Asus RT-AC68U One to One NAT & Dual Wan config help please.

[Bionic_Tx]

Just got an RT-AC68U and I am running Merlin 378.53_0 . I bought this to replace an existing router. But I have noticed that a few configurations that my current router has, I can't config in the AC68U. I have contacted ASUS but the Level 1 tech was unable to help me. The Level 1 tech gave me a case number and said that a level 2 tech will have to contact me. The question that I posed to the Level 1 tech was if the configurations that I need, can be applied via telnet/ssh...??

One to One NAT
I have a block of wan IP addresses from my internet provider that I need to resolve to certain lan ip's behind the AC68U. I don't see a way to configure this on the AC68U.

Dual Wan (access configured by group of ip's)
I have a dual Wan setup. Certain lan IP's wan traffic goes out of the primary wan, and certain IP's wan traffic goes out of the secondary wan. I see where I can enable the dual wan on the AC68U. I also see where to enable the load balance, I also see where I can then set the rules for specific Lan IP's to use a certain wan.. But I don't see any where I can specify a group of Lan Ip's to use a certain wan. Example: I need ip's 192.168.1.50 - 192.168.1.99 to use the primary wan, and I need 192.168.1.100 - 192.168.1.200 to use the secondary wan. How do i configure that with out having to type each individual ip address in the rules list?

 

[Emerald]

If I am not mistaken, Asus FW is based on DD-WRT; however they might have a SDK software for there routers that you might need to download.

Basically you are trying to have a SoHo router do what a Business router is suppose to do.

SoHo router are usually made to handle one public IP; however, the WRT fw is more flexible.

You will have to do some scripting of IPtables to get this to work.

here is some info on the 1to1 from the DD-WRT site which I hope will help:
http://www.dd-wrt.com/wiki/index.php/One-to-one_NAT

 

[Bionic_Tx]

The router that I am replacing is a Tplink VPN Router with built in WIFI. All of the settings I mentioned above are all very easy to input using the admin GUI. I assumed the asus router would allow me to do the same type of config.. But it seems like what I am trying to do is to advanced for the Asus router?

 

[Emerald]

the TP-Link you mentioned is a business router and therefore has those options nicely available via GUI.

this ASUS SoHo router with the WRT FW should be able to do the same but you really need to work for it.

If your TP-Link is still functional and you got the ASUS for the additional wifi speed, you can always configure the ASUS as an Access Point and connect it to the TP-Link via the LAN port.

 

[Bionic_Tx]

🙁 The Tp Link does still work, but i think it is dying.. It locks up at least once every 3 weeks to a month, completely killing all wan traffic... When this happens I have to physically go to the server room and power cycle the router. Then everything is happy for about 3 weeks.. The tplink has given me few issues the 20 months I have owned it.. I figured I would retire it.. Maybe I should send the AC68U back and get another TP-LINK TL-ER604W they are only $97.99 http://www.amazon.com/gp/product/B00DBX9HPC?psc=1&redirect=true&ref_=oh_aui_search_detailpage ..

You would happen to have a referral for a new AC Wifi, VPN, Dual Wan, 1-to-1 nat Router? or perhaps a link to some recent reviews?
I guess I will spend the rest of today doing research on what new devices are available that have all those features... 🙁

 

[Emerald]

have you checked if there is a firmware update available for the TP-Link?

when the router kills the WAN traffic, can you still log into it from you computer? If so, are you able to reboot it?

are there any error logs on the router showing why it killed the WAN traffic?

also check if the router allows you to schedule a reboot at night every two weeks.

 

[Bionic_Tx]

The TP Link warranty is for 5 years, so I guess I could open a case with tech support and get it rma'ed..
When this lockup happens, the unit is completed inaccessible. If I could access it remotely and restart it would have been great, then I wouldn't have to drive to the facility and manually power cycle it.. Thats another reason why this issue is such a pain! Because most of the time I am not at the location where the servers are.... And all wan access is dead until the power cycle.. No VPN, No VOIP, NO DHCP, No remote backup, No wifi. nothing.. Only things that are hardwired into the the managed LAN switch and already have an IP will continue talking to each other.

Error Reporting..
I have the logs on the router configured for Severity 0 thru 4 to report to the remote system log server. When I review the logs there are no errors reported.

We do have more people working for us now.. What if I am hitting the max Concurrent Session limit? Would that create this strange sporadic behavior?
The TL-ER604W spec sheet says Concurrent Session = 10000.
If I count all the devices that use internet/wan access...
20 VOIP Phones
10 Laptops
5 phones/tablets
5 servers
3 printers
5 other devices that I am forgetting..
----
So that's like at least 50+ devices that could potentially need access to the wan.
Most of these devices are hardwired in to a NETGEAR Managed Switch, and only need to access the router for DHCP, and wan traffic.

Firmware.
I am on the latest firmware that tp link has posted on their site.
But I may need to contact them, because sometimes they have firmware available that they don't post publicly.

 

[Emerald]

I think it would be a good idea to contact TP-Link tech support. they Might be able to help you with additional configurations.

also 10000 concurrent sessions seem a lot each website you open in a different Tab or browser can and email checking could count as a session.

maybe there is an issue freeing up sessions when the request has been processed.

does it happen at a specific time of the day when you experience more traffic or is it random?