What's new

sudden blocking of website on Merlin 384.19

AC3

New Around Here
RT-AC1900 running Merlin AC68 384.19, longtime Merlin user, first time having an issue. - but having sudden problem accessing 1 single website (my company's site). Forgive me if I'm repeating another post.

Went from 384.18 to 384.19 a few weeks ago, usual manual reboot, everything seemed fine, no issues to report. Router settings pretty much default, using 4 1's for DNS and have OpenVPN running exclusively for 1 streaming device.

But this week, I'm discovering that I am unable to access my company's website - getting constant time-out errors. Happening on all my devices behind this router, and on different browsers. However - I'm able to reach the site using VPN or cellular. Even had a friend try, using the same ISP an ddifferent ISPs, and no problem connecting, site is working just fine.

Tried the following: flushed and changed DNS on router & devices, rebooted every device, cleared NVRAM on router, changed MTU, verified nothing was being blocked on router (no url/ip restrictions, no firewall changes)....nothing seems to work. Did a few tracerts : 1 hop is timing out - but the same timeout is happening on VPN - and VPN is able to connect just fine. Finally, tried an old backup router, and I was able to connect no problem on the first shot.

Don't know what else to try with the AC1900 - can I downgrade to 384.18 without risk? That was the last known working fw. Or did .19 make some obscure setting change that I am not seeing? Stumped.
 

L&LD

Part of the Furniture
Start at the beginning.


If those suggestions don't work, I would be trying the following next.

Fully Reset Router and Network
 

adrenalize

Occasional Visitor
To see if it is DNS or not can you browse to the website using the IP address rather than domain name? (use nslookup etc to find the address).
 

CaptnDanLKW

Regular Contributor
Just last week I started having issues with my Outlook IOS client syncing - complained my account settings were out of date. Ended up deleting my profile and adding it back - that process failed with a bizarre 'page could not be displayed' error inside the IOS outlook pane (like it was using safari in the background to process https communication. Also could not get my Windows 10 Mail&Calendar app to sync.

Then I remembered turning on DoT with 1.1.1.1 and 1.0.0.1 servers.

Turned DoT off and switched back to my ISPs DNS.

Drove myself nuts for a full day before I switched to cellular data only and I yelled out loud... AH HA.

No more playing with DNS.
 

techcafe

Regular Contributor
generally speaking, your ISPs DNS should perform better than a third party DNS, assuming your router is only a hop or two away from the ISP DNS. i've also experimented with Cloudflare, Quad9, OpenDNS, Google and many others; and measured performance comparisons with GRC's DNS Benchmark. as expected, my ISP DNS outperforms all other DNS'.

i also saw occasional DNS resolution errors (like NXDOMAIN) when using Cloudflare and Quad9. OpenDNS and Google perform well, no DNS errors, but my ISP DNS is still better & faster than any of them.

if you haven't already, run DNS Benchmark to compare.
 
Last edited:

AC3

New Around Here
Thanks for all the replies; however none of the suggestions make a difference. As I mentioned in my previous post, I have tried several DNS (including my ISP's), flushed cache and reboot between each attempt. DoT was never enabled in the first place so not that. Unable to reach the site via IP. Formatted JFFS which only erased my VPN settings (and never had issues with nvram / jffs space). Unplugged, waited & power cycled all devices. Nada. As I was saying, this only seems to have developed since updating to 384.19

I toss a different router into the mix, and the problem disappears - and this spare router is connecting fine with the same DNS so that kind of rules out a DNS error. I think I will turn that spare router back to primary for now, and try doing a complete factory reset and see what happens. Thanks again.
 

Phil Outram

Regular Contributor
Thanks for all the replies; however none of the suggestions make a difference. As I mentioned in my previous post, I have tried several DNS (including my ISP's), flushed cache and reboot between each attempt. DoT was never enabled in the first place so not that. Unable to reach the site via IP. Formatted JFFS which only erased my VPN settings (and never had issues with nvram / jffs space). Unplugged, waited & power cycled all devices. Nada. As I was saying, this only seems to have developed since updating to 384.19

I toss a different router into the mix, and the problem disappears - and this spare router is connecting fine with the same DNS so that kind of rules out a DNS error. I think I will turn that spare router back to primary for now, and try doing a complete factory reset and see what happens. Thanks again.
Do you have ai protection on or any sort of ip blocking stuff running such as skynet? If so whitelist the IP/url.
 

AC3

New Around Here
Do you have ai protection on or any sort of ip blocking stuff running such as skynet? If so whitelist the IP/url.
Nope, no blocking or anything of the sorts enabled. It's as if everything was working on 384.18; absolutely no settings were changed when upgrading to 384.19, but suddenly cannot reach this 1 site. There may be more sites that are not accesible, but from usual sites / domains I do visit, this is the only one not letting me connect. Really stumped.
 

