Business Community > Gateways > ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site
< Gateways

ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site

ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site

ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site
ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site
Sunday - last edited Monday

Since the first beta of 2.3.0 for the ER605 v2 there have been many reports of generally high CPU, random latency spikes, significant reduction in VPN throughput not just by myself but a number of users all confirming and reporting the same thing.  Each report has not been officially responded to by previous Moderator other than "This is expected" and a hand-wave away and refusal to discuss the issues.

 

4 Months on and so far, no hint of an update or a fix for these issues, especially the slow VPN / Random latency spikes.

 

I have a site which has critical need of VPN throughput, and it is somewhat crippled by this issue.  I spent several hours there today trying everything to get the router back on 2.2.6 - the last version that performance as as expected and consistent, to no avail.

 

SSH Roll-Back doesn't work as that router went through the 2.3.0 beta cycle which was at least 2 releases if i recall, so it only flip-flops between those two builds of 2.3.0.  Emergency mode doesn't accept any firmware earlier than 2.3.0 - and i tried them all right back to 2.0.0, in sequence, which was very time consuming.

 

Is there any way at all to get this router back to 2.2.6 until a fixed update is released - or if not - can we get an expedited fixed build ?

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300
  1      
 
  1      
 
#1
Options
2 Accepted Solutions
Re:ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site-Solution
Monday - last edited Monday

  @GRL Thank you for your post. Could you please clarify which type of VPN you’re using—OpenVPN or SSL VPN? We did identify some firmware issues related to these VPN types a while ago, and we’re currently preparing a beta release. Please be patient; it will be posted on the forum for trial soon. Regarding rolling back the firmware, version 2.3.0 does not block firmware downgrade. Please double-check your steps or try the process a few more times.

Recommended Solution
  0  
  0  
#2
Options
Re:ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site-Solution
15 hours ago - last edited 15 hours ago

 For anyone who wants to revert a 5.15 adapted firmware to something earlier (ER8411, ER605v2 etc) , who is stuck with SSH-Roll-Back not working, i found a way to do it!

 

Its a bit long winded, so bear with me......

 

Factory reset the router

Follow the emergency roll back procedure here - https://www.tp-link.com/uk/support/faq/3062/

Upload the firmware you want to the device.  It will reboot, but stay on current firmware.

Log into standalone interface, go to "System Tools > Diagnostics > Remote Assistance > Enable Remote Assistance > Save"  (this enables SSH)

 

Using your SSH client, log into the router, and use the En > Roll-Back command

 

Router will reboot and switch to the other 5.15 adapted firmware it has stored as its backup image

 

Now the key bit:

Follow the emergency roll back procedure here again - https://www.tp-link.com/uk/support/faq/3062/

Upload the firmware you want it to have.  This will now be saved in the internal second firmware slot

 

When it reboots, make sure "Remote Assistance" is enabled in its standalone GUI.

Repeat the SSH En > Roll-Back  procedure

 

It will reboot, in a broken unresponsive state.  When he SYS light is flashing, do a pin-hole reset.

 

Router will now reboot, and load the older firmware you uploaded to it and be in a fresh factory reset state

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300
Recommended Solution
  1  
  1  
#5
Options
4 Reply
Re:ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site-Solution
Monday - last edited Monday

  @GRL Thank you for your post. Could you please clarify which type of VPN you’re using—OpenVPN or SSL VPN? We did identify some firmware issues related to these VPN types a while ago, and we’re currently preparing a beta release. Please be patient; it will be posted on the forum for trial soon. Regarding rolling back the firmware, version 2.3.0 does not block firmware downgrade. Please double-check your steps or try the process a few more times.

Recommended Solution
  0  
  0  
#2
Options
Re:ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site
Monday - last edited Monday

  @GRL 

 

IPsec throughput is also massively effected on 2.3.0

 

And yes, the SSH roll-back will only roll back to whatever the previous active image was ( in this case another 2.3.0 beta) and the emergency download web gui simply doest do anything when given anything that isnt a 2.3.0 firmware.  It goes through the motions of saying is flashing it, but doesnt actually.  when the router reboots, still 2.3.0

 

I believe another user also reported this some time ago.

 

Edit: Also, perhaps you werent aware of this - its is fully documented that the 5.15 adapted firmwares (including 2.3.0 for 605v2) prevent direct flashing of previous build firmware (controller & standalone mode wont accept the bin files in the normal process) which is why the SSH roll-back was introduced at that time, but it can only load the previously active image.  If that wasnt a pre-5.15 adapted firmware it currently makes it impossible to go back to an earlier build, especially since the emergency mode wont accept them either - presumably because the boot image or partition layouts / signatures are different.

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300
  0  
  0  
#3
Options
Re:ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site
19 hours ago

  @GRL 

You're right—I double-checked, and V2.3.0 indeed cannot be downgraded.

  0  
  0  
#4
Options
Re:ER605 v2 FW 2.3.0 - VPN speed issues and no way to get back to 2.2.6 on critical site-Solution
15 hours ago - last edited 15 hours ago

 For anyone who wants to revert a 5.15 adapted firmware to something earlier (ER8411, ER605v2 etc) , who is stuck with SSH-Roll-Back not working, i found a way to do it!

 

Its a bit long winded, so bear with me......

 

Factory reset the router

Follow the emergency roll back procedure here - https://www.tp-link.com/uk/support/faq/3062/

Upload the firmware you want to the device.  It will reboot, but stay on current firmware.

Log into standalone interface, go to "System Tools > Diagnostics > Remote Assistance > Enable Remote Assistance > Save"  (this enables SSH)

 

Using your SSH client, log into the router, and use the En > Roll-Back command

 

Router will reboot and switch to the other 5.15 adapted firmware it has stored as its backup image

 

Now the key bit:

Follow the emergency roll back procedure here again - https://www.tp-link.com/uk/support/faq/3062/

Upload the firmware you want it to have.  This will now be saved in the internal second firmware slot

 

When it reboots, make sure "Remote Assistance" is enabled in its standalone GUI.

Repeat the SSH En > Roll-Back  procedure

 

It will reboot, in a broken unresponsive state.  When he SYS light is flashing, do a pin-hole reset.

 

Router will now reboot, and load the older firmware you uploaded to it and be in a fresh factory reset state

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300
Recommended Solution
  1  
  1  
#5
Options

Information

Helpful: 1

Views: 241

Replies: 4

About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.