NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

nanorobocop's avatar
nanorobocop
Tutor
May 07, 2020

How to disable SSO login?

Hi here!   I'm happy owner of Netgear WAC124 access point. Firmware Version V1.0.4.4 When setup first time I've created netgear account and registered the product. But on next logins it always re...
indi-tech's avatar
indi-tech
Star
Dec 14, 2021

We use a firewall to block the WAC124's access to the internet. Typically a Meraki MX. This does not prevent network traffic from flowing through it or to the internet. It simply prevent's the WAC124's OS from accessing the internet. This disables the SSO and presents you with the local login. We do this with most consumer level and poorly supported gear. Had far too many Asus routers compromised. Unfortunately, this makes administration by remote network impossible. But that's also a good thing from a security standpoint. We then remote into a dedicated machine on the WAC's LAN to administrate.

 

If you are letting your cheap routers and APs have internet access, you're not doing it right. Those things get hacked all the time, cough, WAC124, cough.

  • spithost's avatar
    spithost
    Initiate
    Dec 14, 2021

    That's even better indeed :-)

     

    How did you program the firewall to prevent the WAC124-OS from accessing the internet and NOT prevent the other traffic, routed through the WAC124, to pass through?

     

    I guess you programmed a filter of some sort in the firewall to filter out the WAC124-specific-traffic?

     

    Is that relatively easy to do? Maybe I could do someting comparable in my 4G internetmodem...
    ('I'm not a support-tech and more a bit advanced "consumer" so I could use some pointers ;-))

    • indi-tech's avatar
      indi-tech
      Star
      Dec 14, 2021

      Thanks!

       

      Using a Cisco Meraki security appliance (firewall) it's pretty easy. Click on a netwrok device and apply the default block rule or create a special rule.

       

      Other firewalls with have ther own way of setting that up. In most cases, simply blocking the WAC124's IP or MAC from having access to the internet should do the trick. Such as denying all external IP traffic to and from the WAC.

       

      Hope that helps!

  • kas1kas's avatar
    kas1kas
    Initiate
    Feb 09, 2022

    Entering the MAC address of the Netgear router is absolutely the easiest and best way of getting rid of the ridiculous Netgear policy.

    Only thing is that the Netgear router must be behind another router that accesses the internet.

    If the Netgear is your only modem and router you can use the scripting work around.

     So, get a good product to connect to the internet and use this Netgear crap for internal purposes only.

    • DaneA's avatar
      DaneA
      NETGEAR Employee Retired
      Aug 09, 2022

      To all,

       

      The local login password password can be recovered.  Kindly try to follow the steps indicated on pages 141-142 of the WAC124 user manual here.

       

       

      Regards,

      DaneA
      NETGEAR Community Team

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More