[RT-AC68U] A dose of Quicksilver

[MaX PL]

In the thread/link below, it was explained to disable HW acceleration. HW=HardWare

You replied that you disabled the firewall. I think you're confused. You should enable the firewall. I don't think anyone said anything about disabling a firewall.

HW acceleration=HardWare acceleration

http://forums.smallnetbuilder.com/showthread.php?p=87158#post87158

huh? what are you talking about?

 

[sijuthomas98]

""Oct 23 21:17:34 HTTP login: Detect abnormal logins at 25 times. The newest one was from 192.168.1.2.\""

That's a snippet from the log screen, getting locked out of router frequently ,
The same password works after a while. On RC AC 68 U with quicksilver.
The second AC68 U is a media server mode and hasn't exhibited this behavior.

 

[RMerlin]

""Oct 23 21:17:34 HTTP login: Detect abnormal logins at 25 times. The newest one was from 192.168.1.2.\""

That's a snippet from the log screen, getting locked out of router frequently ,
The same password works after a while. On RC AC 68 U with quicksilver.
The second AC68 U is a media server mode and hasn't exhibited this behavior.

Asus is implementing better security against brute force login attempts. My guess is, your device on that IP is regularly trying to access the router on port 80, causing it to eventually lock it out.

Possible that Asus hasn't fully implemented that feature yet, so even accidental login attempts with no username/password (for example, a device simply blindly probing port 80 to detect what device is there) might end up getting itself blacklisted. That could probably be easily tuned in the FW - I can take a look at it if it ends up shipping with the final FW like this.

In the mean time, I would check your device on that IP constantly trying to access the router's webui.

 

[sijuthomas98]

Hi RMerl, It's my workstation that is on 192.168.1.2, what should I check in the routers web-ui? Thanks for your help.

 

[RMerlin]

Hi RMerl, It's my workstation that is on 192.168.1.2, what should I check in the routers web-ui? Thanks for your help.

There's something on your workstation that kept trying to access the router's web interface (unless it was you who entered the wrong password 25 times, but I doubt it ). Look for any software that might be scanning your network. Or an incorrectly configured proxy under Windows or your web browser.

 

[sijuthomas98]

Ha, Ha, it was me, getting frustrated .

 

[RMerlin]

Asus is working on security-related improvements like what you just noticed. Another thing I see in the recent code which they are currently working on is email notifications.

 

[Dijkstra88]

Asus released a new firmware update for the AC68U Version 3.0.0.4.374.291
It's quite some changelist

 

[delancyst]

Can't wait to get the Asuswrt version of the latest firmware.

I'm missing the WINS Browser feature that Rmerlin has!


Sent from my iPhone using Tapatalk - now Free

 

[Kris404]

I did try this firmware but it doesn't work with my fiber ISP's PPPoE authentication.

Error: 'PAP authentication failed' in the system log.

Coincidentally, it doesn't work with Asus' official firmware also but works perfectly fine out-of-the-box with DD-WRT's first build for this router.

I see that Merlin firmware has rs-pppoe 3.10 plugin which didn't help either.

Back to DD-WRT for now.

 

[RMerlin]

I knew I hadn't imagined that turbo mode - I found the webui bits that Asus put in as they were working on it (it's not enabled at the moment because they needed more time to look into stability issues introduced by it).

This is actually safer than the manual clkfreq modification however as it sets the clock at boot time, not through nvram. In case of failure, you can revert back to stock speed just by turning the button off.

I haven't decided yet if I'm going to enable it in my build or not (the current implementation isn't finished yet either).

For the curious:

 

[Kris404]

I did try this firmware but it doesn't work with my fiber ISP's PPPoE authentication.

Error: 'PAP authentication failed' in the system log.

Coincidentally, it doesn't work with Asus' official firmware also but works perfectly fine out-of-the-box with DD-WRT's first build for this router.

I see that Merlin firmware has rs-pppoe 3.10 plugin which didn't help either.

Back to DD-WRT for now.

