Asus router outage issues.

[Ranulfo]

FYI, for Asus router users, if you've had net connection problems the last few days they should be fixed now. TLDR, Asus pushed out a bad security file causing a memory leak leading to the router to cut off the internet connection.


News article:

https://arstechnica.com/information...used-mass-router-outage-worldwide-for-2-days/

“On the 16th, Asus pushed a corrupted definition file for ASD, a built-in security daemon present in a wide range of their routers,” one person wrote. “As routers automatically updated and fetched the corrupted definition file, they started running out of filesystem space and memory and crashing.”

SNB forum talk thread about it:

https://www.snbforums.com/threads/r...mory-leak-leads-to-lockup-every-10mins.85018/

 

[Vengance_01]

That's why you should just roll your own and a dedicated wifi AP. Never have this kind of problem

 

[philb2]

That's why you should just roll your own and a dedicated wifi AP. Never have this kind of problem

Sure, but I have to assume the OP

 

[philb2]

Sure, but I have to assume the OP

Meant to say. I'm sure the OP needs to sleep at least 3 hours every week. That's why we can't roll your own for every piece of tech. I

 

[philb2]

Meant to say. I'm sure the OP needs to sleep at least 3 hours every week. That's why we can't roll your own for every piece of tech. I

again, hit the send button too soon, I build all my PCs from parts, install Windows, etc. But I can't do that for everything.

 

[Vengance_01]

again, hit the send button too soon, I build all my PCs from parts, install Windows, etc. But I can't do that for everything.

Build it right it's set and forget

 

[kydsid]

again, hit the send button too soon, I build all my PCs from parts, install Windows, etc. But I can't do that for everything.

There are non-consumer options for similar prices. The change over cost will be higher due to separating routing from wifi access points. But given the cost over time, which will be less than consumer gear, anyone here should invest in non mass market consumer network gear.

 

[Ranulfo]

That's why you should just roll your own and a dedicated wifi AP. Never have this kind of problem

Or I could put Merlin on it.

 

[philb2]

There are non-consumer options for similar prices. The change over cost will be higher due to separating routing from wifi access points. But given the cost over time, which will be less than consumer gear, anyone here should invest in non mass market consumer network gear.

What do you consider an ASUS mesh router?

What would be truly non-mass market network gear? Please don't say Cisco.

 

[Vengance_01]

What do you consider an ASUS mesh router?

What would be truly non-mass market network gear? Please don't say Cisco.

Microtik, Unifi, a few others. TP-Link has a decent AP and then just roll your own PFSense FW.

 

[kydsid]

What do you consider an ASUS mesh router?

What would be truly non-mass market network gear? Please don't say Cisco.

Consumer junk. Had it ditched it.

Mass market consumer is what I said. Look at small business or corporate gear.

 

[philb2]

Microtik, Unifi, a few others. TP-Link has a decent AP and then just roll your own PFSense FW.

OK I get the part abouit Microtik and Unifi. However since like the OP I need at least 3 hours of sleep a week, I just don't have the time to delve into the PFSense FW. Unlike lots of the guys here I am not an IT professional, nor would I even pretend to be one. I'm just Joe User who likes to be well-informed about Windows, the Internet, security, etc. I appreciate that all the IT professionals here have a depth of knowledge and experience that I won't even try to match.

I don't know about the Microsoft Defender firewall, but I have Norton Security running on all my PCs. All Windows 10, no older Windows, no Linux, no NAS (right now). So if I already have a top-rate firewall running on each LAN system exactly what does an enterprise grade PFSense buy me?
Even if it is free. I used to work with enterprise products in my career in software product management, and they are a whole different world from consumer software.

 

[kydsid]

So if I already have a top-rate firewall running on each LAN system exactly what does an enterprise grade PFSense buy me?

Opinions may vary, but no you don't have a top rate firewall. PFsense isn't enterprise grade, small business sure, better than mass consumer router also.

Vulnerability comes quicker and quicker. What you get out of a non-consumer product? How about updates that don't cause a memory leak. :

Continuous updates addressing CVEs and more is what I want these days. Along with the ability to run things like pihiole, home vpn to protect mobile devices even when away from home and good layer 3 and layer 7 support and filtering. YmMV.

