Background:
Just got an Asus RT-AX86U Pro. Using as Access Point only (behind pfSense).
Happy with speed and coverage. No problems connecting to standard 2.4 and 5GHz.
Set up “Guest” network using “Guest Network Pro”. Tried several different devices. Several different attempts to configure. Failed to connect.
Apparently there is a known issue with Guest Network.
Asus however, seems clueless. VERY disappointing.
Question:
Can anybody recommend third party firmware for Asus RT-AX86U Pro ?
I have seen a couple of choices but not sure about how good they are.
Thank you @xMAXIMUSx . That was where I was heading.
I don’t think firmware is my total solution to Guest network, but part of it.
I think I need to let pfSense Handles all routing, DHCP, VLANs, and firewall rules.
I totally agree with you. If your asus has an AP mode or bridge mode. Then you should create a Guest VLAN on pfsense and then connect your AP to pfsense on that VLAN.
Same method as setting up a UniFi AP with pfsense.
if this is based on OpenWRT than you totally CAN do VLANs, DHCP and firewalling on the Asus device. However, I wouldn’t recommend doing this. I have been running OpenWRT for more than 10y and maintaining the firewall rules was a nightmare.
I did not have much luck with the stock firmware, so I loaded Asus Merlin firmware.
Merlin didn’t seem that much difference, but I was able to tag wireless with VLAN.
Maybe I just became more experienced.
Essentially, I used the “Guest Network Pro”.
If you select “Guest Network” it will assign VLAN IDs starting at 52 and go up from there.
If you select “Customized Network” you can pick the ID.
I also deselected “Use Same Subnet”
All the “work” was really in pfSense. I had to resurrect the knowledge of how to add a network and add rules to enable IPV4 etc.
Of course I added some simple rules to prevent the guest network (vlan) from independently accessing my other networks…plus disabling some standard ports.
I had to then go around and reconfigure some of the IOT stuff to point to the new network.
Working fine so far.
I’ll try to answer any questions, but no scripts involved on router.
Rules all on pfSense…nothing extraordinary…same process as adding a network interface.
Thanks all
Sterling