False alarm, guys.

I went back to the first stock firmware for this device and upgraded to the latest stock. Will try Merlin's when available.

 

[ronan_zj]

I knew I hadn't imagined that turbo mode - I found the webui bits that Asus put in as they were working on it (it's not enabled at the moment because they needed more time to look into stability issues introduced by it).

This is actually safer than the manual clkfreq modification however as it sets the clock at boot time, not through nvram. In case of failure, you can revert back to stock speed just by turning the button off.

I haven't decided yet if I'm going to enable it in my build or not (the current implementation isn't finished yet either).

For the curious:

it reminds me the turbo mode on my Asus motherboard, but I haven't turn it on because last time when I tried, i kept getting bluescreen.

 

[nurv2600]

Downloaded and installed, and LOVING it; I'm quite the fan of minor improvements and enhancements rather than going all-out with DD-WRT (although that certainly has it's place).

So far everything seems stable and useable, but there is one option that seems to confound me no matter what: in the OpenVPN server, whenever I enable "direct clients to redirect all traffic", clients become unable to browse the internet. I can ssh into the router or open a terminal on any of the clients to run diags if you'd like. Here's my config (running the latest beta RT-AC68U build):

 

[RMerlin]

Downloaded and installed, and LOVING it; I'm quite the fan of minor improvements and enhancements rather than going all-out with DD-WRT (although that certainly has it's place).

So far everything seems stable and useable, but there is one option that seems to confound me no matter what: in the OpenVPN server, whenever I enable "direct clients to redirect all traffic", clients become unable to browse the internet. I can ssh into the router or open a terminal on any of the clients to run diags if you'd like. Here's my config (running the latest beta RT-AC68U build):

Are your clients connecting from outside your network?

 

[JGrana]

I am just leaving to go out of town a few days... but I tried this build early this morning. After a period of time scanning the router went unresponsive. I needed to power cycle...

I can do more testing Wed...

Sorry.

Ok, I didn't return until late Sunday... With respect the the alpha build, but I will run minidlna again with the large Photos directory and report back.
I am going to first run a scan on both the USB 3.0 1.5 TB drive (that holds all the photos, NTFS formatted) and the USB 2.0 drive that is ext3 and holds the /minidlna directory for logs and the DB.

I will also do a few putty sessions with tail -f of minidlna.log and syslog.log

 

[nurv2600]

Are your clients connecting from outside your network?

Yup, connecting from a Mac using Viscosity (or Tunnelblick, same problem), from a standard Comcast home connection to my work, a comcast business line with a static IP.

 

[greggy101]

I knew I hadn't imagined that turbo mode - I found the webui bits that Asus put in as they were working on it (it's not enabled at the moment because they needed more time to look into stability issues introduced by it).

This is actually safer than the manual clkfreq modification however as it sets the clock at boot time, not through nvram. In case of failure, you can revert back to stock speed just by turning the button off.

I haven't decided yet if I'm going to enable it in my build or not (the current implementation isn't finished yet either).

For the curious:

It would be an excellent idea to have the availability to run it at 1000Mhz in such a easy way.
If not in your final release - maybe in one that's experimental, please.

Thanks!

 

[RMerlin]

It would be an excellent idea to have the availability to run it at 1000Mhz in such a easy way.
If not in your final release - maybe in one that's experimental, please.

Thanks!

By now I've done enough tests to at least confirm that the option is fully implemented in the bootloader of the RT-AC68U that I have. There's a good chance I will provide the webui interface to allow enabling the functionality, at least it will be a safer method than playing with the clkfreq nvram value.

 

[RMerlin]

Yup, connecting from a Mac using Viscosity (or Tunnelblick, same problem), from a standard Comcast home connection to my work, a comcast business line with a static IP.

Perhaps it's the firewall preventing outside clients from going out on the interface from their VPN IPs.

One thing you could test is to configure your router to log dropped packets, then try connecting with your client. See what gets logged in terms of dropped connections.