RT-AX92U new firmware - 3.0.0.4.386_40451-g30f1b6c

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Thw0rted

Occasional Visitor
There's a sister thread for this same firmware version on the AC86U, but I thought it might make sense to start a separate thread for the AX92U.

I have 3 AX92U units running as AiMesh, with the primary configured as an Access Point (my ISP gateway has been promising to support Bridge Mode "real soon now" for over a year....). Until this morning, they worked great, I believe on the latest 384 firmware, with one node connected to the main over 5GHz-2 wireless backhaul and one via ethernet.

This morning, I downloaded the subject firmware from the Asus US website, checked the MD5sum, and applied it to the nodes via the primary's web interface. (It pops up a new window where you log into the web UI on the node's IP, then go directly to a firmware-upload page.) I did this for both nodes, but after the update finished they showed as "offline" in the AiMesh status page. I updated the main router, thinking maybe they couldn't rejoin until they were all on the same version. They still showed as offline after updating the main, so I did a reset on both nodes, and used a direct-wired connection to put them back into Node mode. I tried re-adding them, and they failed. The counter would go up slowly, then eventually I'd get a dialog saying that the add failed, with a list of things to check.

Since then, I've tried everything I can think of, but I just can't get the add to succeed. I've reset all devices a number of times, I've set up each device as a standalone router so I could double check its firmware version, I've even reflashed a node by uploading the same file again, just in case the original flash failed in some subtle way. I've tried adding wirelessly or wired, to both LAN and WAN ports on the nodes.

Tonight after work, if I don't hear any better ideas, I think I have to flash everything back to the 384 firmware, but I'm not looking forward to it. I might do one last-ditch clean re-flash of everything, followed by a hard reset, but I won't hold my breath for that to help. The worst part is that when an add fails, you get no details -- all you can do is try again and hope for different results.
 

L&LD

Part of the Furniture
Make sure you do a full reset to factory defaults on each node and then don't touch them again. Except by 'pointing' to them from the main router's GUI, after you have fully reset it too.

Make sure to remove all USB drives (safely, if needed, via the GUI), check the box to format the JFFS partition on the next boot', hit 'Apply' at the bottom of the page and then reboot the router three times in the next 10 to 15 minutes, waiting 5 to 10 minutes between each reboot. Also, when doing the reset to factory defaults hit the 'Initialize all settings...' check box too.

I would also suggest you use new SSID's for each band and do not import any previously saved backup config files.

Use the defaults suggested in the M&M Config guide (see the link in my signature below for that and other guides).

Do not customize the router beyond these basics while trying to troubleshoot. If the configuration works with the suggested defaults, make one customization at a time, testing for stability in between, until the network is fully functional or you find the setting that breaks it.
 

AndreiV

Very Senior Member
It would be better to wait for the firmware to auto update on your units rather than rushing to get the latest version and manually install.

I have the AC92U twin pack and always let the router update when ready, every time it has worked perfectly whereas others that manually update are having problems.
 

L&LD

Part of the Furniture
@AndreiV I think it's too late for that. :)
 

AndreiV

Very Senior Member
@AndreiV I think it's too late for that. :)
Probably , hard lesson learnt I guess. If you have 3 identical routers in a mesh auto update will upgrade all devices for you . I still say that AP mode is best for home users.
 

AndreiV

Very Senior Member
The new firmware was available on my routers this morning. Hit the upgrade button on the main router and 3 minutes later the job is finished, 386 running perfectly. Did the same for the AP and again 3 minutes and running perfectly , no messing around with downloads, unzipping etc.
 

Thw0rted

Occasional Visitor
Andrei, Asus sent an email saying that there was an important security update and it had to be applied manually:

A new firmware including important security fixes is available. We strongly suggest you to update firmware immediately.

Due to file server security update, please apply a manual firmware update via Web GUI.
LD, I did the hard reset by holding the WPS button while powering up - does that format the JFFS partition? If I have time today, I'm going to try a hard reset on all three. What I've been doing after that is going through the wizard in AP mode for one, node mode for another, *changing nothing else*, then trying and failing to add the node to the mesh. I don't get far enough to go through the guide, I think.
 

