Asuswrt-Merlin v3006_102.8_beta2

Master

Asuswrt-Merlin 3006.xxx Changelog
=================================

3006.102.8 (xx-xxx-2026)
  - NOTE: There has been important changes to OpenVPN, some necessary with the update to OpenVPN 2.7.  Make sure you read the details below, especially if running an OpenVPN server with deprecated features that have now been removed.

  - NEW: Added tls-crypt V2 authentication support to OpenVPN servers.  Don't forget to generate a client key for each client that will connect to you. The keys can be generated from the webui, after you have started the server with TLS control set to "Encrypt Channel V2".  A new button will appear that can generate a new client key each time you click on it.
  - NEW: CSV Import/Export feature on DHCP reservation page (backported from Asuswrt 6.0 to other WIfi 6/7 models).
  - UPDATED: Merged with GPL 102_37538 (Wifi 6)
  - UPDATED: Merged with GPL 102_39127 (RT-BE58_Go)
  - UPDATED: Merged with GPL 102_41424 (GT-BE19000AI)
  - UPDATED: Merged with GPL 102_39995 (Other wifi 7 models).
  - UPDATED: OpenVPN to 2.7.4.
  - UPDATED: OpenSSL to 3.5.7 (GT-BE19000AI)
  - UPDATED: dropbear to 2026.91.
  - UPDATED: dnsmasq to 2.93 + some backports.
  - UPDATED: miniupnpd to 2.3.10-64ef08a.
  - CHANGED: VPN Status page can now detect running but non-connected WireGuard client tunnels, and report them as being in an error state.
  - CHANGED: Include two separate miniupnpd builds - with, and without IGDv2 support.  Run the appropriate version based on whether the user enables IGDv2 or not.  This is to improve compatibility, as IGDv2 support is still problematic for some clients, and cannot be fully disabled at run time.
  - FIXED: Some webui pages may fail to properly show recent changes after clicking on Apply (an outdated cached version would be shown instead). Fixed by disabling ETag support for all .asp files.
  - FIXED: Cannot disable wifi 6 mode on Wifi 6 models (upstream issue)
  - FIXED: Multiple CVEs for OpenSSL 1.1: CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-7383, CVE-2026-9076, CVE-2026-34180, CVE-2026-42766 and CVE-2026-45447 (backports by RSDNTWK)
  - FIXED: UPnP port forwards not working if port forwarding or NAT weren't already enabled (patch from Asus)
  - FIXED: ntpd stops answering after a few days (workaround by restarting it every 24 hours)
  - FIXED: Connectivity issues when using QoE (GT-BE19000AI, patch from Asus).
  - REMOVED: Support for secret static key authentication from both OpenVPN clients and servers.  Deprecated since 2.7.0, and considered outdated in terms of security.
  - REMOVED: Compression support from OpenVPN server.  Update your client configs if you were using it. Client support is still available for backward  compatibility with old remote server setups, but expect it to be removed from OpenVPN 2.8. If for some reason you absolutely need it for your server (despite the security implications), you can still enable it through the Custom settings.
  - REMOVED: Some obsolete/non-working OpenVPN settings such as fast-io (no longer working with 2.7) or data cipher (were replaced with NCP a few years ago).



更新机型

* GT-AX11000_PRO
* GT-AX6000
* GT-AXE16000
* GT-BE19000AI
* GT-BE98_PRO
* RT-AX86U_PRO
* RT-AX88U_PRO
* RT-BE58_GO
* RT-BE86U
* RT-BE88U
* RT-BE92U
* RT-BE96U
* XT12



下载链接: https://pan.baidu.com/s/1Ve9xD3fn0NUEOUy2sWLBWg

提取码:

游客，如果您要查看本帖隐藏内容请回复

微信扫一扫，阅读更方便^_^

ha120

感谢分享