ASUS routers can now run adam:ONE on the stable build of Merlin Supported Models, plus a few additional models, specifically this list:
- RT-AC66U_B1 (same firmware as the RT-AC68U)
- RT-AC68U (including revisions C1 and E1)
- RT-AC68P (same firmware as RT-AC68U)
- RT-AC68UF (same firmware as RT-AC68U)
- RT-AC1900 (same firmware as RT-AC68U)
- RT-AC1900P (same firmware as RT-AC68U)
- RT-AC86U (starting with version 382.1)
- RT-AC2900 (same firmware as RT-AC86U)
- RT-AX3000 (same firmware as RT-AX58U)
NOTE: This deployment is for adam:ONE version 4+ only.
NOTE2: For ASUS firmware that is newer than Merlin’s (e.g. 386 vs 384), in some cases, the Rescue utility must be used in order to apply Stable Merlin versions. In such a case, follow this how-to, and apply Merlin’s stable version directly with the firmware restoration utility.
- A qualifying ASUS router model from list above
- A USB flash storage drive with 2GB of capacity or more (ultra fit recommended)
Step #1 - Locate usable USB flash drive for storage:
- Use any 2GB+ Flash Drive that can be formatted (all data will be lost)
- Insert it into one of your router’s USB ports (USB3 recommended).
Step #2 - Save your ASUS router configuration (optional)
Just in case you want to restore factory firmware in the future with your current settings, document your settings or save a configuration backup.
Step #3 - Download and flash Merlin firmware
Head over to https://www.asuswrt-merlin.net/ and follow his instructions for a Stable download of firmware for your router
Optionally perform a 30-30-30 for a fresh start of Merlin-default NVRAM settings
Step #4 - Install adam:ONE software on your router
Make sure your router’s WAN connection is connected to your ISP or upstream connection.
Connect your computer to your ASUS router via ethernet (recommended) or WiFi. Make sure you do not have two connections. Use WiFi or Ethernet, but not both.
Log into router.asus.com in your web browser.
Go through the ASUS configuration wizard if prompted.
Back at router.asus.com go to Administration -> System tab, Enable login via ssh on LAN
Make an SSH connection to router.asus.com (the username you created during the ASUS configuration wizard is the only one that will work – if you made it
david, the ssh prompt is
Check to make sure date/time is accurate with this command:
If date is inaccurate, certificate validation will fail, so try running this command:
service restart_ntpd(then run
dateagain to confirm it is correct before proceeding.
Run these commands:
curl -L https://adamnet.io/asususb >adamone.sh
chmod +x adamone.sh
Follow on-screen instructions and reboot. The instructions will offer USB ext2 formatting options as well as check JFFS for writability and guide you through the requirements.
Get your BoxID from this command:
grep box-id /jffs/addons/adamone/muscle.conf | cut -d= -f2
Register BoxID at https://dashboard.adamnet.works
To confirm the service is running (some checks may fail until the BoxID is registered in previous step):
The last item should show you adamONE tables.
Note that the USB flash drive must stay inserted for adam:ONE services to function.
Troubleshooting adam:ONE service
Optionally force an upgrade to the running binaries on ASUS router with:
/jffs/scripts/adamone upgrade force
Troubleshooting router GUI
During installation, the router’s GUI changes from
This is required since
http://mytools.management binds itself to the router’s LAN TCP port 80.
Troubleshooting no Internet access
In the event that you enabled hard blocking setting during the installations script, endpoint internet access will fail in the following scenarios:
- USB flash drive is unreliable
- USB flash drive has been removed
Consider a temporary uninstall (see below) and replace the USB flash drive.
Troubleshooting router command-line restart
If you use ssh for management, note that
service reboot is the safe way to reboot (
reboot by itself does not always restart correctly on newer models).
Troubleshooting with command-line switches
/jffs/scripts/adamone stop - stops adam:ONE, cronjobs and starts dnsmasq
/jffs/scripts/adamone start - stops dnsmasq and starts adam:ONE and cronjobs
/jffs/scripts/adamone selfupdate - updates script
DNSFilter feature in AsusWRT
In the case DNSFilter is enabled on your ASUS router, adam:ONE will override it with its checkalive script each minute.
During the installation script, you will be asked for this setting, but it can also manually be disabled with this command:
/jffs/scripts/adamone set dns hijack disable
On the other hand, to enable it, run:
/jffs/scripts/adamone set dns hijack enable
However, when DTTS® is enabled, and DNS hijacking is disabled, non-adam:ONE DNS queries will be answered, but any other traffic will not be allowed. For example, notice that the DNS query is answered when hijacking is disabled:
$ dig @184.108.40.206 example.com +short
However, attempting to connect by https using curl is rejected:
$ curl -v https://220.127.116.11
- Trying 18.104.22.168…
- TCP_NODELAY set
- Connection failed
- connect to 22.214.171.124 port 443 failed: Connection refused
- Failed to connect to 126.96.36.199 port 443: Connection refused
- Closing connection 0
curl: (7) Failed to connect to 188.8.131.52 port 443: Connection refused
This is expected behaviour since the query wasn’t made via adam:ONE itself, which makes 184.108.40.206 a stranger. DTTS prevents the connection.
To revert back to Merlin defaults, either:
30-30-30 which wipes out startup scripts and moves the router GUI back to
Run the uninstall script here:
This option will keep the router GUI at