RT-AC86U running 386.7_2

polanskiman

New Around Here
I recently upgraded to Merlin 386.7_2. I am seeing the following logs. It could be they were here before but only noticed them recently.

Code:
Nov  7 17:53:57 kernel:  *** ERROR: [send_redir_page:614] # redir_url=http://[REDACTED IP:XX]/blocking.asp?cat_id=94&mac=[REDACTED MAC]&domain=ptaimpeerte.com
Nov  7 17:53:58 kernel:  *** ERROR: [send_redir_page:614] # redir_url=http://[REDACTED IP:XX]/blocking.asp?cat_id=94&mac=[REDACTED MAC]&domain=ptaimpeerte.com
Nov  7 17:54:01 kernel:  *** ERROR: [send_redir_page:614] # redir_url=http://[REDACTED IP:XX]/blocking.asp?cat_id=94&mac=[REDACTED MAC]&domain=ptaimpeerte.com

IP and MAC addresses have been redacted intentionally.

Parent control is disabled
URL filter is disabled

These errors only seem to occur when I connect to either the VPN server on my NAS or to OpenVPN server on the router.

Are these errors expected?

Thank you.
 

polanskiman

New Around Here
AIProtection is disabled.
Screen Shot 2022-11-08 at 08.27.05.jpg
 

ColinTaylor

Part of the Furniture
AIProtection is disabled.
Strange. It's definitely an AiProtection message. Maybe that's why is says "ERROR" - it wants to redirect to the blocking page but AiProtection is disabled?

If you go to Administration - Privacy do you have any options to "Withdraw"?
 

polanskiman

New Around Here
If you go to Administration - Privacy do you have any options to "Withdraw"?
Yes.
Screen Shot 2022-11-08 at 08.45.46.jpg


Since you mentionned the AIProtection, I was wondering if something was fishy on that front. I enabled AIProtection then immediately disabled it again. I then tried connecting to my VPN servers and I am not seeing these errors anymore. So I enabled AIProtection again and left it enabled this time. I tried connecting again to my VPN servers and no errors again...

What's this all about?
 

ColinTaylor

Part of the Furniture
Maybe something didn't quite get turned off fully. It's quite common for people the have to manually Withdraw from the license agreements to fully disable the TrendMicro stuff.

As for the error, I don't think it's specifically related to the VPN. Rather it would be a client trying to browse to a particular website that had malicious popups. Does the redacted IP or MAC address indicate the client the request came from?
 

polanskiman

New Around Here
As for the error, I don't think it's specifically related to the VPN. Rather it would be a client trying to browse to a particular website that had malicious popups. Does the redacted IP or MAC address indicate the client the request came from?
Well I had the log open when connecting to VPN and that error would log just after VPN got connected. It happened each time so unless it was a huge coincidence I assume it was the VPN initiating the error log. Also the redacted IP is the router IP and the MAC is the VPN MAC address, so I think it's pretty much the VPN.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top