Ps I'm not IT. Just a hobbyist like most here

 

[TheSlySyl]

My Asus mesh setup with Merlin never went down.

This is the exact amount of time since I last updated the firmware. (release date: 5-07, I updated 5-08)

 

[TheSlySyl]

Continuous updates addressing CVEs and more is what I want these days. Along with the ability to run things like pihiole, home vpn to protect mobile devices even when away from home and good layer 3 and layer 7 support and filtering. YmMV.

You can do all of this with Merlin and amtm. I only have adguard-home installed directly on my router, but its powerful enough for my uses. I use it as a DNS cache as well, which means my DNS resolve times are usually in microseconds. (Not a typo, I'm talking fractions of milliseconds.)

According to Merlin himself, if you have an even somewhat up to date merlin firmware you aren't affected at all. So keeping my router up to date is why I didn't even know this was a thing.
Update your router firmware!

 

[kydsid]

Changing firmware to merlin, is about as much as using pfsense. It just isn't in the same ballpark or what is being discussed. You don't have a mass market consumer router, you have a merlin router.

 

[TheSlySyl]

It's still way, way easier to manage than a pfsense/opensense box. Especially if you want all the wireless and mesh options in a single unit.

 

[KickAssCop]

How do I get this fixed for my ASUS router. It is exhibiting the same behavior. I was about to buy a brand new one because I thought the router was done for.
Did many hard resets. Didn't fix the issue.

 

[Ranulfo]

How do I get this fixed for my ASUS router. It is exhibiting the same behavior. I was about to buy a brand new one because I thought the router was done for.
Did many hard resets. Didn't fix the issue.

Do you mean a factory reset? Aka press the recessed button on the back with a pen or paperclip end. Either way, update your router's firmware even if it is to the same version you already have. That should trigger the router to update to the new security file. Dont forget to save any settings before hand in case you have to reset it back to factory.

I didn't have to do a factory reset on mine, just update firmware which apparently had recently been updated anyway last month.

 

[KickAssCop]

I did a hard reset.
I also tried updating firmware but it said it is already up to date. My model is AC5300 which did not get a firmware update.

Not sure if this fixed this. Will keep monitoring.

 

[Ranulfo]

If it didn't work, you could try manually updating the firmware, just use the same one currently installed but download it from Asus' website and manually start it from the router admin page. I did it that way, didn't even think to try it via the update check in the admin page.

 

[SamirD]

Build it right it's set and forget

Unfortunately, nothing is like this anymore with all the 'updates' that break everything every so often. I wish it were so.

 

[SamirD]

There are non-consumer options for similar prices. The change over cost will be higher due to separating routing from wifi access points. But given the cost over time, which will be less than consumer gear, anyone here should invest in non mass market consumer network gear.

Ditto. I moved to enterprise gear and haven't looked back since.

 

[SamirD]

Look at small business or corporate gear.

Small business stuff is almost like scaled up consumer stuff depending on what it is. You want enterprise as that's the real stuff.

 

[SamirD]

Opinions may vary, but no you don't have a top rate firewall. PFsense isn't enterprise grade, small business sure, better than mass consumer router also.

Vulnerability comes quicker and quicker. What you get out of a non-consumer product? How about updates that don't cause a memory leak. :

Continuous updates addressing CVEs and more is what I want these days. Along with the ability to run things like pihiole, home vpn to protect mobile devices even when away from home and good layer 3 and layer 7 support and filtering. YmMV.

Ps I'm not IT. Just a hobbyist like most here

Continuous updates aren't necessarily the best thing because today's fixes cause as much problems as they're solving until the device just is so bug-ridden that it is replaced for a clean room design that will suffer the same fate. But zero updates are also an issue since that means nothing is getting fixed.

 

[Vengance_01]

Unfortunately, nothing is like this anymore with all the 'updates' that break everything every so often. I wish it were so.

Normally its cause I break it vs someone due to fact I tinker to much with my home setup but you are right.

 

[SamirD]

Normally its cause I break it vs someone due to fact I tinker to much with my home setup but you are right.

Haha, I used to do that too when I had more time--really great way to learn!