Phil Outram

Regular Contributor
Nope, no blocking or anything of the sorts enabled. It's as if everything was working on 384.18; absolutely no settings were changed when upgrading to 384.19, but suddenly cannot reach this 1 site. There may be more sites that are not accesible, but from usual sites / domains I do visit, this is the only one not letting me connect. Really stumped.
Very strange indeed. I am a senior IT consultant in my day job, if you like I can try to access the url (assuming you are willing to share it with me via pm) to see if I can access it. This will determine if it's an Asus router problem in general or something that is just effecting your specific router or model of router. I have a different model to yourself (RT-AX88U) but I am on the 384.19 firmware. If I also cannot access it I may be able to run diagnostics to discover why. Obviously I totally understand if you don't feel comfortable sharing such information with a complete stranger on the internet, this is just an offer of help should you want it, but don't feel in any way pressured.

I'm in the UK so will be heading to bed shortly as it's gone midnight here now, so if you do share the url with me I'll probably not be able to do anything with it test wise until tomorrow.
 

AC3

New Around Here
Very strange indeed. I am a senior IT consultant in my day job, if you like I can try to access the url (assuming you are willing to share it with me via pm) to see if I can access it. This will determine if it's an Asus router problem in general or something that is just effecting your specific router or model of router. I have a different model to yourself (RT-AX88U) but I am on the 384.19 firmware. If I also cannot access it I may be able to run diagnostics to discover why. Obviously I totally understand if you don't feel comfortable sharing such information with a complete stranger on the internet, this is just an offer of help should you want it, but don't feel in any way pressured.

I'm in the UK so will be heading to bed shortly as it's gone midnight here now, so if you do share the url with me I'll probably not be able to do anything with it test wise until tomorrow.
Thanks for the offer, mate. The spare router I swapped in is actually an RT-N66U running an older version of Merlin....and no problems there. So somewhere, somehow 384.19 update must have glitched something....but it isn't making it obvious to see just what.
 

Pipecity

New Around Here
RT-AC1900 running Merlin AC68 384.19, longtime Merlin user, first time having an issue. - but having sudden problem accessing 1 single website (my company's site). Forgive me if I'm repeating another post.

Went from 384.18 to 384.19 a few weeks ago, usual manual reboot, everything seemed fine, no issues to report. Router settings pretty much default, using 4 1's for DNS and have OpenVPN running exclusively for 1 streaming device.

But this week, I'm discovering that I am unable to access my company's website - getting constant time-out errors. Happening on all my devices behind this router, and on different browsers. However - I'm able to reach the site using VPN or cellular. Even had a friend try, using the same ISP an ddifferent ISPs, and no problem connecting, site is working just fine.

Tried the following: flushed and changed DNS on router & devices, rebooted every device, cleared NVRAM on router, changed MTU, verified nothing was being blocked on router (no url/ip restrictions, no firewall changes)....nothing seems to work. Did a few tracerts : 1 hop is timing out - but the same timeout is happening on VPN - and VPN is able to connect just fine. Finally, tried an old backup router, and I was able to connect no problem on the first shot.

Don't know what else to try with the AC1900 - can I downgrade to 384.18 without risk? That was the last known working fw. Or did .19 make some obscure setting change that I am not seeing? Stumped.
I think I can have the same problem but on an AC88U.
So far I haven't run all the reset steps.
But it's clear that it's a problem with the router.
I bypassed the router and connected a cable directly from my fiber modem and it works just fine.
Ping and tracert works fine but trying to browse to the site doesn't work no matter which browser or unit I use.
The initial TCP packages times out so it seems that no packages get through.
It doesn't help using the IP so it's probably nothing related to DNS.

I have a AC66U that still is on 380.70 and that works fine.
 
Last edited:

AC3

New Around Here
I think I can have the same problem but on an AC88U.
So far I haven't run all the reset steps.
But it's clear that it's a problem with the router.
I bypassed the router and connected a cable directly from my fiber modem and it works just fine.
Ping and tracert works fine but trying to browse to the site doesn't work no matter which browser or unit I use.
The initial TCP packages times out so it seems that no packages get through.
It doesn't help using the IP so it's probably nothing related to DNS.

I have a AC66U that still is on 380.70 and that works fine.
Sounds similar to my issue. All my traces show that some early hops to my site time out. This then makes it impossible to connect to the site using 384.19. However....other routers / networks are still able to resolve, and connect. My old, spare N66U is using the same 380.70 as you, and no problems getting through. I've also tried an old Linksys, and no problems either. Unless I'm missing something, this seems more and more to be related to 384.19
 

dave14305

Part of the Furniture
What happens if you clone the MAC from the older “good” router to the AC1900?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top