ATLga

Regular Contributor
Andrei, Asus sent an email saying that there was an important security update and it had to be applied manually:



LD, I did the hard reset by holding the WPS button while powering up - does that format the JFFS partition? If I have time today, I'm going to try a hard reset on all three. What I've been doing after that is going through the wizard in AP mode for one, node mode for another, *changing nothing else*, then trying and failing to add the node to the mesh. I don't get far enough to go through the guide, I think.
Asus sent you this email?
 

AndreiV

Very Senior Member
Andrei, Asus sent an email saying that there was an important security update and it had to be applied manually:

Look at the ASUS firmware page , if there was an urgent security update it would be listed in the release notes and state that a manual upgrade is required.

The previous version from May 2020 suggested a reset for manual upgrades and from memory that dealt with a security issue :

Version 3.0.0.4.384.91772020/05/20

Version 3.0.0.4.384.91772020/05/2060.88 MBytes
ASUS RT-AX92U Firmware version 3.0.0.4.384.9177
- Enhanced AiMesh connection stability
- Modified the Telnet/SSH setting UI message
- Fixed login bugs.
- Support router certificate export. After import the certificate to the computer you will not see the warning message when login with https. Please refer to https://www.asus.com/us/support/FAQ/1034294/

* By updating to this version, it's recommended to factory reset your RT-AX92U.

Using the auto upgrade the reset wasn't required.


I have been using ASUS routers since 2012 , all were registered with ASUS , I have never once seen any email from them about firmware.

It's simple , if your firmware needs upgrading it will become available on your router, just hit the UPGRADE button.
 

ATLga

Regular Contributor
I have been using ASUS routers since 2012 , all were registered with ASUS , I have never once seen any email from them about firmware.
Ditto! proclaimed emails like this are a red flag to me and are atypical of the way things are done at Asus.
 

AndreiV

Very Senior Member
Well, I have checked the global site, UK and USA sites and there is nothing about security update or reset mentioned in the latest firmware.

The last security issue I remember was @ May 2020 , probably "KrooK" ?
 

Thw0rted

Occasional Visitor
I was pretty skeptical too but I'm familiar with a lot of phishing techniques and the email looks legit. It contains that notice, with a link to asus.me/firmwareen, and a from address at asus.com, no reply-to address. I checked out the link: the cert is owned by AsusTek with credible contact info, and the page has valid instructions with no direct download links so I don't think there's any way it could be distributing malware. The email came 3 days ago and the new firmware is dated 4 days ago, though it wasn't actually up on the download page when the email first came in - I had to check back the next day. Definitely strange, but probably not malicious?
 

Thw0rted

Occasional Visitor
Also for what it's worth, I told myself when I got these that I'd only do automatic updates, and never rush to apply the cutting edge version, but the email said that a server change was breaking the automatic update. That's the only reason I did it manually. Maybe I should make a new thread to see if the email was actually legit? Like I said, I can't figure out what anyone would stand to gain by spoofing like this.

ETA: also also, I'm active on the Asus forum for this router, so it's possible the email is connected to that, and I've used the web UI's feedback function so they would have my email associated with this router model based on that. (The hardware was purchased in Germany so it's possible the DE site handles things differently from the US/UK)
 
Last edited:

Broken Hope

Regular Contributor
Not sure if related but I’ve been unable to check for upgrades via the app or the router UI for a couple of days, says unable to contact the server.

This is on an AX86U.
 

Thw0rted

Occasional Visitor
Not sure if related but I’ve been unable to check for upgrades via the app or the router UI for a couple of days, says unable to contact the server.

This is on an AX86U.
I forgot to explicitly say this, but after the email said automatic updates wouldn't work, I did try the "check for updates" button anyway and got an error message. I just took this as further confirmation that the email was legit.
 

Thw0rted

Occasional Visitor
Another update: I did the WPS-button factory reset on two units. I connected with a cable and set one to Node mode (using "choose operating mode" in the welcome page), then set it aside. I connected to the second one, set it to AP Mode (again, from the Advanced welcome page), provided only the required info, then tried to add the mesh node, and got the same error as always.

aimesh error.png



I power cycled both nodes and tried again, same result. I logged into the AP and downgraded it to 384_9177, rebooted, and set it to Mesh Node. Then, I did a WPS-button reset on the other device, configured it as AP, rebooted, downgraded that one to 384_9177, rebooted, and tried again. *Still* getting the same error, even though I'm pretty sure that's the firmware it was on yesterday morning when the whole network was working fine.

