This widget could not be displayed.
This widget could not be displayed.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- English
- Other Products
- Networking
- Re: RT-BE88U - Instant Guard - no more traffic
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
RT-BE88U - Instant Guard - no more traffic
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
Hello everyone,
I'm using a MESH network consisting of three RT-BE88U routers. Since I updated the routers to the latest firmware: 3.0.0.6.102_39112-g7a02961_1472-g67069_BB0B, I've noticed that my clients, which connect via Instant Guard (VPN Connection), no longer have any data throughput.
Can anyone else observe the same issue or help me with this?
This is an excerpt from the Instant Guard log.
Nov 7 13:28:27 08[NET] received packet: from XXX.XXX.XXX.XXX[500] to XXX.XXX.XXX.XXX[500] (432 bytes)
Nov 7 13:28:27 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
Nov 7 13:28:27 08[IKE] XXX.XXX.XXX.XXX is initiating an IKE_SA
Nov 7 13:28:27 08[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 7 13:28:27 08[IKE] local host is behind NAT, sending keep alives
Nov 7 13:28:27 08[IKE] remote host is behind NAT
Nov 7 13:28:27 08[IKE] sending cert request for "C=TW, O=ASUS, CN=ASUS RT-BE88U-A4C8 Root CA"
Nov 7 13:28:27 08[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) V ]
Nov 7 13:28:27 08[NET] sending packet: from XXX.XXX.XXX.XXX[500] to XXX.XXX.XXX.XXX[500] (501 bytes)
Nov 7 13:28:27 06[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (352 bytes)
Nov 7 13:28:27 06[ENC] unknown attribute type INTERNAL_DNS_DOMAIN
Nov 7 13:28:27 06[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CPRQ(ADDR MASK DHCP DNS ADDR6 DHCP6 DNS6 DOMAIN) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr N(EAP_ONLY) ]
Nov 7 13:28:27 06[CFG] looking for peer configs matching XXX.XXX.XXX.XXX[%any]...XXX.XXX.XXX.XXX[F75780949A8F4A62A83EEB328CB2C217]
Nov 7 13:28:27 06[CFG] selected peer config 'Host-to-Netv2'
Nov 7 13:28:27 06[IKE] initiating EAP_IDENTITY method (id 0x00)
Nov 7 13:28:27 06[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
Nov 7 13:28:27 06[IKE] authentication of 'DNS-NAME.org' (myself) with RSA signature successful
Nov 7 13:28:27 06[IKE] sending end entity cert "C=TW, O=ASUS, CN=DNS-NAME.org"
Nov 7 13:28:27 06[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Nov 7 13:28:27 06[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (1232 bytes)
Nov 7 13:28:27 07[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (112 bytes)
Nov 7 13:28:27 07[ENC] parsed IKE_AUTH request 2 [ EAP/RES/ID ]
Nov 7 13:28:27 07[IKE] received EAP identity 'F75780949A8F4A62A83EEB328CB2C217'
Nov 7 13:28:27 07[IKE] initiating EAP_MSCHAPV2 method (id 0x20)
Nov 7 13:28:27 07[ENC] generating IKE_AUTH response 2 [ EAP/REQ/MSCHAPV2 ]
Nov 7 13:28:27 07[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (112 bytes)
Nov 7 13:28:27 05[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (160 bytes)
Nov 7 13:28:27 05[ENC] parsed IKE_AUTH request 3 [ EAP/RES/MSCHAPV2 ]
Nov 7 13:28:27 05[ENC] generating IKE_AUTH response 3 [ EAP/REQ/MSCHAPV2 ]
Nov 7 13:28:27 05[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (144 bytes)
Nov 7 13:28:27 08[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (80 bytes)
Nov 7 13:28:27 08[ENC] parsed IKE_AUTH request 4 [ EAP/RES/MSCHAPV2 ]
Nov 7 13:28:27 08[IKE] EAP method EAP_MSCHAPV2 succeeded, MSK established
Nov 7 13:28:27 08[ENC] generating IKE_AUTH response 4 [ EAP/SUCC ]
Nov 7 13:28:27 08[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (80 bytes)
