NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
v7.2.7.15 Firmware on RBR 850. Can someone run GRC.com Shields Up
Can you please run Grc.com’s shields up and let me know if you can get full stealth?
https://www.grc.com/x/ne.dll?bh0bkyd2
This is the best I can get.
I am running Armor. Is that causing ports to appear closed?
23 Replies
Is this with nothing else connected to the RBR850 accept for one wired PC and Armor diabled with a single broswer opening to only the GRC web page?
It’s with 50 or so items on the guest network.. and 10 or so on the primary WiFi.
I also have two RBS 850s connected.
I do have a host that is also hardwired.
I do have armor enabled, it didn’t change much if I disabled it.
The url was opened on an iPad on the primary WiFi
To get a most accurate result from GRC, you can't have anything else connected as those devices can induce connections of there own and either open or cause ports to be seen by GRC to be incorrectly tested. Why only tesing with one ethernet connected PC and one web browser opened to GRC can test the router out correctly.
I also have this on RBK850
Firmware Version
V7.2.7.15_5.1.16I posted back in April and still no changes:
v7.2.7.15 Firmware on RBR 850. Can someone run GRC.com Shields Up | NETGEAR CommunitiesSame issue/same firmware for me (noticed on 06/29/2025) after installing new cable modem CM3000 (with Xfinity service) in front of RBR850. Not sure yet if this is an Xfinity change at the carrier end / new modem, or router firmware. Still troubleshooting. (...regarding yoiur post...I'm faily certain I have ran GRC Shields UP without issue several times since April ~ your original post date).
I too am on Xfinity but with the CGM4981COM modem in bridge mode in front of the RBR850.
I know it ran clean before and didn’t have to remove satellites and only use a hardwired host.
something changed
So I go a bit of information back regarding this. Seems that this is expected behavior seen at the port test site. Since Protection Engine seems to be a hidden feature in Orbi FW, this is actively preventing nefarious scans from intruding into the system. Thus will change the port behavior from stealth to close. Seems that protection engine identifies the port scan behavior as potentially risky and rejects the traffic to prevent possible attacks from internet from RST packets.
I happend to test this out on a Nighthawk router that has this feature and is user changeable to enable or disable PE. With PE enabled ports showed as closed and thus the test fails. Disabling PE, the port all then showed as stealth and the test passes.
Unfortunately there is no user changeable item on Orbi AX/AXE and BE systems to disable PE and I presume form NG intentions, means to leave this running the background as a added security layer for there systems. Older Orbi AC systems never imployed PE so those will report all stealth and thus will pass at GRC.
So Orbi AX/AXE and BE users will just need to be aware of this feature and the results seen with the port test site at GRC. This systems are safe and working as intended from what I understand.
Odd. I tested today and it’s all stealth.
But unsolicited packets failed. A complete 180 from before.
Please show the results...
Two days in a row. This time true stealth. I tried to upload the screen shot last night and this morning and it just says that the media is uploading for extended periods of time.
> So I go a bit of information back regarding this. Seems that this is expected behavior seen at the port test site.
Sorry about that, ya, Forum software has a bug that NG is hoping to get fixed. Copy and pasting pictures isn't working right now.
Copy and paste the text summary.
What FW version are you using?
It basically is all green (full stealth) and it says it passed. This is on the 850s with firmware 7.2.8.5_5.1.21
Good to hear then. Seems like my passing and pressing on this with NG may have had some results.
Protection engine was intro'd on BE systems at one point. Saw similar issues with bad testing results. Finally they have been working on changing the test results behaviors.
I tested my 960 series last month on my 960 series with this same version of FW which resulted in this:
----------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2025-12-06 at 21:53:00
Results from scan of ports: 0-1055
2 Ports Open
72 Ports Closed
982 Ports Stealth
---------------------
1056 Ports Tested Ports found to be OPEN were:
80, 443
Ports found to be CLOSED were:
34, 35, 36, 37, 38, 39, 64, 94, 95, 149, 150, 151, 182, 183, 184, 242, 243, 244, 269, 270, 271, 332, 333, 334, 359, 360, 361, 418, 419, 420, 448, 478, 479, 508, 509, 510, 569, 570, 571, 597, 598, 599, 655, 656, 657, 683, 684, 685, 742, 743, 744, 770, 771, 772, 832, 833, 834, 892, 893, 894, 953, 954, 955, 985, 986, 987, 1027, 1028, 1029, 1043, 1044, 1045
Other than what is listed above, all ports are STEALTH.
TruStealth: FAILED
- NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
----------------------------------------------------------------------
You don't happend to see anything regarding Protection Engine on the routers web page under Advanced Tab/Left window information box? Or maybe something under Advanced Tab/Security?
You may see Guster on the RBRs debug page?
Makes me wonder if NG is doing something behind the scenes to make changes on this...
Now this is after a complete reset, restored backed, and added satellites back on (two of them). That was my last ditch effort before moving on to another platform. The fresh install might have gave it some more life. I did the restore on Wednesday night and it's Friday morning.
I don't see anything anywhere saying Protection Engine. I can check the debug page if you give me a path.
Router ip address/debug.htm
Found the debug
Basic Information
Firmware Version: V7.2.8.5_5.1.21
Boot Loader Version: V1.0.13
seal: v2.1.10.12-0
armor-bd: v2.2.214.4
spc-circle: v3.32.0.4
guster: v1.0.0.2049
CPU Load: 22.08%
Memory Usage(Used/Total): 390 MB/874 MB
System Uptime: 1 days 12:01:35
Server Information
Router Analytics: PROD
CHP Cloud: PROD
XCloud: PROD
BD Cloud:
Circle Cloud: N/A
AnalyticOptinOptout: Enable