I'm running out of ideas here. I thought downgrading was going to be the last-ditch fix where I could at least get it back the way it was, but even that isn't working. Could I have somehow damaged the hardware when I upgraded? I've used at least two of the devices as plain (non-mesh) APs and clients seem to connect fine.

(Also: in case anybody was curious, I went to asus.de and downloaded the firmware posted there -- the checksums match the file I got from asus.com. I was worried this could be a problem where e.g. I had flashed US firmware to European hardware and it was trying to use the wrong channels. I don't think that's it.)
 
Last edited:

Thw0rted

Occasional Visitor
I got one pair to connect! I don't know what caused the original problem (where previously-paired nodes showed as offline), but I think my hours of hair-pulling probably boil down to a classic SSL clock skew error, (very!) poorly handled by Asus.

I was looking through the system logs on the device in AP mode, and noticed that it kept trying to run an NTP update. That's when I realized, it never asked me to configure the system clock -- in fact, it's only possible to set the time via NTP. All my troubleshooting up to this point was conducted offline, with the two devices sitting next to each other, connected to nothing, plugging my laptop (with wifi turned off) into one or the other to configure them. Since they never got online, they never had an accurate clock.

I plugged the AP-mode device's WAN port into my active router and checked that the system log showed a successful NTP update, then tried the AiMesh add process again. Now, the count went faster: slow until maybe 30%, then fast until 100%, and it succeeded in the end. The AP also showed an alert in the web UI that a new firmware was available (without me asking!), so I went ahead and used the automatic update, and now both the AP and the one mesh node are on the newest firmware. I'm going to swap out the last node and try adding that too, and hopefully I can finally be done futzing with it.

ETA: I had no problem pairing the second node. The problem was definitely the clock.
 
Last edited:

OzarkEdge

Part of the Furniture
Another update: I did the WPS-button factory reset on two units. I connected with a cable and set one to Node mode (using "choose operating mode" in the welcome page), then set it aside. I connected to the second one, set it to AP Mode (again, from the Advanced welcome page), provided only the required info, then tried to add the mesh node, and got the same error as always.

View attachment 27121


I power cycled both nodes and tried again, same result. I logged into the AP and downgraded it to 384_9177, rebooted, and set it to Mesh Node. Then, I did a WPA-button reset on the other device, configured it as AP, rebooted, downgraded that one to 384_9177, rebooted, and tried again. *Still* getting the same error, even though I'm pretty sure that's the firmware it was on yesterday morning when the whole network was working fine.

I'm running out of ideas here. I thought downgrading was going to be the last-ditch fix where I could at least get it back the way it was, but even that isn't working. Could I have somehow damaged the hardware when I upgraded? I've used at least two of the devices as plain (non-mesh) APs and clients seem to connect fine.

(Also: in case anybody was curious, I went to asus.de and downloaded the firmware posted there -- the checksums match the file I got from asus.com. I was worried this could be a problem where e.g. I had flashed US firmware to European hardware and it was trying to use the wrong channels. I don't think that's it.)
Make sure WPS is enabled on the router/root node.

OE
 

Thw0rted

Occasional Visitor
Make sure WPS is enabled on the router/root node.

OE
I'm 80% sure that I've successfully added a node with WPS disabled -- it just turns WPS on for you. (I think there have been complaints elsewhere on the board, because it doesn't turn it back off when you're finished.)
 

OzarkEdge

Part of the Furniture
I'm 80% sure that I've successfully added a node with WPS disabled -- it just turns WPS on for you. (I think there have been complaints elsewhere on the board, because it doesn't turn it back off when you're finished.)
I can't say for all models/firmwares. I can say that for my AC86U, the Network Map AiMesh 'add node' does automatically enabled WPS. But, for a recent RC2 beta firmware, the new AiMesh section 'add node' did not automatically enable WPS. I've been using the old way ever since. So, worth mentioning... WPS must be enabled one way or the other. And then disable it afterward.

OE
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top