[support]

@bambina Additional info for Question 2. You can leave Port 3 on LAN. But you can restrict router access to selected devices or users (could be proxy or VPN users): check the “Restrict router access” box under the Administration section on the System Settings page, then add the devices and users that are allowed to manage the router. Don’t lock yourself out!

[support]

1. If you want all VLANs to be isolated from each other, then only the diagonal boxes should be checked (i.e., source LAN -> destination LAN, etc.). If you further want client isolation, i.e., no cross talk between devices on the same VLAN, then you should uncheck the diagonal box too.

2. It’s preconfigured such that devices on LAN can access devices on other VLANs, but you can untick the boxes from LAN to other destinations so that LAN cannot access other VLANs either. By default settings, only devices connected to LAN can manage the router. If you are concerned that someone can gain LAN privilege by connecting to Port 3, then you can assign Port 3 to Guest (for example).

[support]

Yes, WPA3 is now supported on the AX1800. You can choose your preferred WPA mode per SSID.

[support]

Site Closed happens when you add a Calendar to restrict access to a site. For example, if you add a Calendar to allow Tiktok between 5:00pm – 7:00pm, then when your kids try to access Tiktok outside the time window, they will get Site Closed. More info here: https://www.pcwrt.com/2015/12/how-to-set-internet-access-time-limits-in-pcwrt/

[support]

First of all, do not tag any ports unless you’re connecting another router (with a tagged port) to the ports you’re tagging.

There are 5 preconfigured VLANs on the router, they are named: “LAN”, “Guest”, “X1”, “X2”, and “X3”. By default, “LAN” has the highest privilege and it can initiate communication to any other VLAN (thus all boxes with source “LAN” are ticked). And, only devices connected to “LAN” can log in the router management console.

In your case, assign Port 1 to X1, assign Port 2 to X2, leave Port 3 on LAN. Only computer connected to Port 3 can log in the router. No tagging!

Create SSIDs for Guest, X1, X2, X3 as you need, but you have to keep the SSIDs for LAN as they cannot be deleted. You can have up to 4 SSIDs per band, so you can’t run all SSIDs on both bands.

[support]

@strima We just released a fix for AP mode upgrade (v2.8.1). Follow the steps below:

1. Put the AP router back to Router mode
2. Change the LAN IP address of the router to be different from the main router (e.g., 192.168.11.1 if the main router has 192.168.10.1).
3. Connect the WAN port of this router to a LAN port on the main router
4. Click the “Check for updates” button on the System Settings page to upgrade
5. After upgrading, change the operating mode back to Access Point

You should be able to directly upgrade in AP mode after upgrading.

[support]

@strima Upgrade in AP mode is broken. We’ll fix this in the next release, coming in the next few days.

[support]

You can restore full backup files across hardware models since v2.6.2. VPN passwords, Cloud management key and DDNS password will be scrambled and you need to manually fix them. You may also want to inspect Network and Wireless settings to make sure they are OK.

[support]

The max speed with WireGuard for the AX1800 is 500Mbps. You should be able to get that if the VPN server is fast enough.

[support]

The certificate for the local website is self-signed. Browsers will complain that it’s not signed by a trusted certificate store. You can choose to proceed regardless of the warning since you know it’s your local router site.

[support]

What is your measured speed?

[support]

@strima Thanks for the additional info. We’re still looking into this.

[support]

2. You set it up once. Take it to location 2 and it should work. You can test it with your smartphone on mobile connection while at location 2. If you put it behind another router at location 2, you might need to set up port forwarding on that router for the UDP port used by remote control. But in most cases you don’t need to do that, it’ll just work.

3. If you put the ISP router in bridge mode, then the pcWRT router will have a direct Internet facing interface, just like it’s directly connected to your ISP.

[support]

What’s your hardware model and what VPN protocol are you using? What’s your speed measurement by the way?

[support]

To get a baseline, start with Access Control completely disabled. Compare the speeds of connecting the pcWRT directly to the ONT and pcWRT to Verizon router to ONT.

[Author]

Posts