Download Asuswrt-Merlin 384.19
Asus uses a Tomato-derived firmware called Asuswrt for its routers, such as the RT-AC68 and RT-AX88. This firmware is, with the exception of a few drivers, open source, whereby the closed binaries are included. Asuswrt-merlin, in turn, is a modified version of the original firmware from Asus. It includes bug fixes and minor improvements, but still tries to stay close to the original, so that it remains possible to add new features that Asus introduces to the code. The complete changelog for version 384.19 is up this page Here are the highlights in a nutshell:
[Release] Asuswrt-Merlin 384.19 is now available
Asuswrt-Merlin 384.19 is now available for all supported models, except for the RT-AX56U (no up-to-date GPL available for that model).
The main changes of this release are the merge of GPL updates, and a nearly complete rewrite of the OpenVPN implementation (functionality should remain mostly unchanged, aside from a few minor things documented in the changelog, and a few bug fixes.)
IMPORTANT: due to a flash partition layout change from Asus on the RT-AC86U, the JFFS partition content for that model may be missing or corrupted following the upgrade to 384.19. Make sure you make a backup of your JFFS partition before upgrading. If you run into issues, then reformat the JFFS partition (don`t forget to reboot), then restore your JFFS backup.
New:
- Added support for static routes for PPTP/L2TP VPN clients, on the Static Route page (themiron)
- Added notification when JFFS free space drops below 3 MB.
Updated:
- Merged GPL 384_9354 for AX models.
- Merged GPL 384_81992 for mainline models.
- Merged SDK + binary blobs 384_9354 for RT-AX58U.
- Merged SDK + binary blobs 384_9107 for RT_AX88U.
- Merged binary blobs + SDK 384_81981 for RT_AC5300.
- Merged binary blobs + SDK 384_81992 for RT-AC86U.
- Merged bwdpi components from 385_20630 firmware image for RT-AC68U.
- dnsmasq to 2.82-openssl (themiron)
Changed:
- Rewrote a large portion of the OpenVPN implementation, to make the code easier to maintain. The new libovpn code has been released under a GPL license. Functionality should remain largely the same.
- Replaced updown-*.sh OpenVPN event handler scripts with binary libovpn functions. The new code does stricter validation of the configuration.
- Enabling Client Config Dir (ccd) for an OpenVPN server in non-exclusive mode will no longer accept duplicate common names (to prevent issues with two clients trying to share the same settings). If you need such an unusual setup, you should enable “Username/Password auth only”, which will make the common name become the username. Or better, ensure that you have unique certificates for all of your users.
- Removed the (undocumented) vpn_debug setting. Debug logging will now only come from OpenVPN itself (configurable through the log verbosity setting).
- Improved mechanism for providing an available mount point for addon API scripters (dave14305)
- Harmonized the various SSL certificate modes with upstream.
0 – None – will be self-generated
1 – Imported – lets you upload your own (no longer self generated unless you don’t upload one)
2 – Let’s Encrypt (unchanged)
Self-generated cert will be stored to /jffs/cert.tgz, just like upstream.
Fixed:
- Broken French webui on AX models (fixed with Asus’s GPL update)
- Chacha20 wasn’t prioritized for bcm675x models which lacked AES acceleration (RT-AX56U and RT-AX58U)
- ddns updates and OpenVPN instances might be launched twice at boot time if the initial ntp clock sync happened too fast.
- Enforced DNS and tQoS fix would be lost when the firewall gets restarted while an OpenVPN client is running.
- Various issues surrounding error state report when an OpenVPN client failed to start properly.
- WINS provided by an OpenVPN server weren’t properly used.
- Some large DNS queries could fail when using DoT (patch backported from upstream)
Version number | 384.19 |
Release status | Final |
Website | Asuswrt-Merlin |
Download | https://www.asuswrt-merlin.net/download |
License type | GPL |