Nov 7 13:28:27 06[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (112 bytes)
Nov 7 13:28:27 06[ENC] parsed IKE_AUTH request 5 [ AUTH ]
Nov 7 13:28:27 06[IKE] authentication of 'F75780949A8F4A62A83EEB328CB2C217' with EAP successful
Nov 7 13:28:27 06[IKE] authentication of 'DNS-NAME.org' (myself) with EAP
Nov 7 13:28:27 06[IKE] peer requested virtual IP %any
Nov 7 13:28:27 06[CFG] reassigning offline lease to 'F75780949A8F4A62A83EEB328CB2C217'
Nov 7 13:28:27 06[IKE] assigning virtual IP 10.10.10.1 to peer 'F75780949A8F4A62A83EEB328CB2C217'
Nov 7 13:28:27 06[IKE] peer requested virtual IP %any6
Nov 7 13:28:27 06[IKE] no virtual IP found for %any6 requested by 'F75780949A8F4A62A83EEB328CB2C217'
Nov 7 13:28:27 06[IKE] IKE_SA Host-to-Netv2[30] established between XXX.XXX.XXX.XXX[DNS-NAME.org]...XXX.XXX.XXX.XXX[F75780949A8F4A62A83EEB328CB2C217]
Nov 7 13:28:27 06[IKE] scheduling reauthentication in 9880s
Nov 7 13:28:27 06[IKE] maximum IKE_SA lifetime 10420s
Nov 7 13:28:27 06[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 7 13:28:27 06[IKE] CHILD_SA Host-to-Netv2{3} established with SPIs c47d74dd_i 05db87d0_o and TS 0.0.0.0/0 === 10.10.10.1/32
Nov 7 13:28:27 06[ENC] generating IKE_AUTH response 5 [ AUTH CPRP(ADDR DNS DNS) SA TSi TSr N(AUTH_LFT) ]
Nov 7 13:28:27 06[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (256 bytes)
Nov 7 13:28:42 08[IKE] sending DPD request
Nov 7 13:28:42 08[ENC] generating INFORMATIONAL request 0 [ ]
Nov 7 13:28:42 08[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (80 bytes)
Nov 7 13:28:42 07[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (80 bytes)
Nov 7 13:28:42 07[ENC] parsed INFORMATIONAL response 0 [ ]
Nov 7 13:28:52 08[IKE] sending DPD request
Nov 7 13:28:52 08[ENC] generating INFORMATIONAL request 1 [ ]
Nov 7 13:28:52 08[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (80 bytes)
Nov 7 13:28:52 07[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (80 bytes)
Nov 7 13:28:52 07[ENC] parsed INFORMATIONAL response 1 [ ]
Nov 7 13:29:05 06[NET] received packet: from XXX.XXX.XXX.XXX[26058] to XXX.XXX.XXX.XXX[4500] (80 bytes)
Nov 7 13:29:05 06[ENC] parsed INFORMATIONAL request 6 [ D ]
Nov 7 13:29:05 06[IKE] received DELETE for IKE_SA Host-to-Netv2[30]
Nov 7 13:29:05 06[IKE] deleting IKE_SA Host-to-Netv2[30] between XXX.XXX.XXX.XXX[DNS-NAME.org]...XXX.XXX.XXX.XXX[F75780949A8F4A62A83EEB328CB2C217]
Nov 7 13:29:05 06[IKE] IKE_SA deleted
Nov 7 13:29:05 06[ENC] generating INFORMATIONAL response 6 [ ]
Nov 7 13:29:05 06[NET] sending packet: from XXX.XXX.XXX.XXX[4500] to XXX.XXX.XXX.XXX[26058] (80 bytes)
Nov 7 13:29:05 06[CFG] lease 10.10.10.1 by 'F75780949A8F4A62A83EEB328CB2C217' went offline
13 REPLIES 13
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
Nope. Over here the Problem is ongoining when its deaktivatet. No Traffic wenn Connection to Instant guard.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
Have done factory reset on each router after firmware updates? This is needed. Also check for correct updates in AiProtection?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
After deaktivating the Problem ist ongoing
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Try uninstall and reset up of Instant Guard feature. If problem unresolved after all this, must use App to submit feedback to ASUS. Problem would be in ASUS side of Instant Guard feature. ASUS had problem with US feature servers and fixed. European servers may require ASUS fix.
- « Previous
- Next »
Related Content
