Asus gebruikt voor zijn nieuwere routers, zoals de RT-AC66U en RT-AC87U, van Tomato afgeleide firmware met de naam Asuswrt. Deze firmware is, op enkele drivers na, opensource, waarbij de gesloten binaries wel meegeleverd worden. Asuswrt-merlin is op zijn beurt een aangepaste versie van de originele firmware van Asus. Het bevat onder meer bugfixes en kleine verbeteringen, maar probeert toch dicht bij het origineel te blijven, zodat het mogelijk blijft om nieuwe features die Asus introduceert toe te voegen aan de code. Versie 380.67 is uitgekomen en hierin zijn de volgende veranderingen en verbeteringen aangebracht:
- Merged with GPL 380_7743 code, with binary blobs from 7378 for N66U
- Custom config support for quagga/ripd.
- Webui SSL certificate can now be saved so it gets reused instead of a new one being constantly generated. It will be stored under /jffs/ssl/, you can also easily provide your own by storing cert.pem and key.pem in that location. Settings to control this can be found under Administration -> System.
- TLS support in vsftpd. Key and certs are automatically generated, and can also be replaced by your own, as ftp.key and ftp.crt under /jffs/ssl/
- fq_codel and configurable overhead support in Adaptive QoS.
- PEAP/MSCHAPv2 support via 802.1x on WAN interface, in addition to existing MD5 support (patch by Rafi Khardalian)
- Remember chosen sort method on DHCP static reservations page.
- Updated minidlna to 1.2.0.
- Updated nano to 2.8.5.
- Updated openssl to 1.0.2l.
- Updated ipset (ARM) to 6.32.
- Upgraded from vsftpd 2.0.4 to 3.0.3. You might need to revise any custom configuration you have done (if any).
- Moved SMB2 support switch to the main samba page.
- Optimized all webui images for size
- Tor now runs as a limited user instead of as root
- Limited number of supported OpenVPN clients to 2 on the RT-AC3200, to save on nvram.
- Removed tweak that allowed to disable/enable bridge multicast snooping, as Asus now disables it upstream at the kernel level.
- OpenVPN client would be shown as having failed to connect if a reconnect attempt initially failed to authenticate, but succesfully connected afterward.
- Quagga's log could fill up RAM, reduced the amount of logging generated by it.
- NFS sometimes failing to start properly (patch by john9527)
- Layout issue of the status bar under Chrome when window is larger than 1800px (patch by Cyrus Dargahi)
- UPNP and SNMP issues in Dual WAN mode.
- NAT Loopback (merlin mode) in Dual WAN mode wasn't supported.
- Internal and external port specifications were swapped in miniupnpd's config file (Asus/Tomato bug)
- Enabling policy-based routing for a client connecting to a server that doesn't push a redirect-gateway would fail to properly route traffic (for instance with StrongVPN)
- Invalid port trigger rules when specifying a port range (patch by John Bacho)
- OpenVPN client with a password containing an "&" could get corrupted when re-editing that client's config.
- Some remote syslogd would choke on syslog entries sent by the router if there were spaces in the tag parameter. Removed spaces where this was the case.