happy that all these projects exist and I can still use my old router. I am just curious whether there is a security improvement in changing to a more recently updated firmware?

Thanks!
Ben
 
FreshTomato is excellent feature rich firmware with modern GUI, but you have to test it on your router. The builds are automatically generated and mostly untested. John's fork may be older, but more guaranteed to work properly on your AC56U, in my opinion. Test and see what works better for you.
 
Thanks, that's useful to know. John's fork is very stable. I am really just interested in whether using a newer firmware (and supposedly newer drivers etc) will have a security benefit?
 
Bensrouter said:
Thanks, that's useful to know. John's fork is very stable. I am really just interested in whether using a newer firmware (and supposedly newer drivers etc) will have a security benefit?
Click to expand...
They might not. I remember back when I was using Toastman Tomato firmware, whenever the new exploits came out, the devs would check and found that they were not susceptible to it. Older and more stable kernels and libraries do have their perks. Maybe not features, but security? Sure.

I am unclear on whether any in-the-wild exploits apply to John's fork right now, but it wouldn't surprise me if it was more stable and secure than you'd think for a year old piece of software.
 
One of My AC68U's runs DDWRT because I needed faster VPN then the 35 Mb/s OpenVPN gave me and DDWRT has native WireGuard which gets me 105 Mb/s and it is running fine for almost two years.
DDWRT runs on Kernel 4.4 which is an SLTS Kernel version so still supported security wise, others are still on Kernel 2.6 but usually security patches are still backported so you have alternatives.
 
DD-WRT is also automatically generated untested builds and some routers won't even boot. This is my concern. My own experience is not good. Nothing is guaranteed to work. The forum may help with what builds run well on specific hardware and what to avoid.
 
Tech9 said:
DD-WRT is also automatically generated untested builds and some routers won't even boot. This is my concern. My own experience is not good. Nothing is guaranteed to work. The forum may help with what builds run well on specific hardware and what to avoid.
Click to expand...
True, you have to read and follow the forum guidelines, and do some basic research, you cannot blindly barge in. The newer Broadcom routers are normally OK and are always up to date with the latest security patches e.g. Kernel/OpenSSL/WireGuard/OpenVPN etc.
 
Thanks to everyone! I guess I'm fine staying with John's stable fork then. (I have tried DD-WRT in the past but found it too complicated and not as stable as Tomato.)
 
I use both FreshTomato and John's fork: FT on my old Linksys E2000 (backup-backup router) and John's fork on my AC66U (backup router). Both work fine for the models I installed them on and I actually had issues with FT on my AC66U because the WAN MAC address appears/is the same as the LAN MAC address.

Regarding security related issues, you can go with John's latest Dev build (from August). If you read the changelog, you'll see all changes between the last stable (52E7) and the latest dev (53D7) are small fixes (mostly security related) and should not cause stability issues.

As stated by others, I'd stay away from DD-WRT or OpenWRT.
 
You must log in or register to reply here.

Similar threads

B
Upgrade router for security reasons?
Replies
9
Views
1K
Bensrouter
B
H
Authentication update taking forever in Asuswrt-Merlin 374 LTS
Replies
2
Views
807
harrysundown
H
T
Merlin 3004.388.6 for AX56u?
Replies
7
Views
772
L&LD
L&LD
RMerlin
Release Asuswrt-Merlin 386.13 is now available for AC models
2
Replies
38
Views
5K
Tech9
Tech9
P
Problem flashing Merlin firmware on Asus rt ax56u
Replies
2
Views
436
pattox
P
Similar threads
Thread starter Title Forum Replies Date
David Cavalli Merlin "End of Life" for 386.x firmware implications Asuswrt-Merlin 20
skeal Attached drive not idling down as the firmware says and is set for Asuswrt-Merlin 6
M VPN FUSION & VPN DIRECTOR Merlin Firmware Asuswrt-Merlin 34
dbaser ASUS RT-AC68U not working after Merlin firmware update, did I brick it? Asuswrt-Merlin 15
M ASUS RT-AXE7800 Merlin Firmware availability ???? Asuswrt-Merlin 11
E WebUI not working - AX86U (latest Merlin firmware) Asuswrt-Merlin 5
C Firmware File? Asuswrt-Merlin 17
E Cannot flash DSL-AX82U with GNUton firmware Asuswrt-Merlin 18
C Firmware download link for ASUS ZenWiFi AX (XT8) Asuswrt-Merlin 9
F Question - Manual Firmware Update Asuswrt-Merlin 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 854 (members: 36, guests: 818)
Top