Updated 6/6/2013: Corrected AiCloud inaccuracies
Like many other router manufacturers, ASUS uses the same interface and feature set across its product line. It's been a long while since we took more than a passing glance at the controls that ASUS provides for its popular routers. So, using the RT-N66U as the vehicle, let's go for a drive.
Logging into the admin interface for the first time launches a wizard just as before. You don't have an option to skip the wizard and it makes you enter a username and password, but allows you to continue to use the default (admin / admin). Detection of my DHCP WAN connection type was very quick.
RT-N66U Setup Wizard
Part of the wizard is wireless network setup. As Tim did in his review, I chose to not enable wireless encryption because I wanted to test WPS. But when I attempted to connect to the router, my client didn't indicate that it had found a WPS-enabled router and just let me connect unsecured.
I found that the wizard had set the WPS mode to Configured, but with no security enabled. So I had to reset WPS to take it out of Configured mode so that my client could execute a WPS PIN session, which ran successfully.
To check this for sure, I reset the router to factory default and attempted to connect a wireless client without running the Wizard first. The client properly started a WPS session, which concluded with a WPA2/AES connection. Upon logging into the interface, I was then forced to run the Wizard.
After you complete the wizard, subsequent logins take you to the Network Map, which provides clickable shortcuts to key setup features. The image below shows the Network Map as you come into the admin interface, with the right-side box showing my Wireless Status. You may notice the internet is disconnected; at this point I had disconnected it from my WAN for testing.
Network Map showing Internet Status
Before diving further into the user interface, here's a summary of the Dark Knight's features compiled from its data sheet and admin interface. Again, these features are common across all ASUS' routers running currently-available firmware, including the RT-AC66U, RT-N56U, RT-N65U and others.
- Static and Dynamic IP, PPPoE , PPTP, L2TP WAN connections
- MTU/MRU adjust (PPPoE only)
- DHCP Server w/ lease time setting, default domain and primary/secondary DNS
- DHCP Client list
- DHCP reservation
- Multicast routing and forwarding
- UDP proxy
- Switch jumbo frame enable
- UPnP enable/disable
- IPv4 Static Routes
- IPv6 support: Native; Native w/DHCP; Tunnel 6to4; Tunnel 6in4; Tunnel 6rd
- DDNS support for asus.com, dyndns.org, tzo.com, zoneedit.com
- Five level bandwidth-based QoS for upand download traffic.
- Firewall enable/disable
- DoS protection enable
- Virtual Server/port forwarding for single or multiple ports with TCP, UDP or both protocols forwarded. Separate source and destination ports, not schedulable
- Triggered port forwarding for single ports, TCP or UDP, not schedulable
- URL, keyword and network service filters
- Per client internet access scheduling
- DMZ Host
- RTSP passthrough
- PPPoE relay
- Ignore Ping Packet from WAN port
- Outbound port filtering: black/white list with port range, source/destination IP, protocol and day/time filter
- PPTP server
- PPTP, L2TP,IPsec passthrough (default enable)
- Remote Management with user configurable port, including HTTPS
- Ability to only allow access to certain IPs
- Syslog server support
- Command line interface via Telnet (default disable)
- Reboot and reset to factory default
- Save/restore settings
- Logs: System console, DHCP, Wireless, port forwarding, routing table
- WEP, WPA / WPA2 Personal and Enterprise (RADIUS) support
- Wi-Fi Protected Setup (WPS) support, pushbutton and PIN
- Auto, N-only, Legacy modes
- Auto and manual channel set
- Transmission rate set
- SSID broadcast enable/disable
- Radio enable day/time schedule
- WDS bridging / repeating
- Multicast transit rate
- Transmit power adjust
- Beacon period, RTS threshold, DTIM interval adjusts
- Transmit burst (default enable), multicast forwarding (default disable), WMM APSD (default enable) enables
- Wireless client isolation (from each other)
- Scheduled wireless enable/disable
- AP/router mode switch
- Four Guest networks per radio
- Wireless MAC address filtering (allow or deny based on MAC address)
- WMM disable
- AIDisk - share files on USB through the internet
- uPnP server
- iTunes server
- Samba file sharing
- Network Printer server
- 3G/4G modem backup mode
- Download Master
I loaded the latest 126.96.36.199.354 firmware onto the RT-N66U. A lot has been fixed since Tim looked at it last. HTTPS access and the ability to limit access to IP addresses has been added. The DLNA server now works well. But as I noted in the Merlin firmware review, the USB drive sometimes disappears sporadically and reboots won't bring it back; I have to physically pull the drive.
