NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Serviceport and SSH wont accept config after firmware update to 7-0-1-24
Good afternoon,
After purchasing several M4500-48XF8C devices, we have been impacted by the following bugs.
We have updated to firmware version 7.0.1.24. The following problems are still occurring.
We experience the following behavior.
1.
When serviceport ip is configured to 'none,' startup-config will display 0.0.0.0 for serviceport ip after saving config, however startup-config DOES NOT retain this configuration After Reboot. After reboot, serviceport defaults back to 192.168.0.something, which then causes the device to attempt to route everything going to 192.168.0.0/24 to the (unused) serviceport apparently, making us unable to use the 192.168.0.0/24 subnet after every reboot. Apparently there was an attempt to address this in an earlier firmware update but as of now it still does not work.
Workaround has been that serviceport will retain its configuration after reboot if configured with a random ip address rather than 'none.' Please fix this issue as it is a security flaw to have a random, unused ip address sitting on a port meant for admin management.
2.
SSH cannot be configured to port 22 because the device is apparently already serving ssh at port 22 but won't allow login from configured login list. I think something deeper in the OS is still serving SSH on 22.
Please let us know if these problems can be resolved, as they are significantly inconvenient in the short-term but would be unacceptable in the long-term if not resolved. Thank you
5 Replies
Good morning, we are having this same issue after upgrading. You can access your device if you use port 1223 for Telnet or 1234 for ssh. Our main issue is we go through our agency's firewall that does not permit 1223 or 1234 so we have resorted to keep the firmware at 7.0.1.20 until the fix comes out. FYI, if you decide to downgrade to 7.0.1.20 SSH will not revert to port 22...for some reason
Good afternoon,
For clarification, we upgraded from 7.0.1.20 to 7.0.1.24 and experienced the same behavior with both. The bugs existed before and after the upgrade in our case.
Thank you
We experienced the same thing with an out of the box switch that was at 7.0.0.7. We upgraded it to 7.0.1.6 (unsigned) and still no SSH. We then did some tests and sequentially upgraded it to 7.0.1.24. Each version had the same issue of not allowing SSH to utilize port 22. Our workaround is I changed the IP SSH port to 23 as 1234 is not allowed over our Firewalls but Telnet is. Hopefully the new version will fix these two bugs. FYI I never experienced the service port resetting to default after a power cycle...until I responded to your post, than boom...our build rebooted and lost its IP.
Hi rosshoffer,
- For #1, I would advise to contact us @ proavdesign@netgear.com, and we are happy to go through this with you, and, if required log a bug for this with our engineering team.
- For #2, the switch serves indeed on port #22, if we look at the manual:
M4500 Intelligent Fully Managed Switches CLI Command Reference Manual Software Version 7.0.0 (netgear.com)
Page # 72, there is the following description:
Furthermore, as example:
login as: admin admin@xxx.xxx.xxx.xxx's password: Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.14.4 x86_64) * Documentation: https://help.ubuntu.com/ Last login: Mon Jul 3 07:53:36 2023 from 172.22.0.101 Initializing console session. Press ^z to exit Connecting to /dev/pts/0 User:admin Password:************ (M4500-48XF8C) #It accepts on port #22, and once you have logged in, you can then login into the CLI of the switch.
Mike
Sir,
Thank you for the response...and your instructions make sense, they just don't work. We changed the ip ssh port to port 23 (one of the allowed ports through our main firewall) to establish the initial remote connection. When trying to configure the ssh port to port 22 I receive the message "Couldn't set the SSH server port number (already in use) even though in the running config it states "ip ssh port 23". This is also while I am connected to the CLI through port 23...so how could port 22 be in use? I hope this makes sense. Also on an out-of -the-box switch I followed your instructions to connect via port 22 with the default login and get Access Denied.
NETGEAR Academy
Master AV-over-IP networking, multicast protocols, and troubleshooting to confidently deploy and manage AV networks.
Join Us!
