Nessus Professional Vulnerability scan kills internet connectivity through SXR80

Question

Our setup:We have two completely separate, physically isolated networks.&nbsp; One is our corporate network with no wi-fi, and the second is a simple business grade cable-internet that we use solely to provide our customers free public wi-fi using a fairly new Netgear Orbi Pro WiFi 6 SXK80 kit with a router and 2 satellites.&nbsp; The Orbi system replaced a Netgear R6300v2 wi-fi router earlier this year.&nbsp;The issue:For at least the last 4 years, we have utilized Tenable Nessus Professional for quarterly external vulnerability scans of our corporate network's public IP space.&nbsp; To do this, we connect our Nessus scanning laptop to the cable internet connection that we use for public wi-fi access.&nbsp; Through previous Netgear routers this has never been an issue, and the scans have always completed just fine.&nbsp; However once we replaced the R6300v2 router with the Orbi system, running the Nessus scan through this device completely hoses up the internet connection through the SXR80 (meaning internet access just stops, with all devices reporting no internet access even though they are still connected to the wi-fi network), with the only resolution being to power cycle the SXR80.&nbsp; The cable modem and ISP is apparently not the issue, because the only thing that changed was moving from a R6300v2 to the Orbi Pro router.&nbsp; I could potentially see if the Netgear Orbi was the target of the scan, but this is not the case.&nbsp; The scan is originating from the Orbi, and the scan targets are our corporate nework's public IP addresses (less than 2 dozen IPs).&nbsp; I opened a ticket with Tenable support, and they recommended slowing the scans down and trying again, to no avail.&nbsp; They then stated we would need to open a support request through the device manufacturer to investigate, but of course Netgear's included support is amazingly only for 3 months, which in itself is sad for such an expensive business-focused product (it's not like this thing was cheap).&nbsp;I have played around with every possible setting in the router that I could think of that may be causing it to get hosed up by the scan, but nothing has made any difference.&nbsp; Anyone have any ideas?&nbsp; Thanks in advance.

RaghuHR · Answer

Hi GCCJay&nbsp;
&nbsp;
Could you please download the debug from https://&lt;ip address of Orbi&gt;/debug.htm
Send me link via PM to download.
&nbsp;
Thanks,
Raghu

GCCJay · Answer

Hi Raghu,&nbsp;The debug page won't allow me to save debug logs without first initiating a capture.&nbsp; Do I need to run the Nessus scan again and reproduce the issue while the router is capturing the debug logs?

RaghuHR · Answer

Yes start capture, recreate the issue and then save the debug logs.
&nbsp;
Thanks,
Raghu

GCCJay · Answer

I started the capture and began the Nessus scan.&nbsp; Within 10 minutes the issue was reproduced.&nbsp; The problem now is that when I reproduce the issue, not only is the router completely non-functional from a networking standpoint, the Web UI is not responsive, either over wi-fi or ethernet.&nbsp; So I have no way to save the logs without power cycling the router.&nbsp; Is there a way for the logs to be preserved through a power cycle?&nbsp; Or some other way to get the logs after the router crashes?&nbsp;I should also mention that the issue occurs no matter if the Nessus scanning laptop is connected to the router via wi-fi or ethernet.&nbsp;Thanks for your assistance.

RaghuHR · Answer

Hi GCCJay&nbsp; Could you please let us know which Nessus scan is causing the issue?
&nbsp;
Thanks,
Raghu

Forum Discussion

Nessus Professional Vulnerability scan kills internet connectivity through SXR80

5 Replies

Related Content

KRACK Vulnerabilities

WPA2 - KRACK / Vulnerability

AX4200 RBR750 Vulnerability scan schedule

ReadyNAS 524X vulnerability?

Prosafe Plus Vulnerabilities

NETGEAR Academy

ProSupport for Business