NAT loopback also now works well, as I was able to access local hosts by their internet FQDN from inside my network. The grammatical "Enabled" options which really meant "Enable" are also fixed. Even the VPN server connected right up for me with a Windows 7 Enterprise 64-bit client.
IPv6 is still rather confusing. It has support with Native, Native w/DHCP, Tunnel 6to4, Tunnel 6in4 and Tunnel 6rd modes supported. If you don't know what these mean or how to deal with the settings, you're on your own, unfortunately. The IPv6 page does now link you to an IPv6 FAQ. However, it didn't really tell me much.
In addition to sharing USB drives and printers, you can also plug in a USB 3G/4G modem to provide a backup internet connection, should the main WAN port go down. The list of options hasn't changed since we last looked at it.
3G/4G USB Modem page
The image below shows the entire list of what you can do with the two USB ports. It has changed only slightly since we looked at it last, mostly in verbage.
That Parental Contol feature you see in the menu may disappoint you if you're looking for web filtering. Under Parental Controls you can only schedule Internet access (all or nothing) for users you define. The Firewall section does allow you to filter by URL, keyword and Network Service. However URL and keyword filtering apply to everyone and can not be excluded for any clients. Network Service filtering appears to be per client.
The Automatic mode QoS feature under Traffic Manager doesn't appear to have changed since we looked at it last, according to the FAQ within the page. The only "automatic" part of it is that it engages a default rule set that "sets online gaming and web surfing as the highest priority and are not influenced by P2P applications".
The QoS feature itself is still a bit odd. It looks like a priority-based system, with five levels. But instead of each level having a relative priority to the other, you set a max/min bandwidth percentage limit for both up and download for each level. You can see this in the image below.
QoS Traffic Manager
The Traffic Monitor itself is unchanged and shows you pretty plots of bandwidth in real-time, last 24 hours and daily views. Unlike the Bandwidth monitor on NETGEAR routers, however, you can't set bandwidth limits or alarms. There's a screenshot in the gallery if you want a look, along with more shots of the admin interface with commentary.
A big addition to the router interface is AiCloud. AiCloud has several different options. But the jist is that it is supposed to let you share USB devices connected to the router anywhere via iOS / Android / Windows and MacOS apps. It also lets you share anything on the local network anywhere.
The rub is that even though you enable AiCloud within the router, you are still responsible for setting up the port forwarding to make it work. As we have said before, this does not meet today's standards for any product advertising "cloud" connectivity. If you're going to advertise "smart and easy" connection to a user's data from the internet, you'd better do that without requiring a user to futz with dynamic DNS, port forwarding, VPN configuration, etc. And relying on automatic port opening via UPnP isn't acceptable, either.
For AiCloud to work correctly you do need to set up dynamic DNS or connect by your WAN IP address, which is one step over what some cloud devices have the user configure. If you are using it as a second router (or even just as a switch) behind your primary router, it is smart enough to sense it's not the primary router and alert you to forward ports, even giving you the ports to open. I had mixed results with this configuration and confirmed with ASUS that multiple NATs are not supported.
Many devices with cloud features also don't require the configuration of dynamic DNS, instead going through a central server for connection to make it easier on the consumer. Many devices will also work through multiple NATs without router configuration, AiCloud does not. The dynamic DNS was easy to configure when setting up AiCloud. AiCloud will work well in the way most consumers have their routers configured.
AiCloud also allegedly lets you do a "Smart Sync" between chosen folders within the AiCloud app and ASUS Web Storage, which gives you 3 GB of free storage just for signing up. Try as I might, I could not get Smart Sync to work. I kept getting "Authentication Failed" messages. When I checked the Smart Sync log, it was completely blank. I've included screenshots in the gallery.
The main feature of AiCloud, accessing your devices anywhere, did work well for me, once I
opened up the required ports in my router firewall had the router set up as the primary router in router mode and configured dynamic DNS. In the image below, you can see my list of Samba devices on the network through the AiCloud iOS app. Clicking on each device asked for authentication and then allowed Samba share access according to your credentials.
AiCloud iOS app
One final note, the router can be run in Wireless Router mode or Access Point (AP) mode. Be careful when switching back and forth between the two, however. I found that the IP address will go back to its default, which may give you problems if your network is not in the same subnet as the default. I found this to be pretty annoying since my address range, was not the same as the router default.
Many functions are also missing when running in AP mode, most notably AiCloud. The option appeared to be missing and was not configurable in AP mode. I did leave it configured while switching from router to AP mode and found I could connect to AiCloud locally on my own network, so I know it is still present and working. Forwarding ports in that instance gave me mixed success.
For a deeper look at many of the admin interface screens, check out the gallery below.