NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

waadaa's avatar
waadaa
Aspirant
Feb 15, 2020

how to go back to version 1.1.50.39 firmware from version 2.0.0.1 Insight-ready firmware

Hi, did someone has been able to go back to firmware version image 1.1.50.39 on a GS724TPv2 that has been upgraded to version 2.0.0.2 ?   My company bought a GS724TPv2 managed switch for a PoC and...
Firmware
DaneA's avatar
DaneA
NETGEAR Employee Retired
Feb 17, 2020

waadaa,

 

Welcome to the community! :) 

 

did someone has been able to go back to firmware version image 1.1.50.39 on a GS724TPv2 that has been upgraded to version 2.0.0.2 ?

There is no GS724Tv2 firmware v2.0.0.2.  I believe you referring to firmware v2.0.1.2.  As far as I have checked, there is no issue logged for the GS724TPv2 with firmware v2.0.1.2 as per you have described in your initial post. 

 

 

My company bought a GS724TPv2 managed switch for a PoC and everything was fine with version  1.1.50.39 and below.

Unfortunately, the switch has been upgraded to Now with 2.0.0.1 firmware, it relentlessly generate SSDP traffic on one port, which is connected to a firewall's interface.  Naturally, the firewall is blocking + dropping such traffic. Security team (managing the Sec Infrastructure and firewalls) are on my back because of all alerts and logs filling that switch is generating :-( The switch has been relocated to a small office LAN segment for the time being. It is less than a year old.

There might be other changes made besides the firmware update that might trigger the problem such as change in the settings of the GS724TPv2 or additional devices connected within the existing network.  

 

It would be best that you download the tech support file of the GS724TPv2.  Then, open a support ticket with NETGEAR Support here at anytime in order for the tech support file to be analyzed why the GS724TPv2 generated SSDP traffic on one port that is connected to a firewall's interface.  

 

Kindly read pages 387-388 of the GS724Tv2 user manual here on how to download the tech support file. 

 

 

Regards,

 

DaneA
NETGEAR Community Team

schumaku's avatar
schumaku
Guru - Experienced User
Feb 17, 2020

Well possible, the Insight-enabled firmware does announce itself byUPnP (SSDP) and Bonjour to the network. Is there any Web UI control to enable/disable these? 

  • waadaa's avatar
    waadaa
    Aspirant
    Feb 18, 2020

    I think too it is the insight firmware that generate that traffic.  Unfortunately, there is no option in the webGUI to disable that.

    Thanks for your input.

     

    Kinds Regards,

     

    • Retired_Member's avatar
      Retired_Member
      Feb 19, 2020

      @waadaa 

       

      Welcome to Netgear community, SSDP traffic is designed to support Insight-enable on v2.0.1.2, and no option to disable it on GUI, multicast less than 10 packets per sec, so it's harmless when device working in standalone or Cloud mode, it shouldn't cause device flooding or reload.do you see anything else broken beside uplink port traffic light LED flash?

       

      Can I know your topology in more detail? how many other devices are connected?

      Internet -- FW -- GS724TPv2 --any additional devices?

       

      v1.1.50.39 is transition image from non-insight support (v1.1.x.x) to Insight-enable image (v2.0.x.x), upgrade path should be v1.1.x.x -> v1.1.50.39 -> v2.0.x.x, however downgrade from v2.0.x.x to v1.1.50.39 is restricted by design, there is another downgrade transition image to support downgrade from Insight-enable to non-insight support image, but it's for internal usage and not posting officially.

       

      • waadaa's avatar
        waadaa
        Aspirant
        Feb 23, 2020

        Hi Bruce,
        Thanks for your answer. Sorry for the delay in my reply. Several things fell on my plate last week...

        With firmware 1.1.1.29, to experiment VLANs and trunking were configured with some servers to evaluate switch's capabilities during the PoC. Things went well. Then the ill-advised "firmware updates too far" were applied. without the possibility to go back to 1.1.1.29. Soon after that, security team who manage the firewall brought to my attention the GS724TPv2 switch was poking the firewall other zones's interfaces with SSDP traffic...

        Network topology is also simple (see diagram below). The switch was located in our "Purple zone" (aka Lab) zone behind a firewall. The firewall controls traffic to others zones and outside. All traffic being dropped between purple zone and everything else. Links are all at 1Gbps on Cat6 cables. No IPv6.

        Under firmware 2.0.1.2, the switch has been reverted to its factory/default configuration. Only NTP and switch's static IP address parameters have been modified. As I wrote previously, the switch has been pulled out from the Lab zone and is now on the side line as we are investigating flapping events and its reboots needs and while the team is deliberating what we'll do next.

        Kinds Regards

         

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More