NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RAX120 Firmware Version 1.0.1.108
New Features and Enhancements:
•Supports the Tx Beamforming option under Advanced > Wireless Settings to improve legacy wireless client support.
Bug Fixes:
•Wireless disconnection when WiFi password authentication failed.
•Internet and Wireless menu links under the Basic tab do not work properly.
•The attached device list in the Nighthawk app does not display any devices.
•Fixes minor web UI issues.
https://community.netgear.com/t5/forums/postpage/board-id/en-home-routers-nighthawk-wifi-ax6
36 Replies
Any issues with the new firmware?
Yes, I had the RAX120 with 1.0.1.108 freeze up on me when attempting to connect via wireless with my MacBook 15". I powered off, turned off AX and connected back ok. Was working all day without issue up until that point. All devices lost connection when I attempted with the laptop. Never had any issues like that previously.
After flashing 1.0.1.108 I did a hard reset before I started using it this morning. AX was on and OFDMA was on for 5GHz network that the laptop was connecting to.
- Just done this update all WiFi showing products online but nothing is connecting and no internet in the house
- Just done this update all WiFi showing products online but nothing is connecting and no internet in the house
Just shows off line have I missed something- Please see this pic hope this can help
Daveblade93 wrote:
Please see this pic hope this can helpDid you do hard reset after FW update?
Since the update is anyone seeing a flood of SYN/ACK DoS attacks from 148.251.48.231?
I have had hundreds atarting last week, pretty much when the firmware was released and I updated. According to my ISP its something the router is calling out for, or its a vulnerabilty in the new firmware. That seems a bit dramatic but then again this amount of scans is not fun and its a cut down version.
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Monday, December 02, 2019 12:52:34
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Monday, December 02, 2019 12:52:25
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Monday, December 02, 2019 12:52:16
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Monday, December 02, 2019 12:51:37
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Monday, December 02, 2019 12:51:28
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Monday, December
01, 2019 21:59:43
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 21:27:47
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 21:14:36
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 21:01:22
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 20:55:03
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 20:49:09
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 20:03:35
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 20:03:23
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 19:58:15
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 19:44:19
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 19:22:53
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 19:03:47
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 18:52:41
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 18:41:47
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 18:11:48
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 17:53:48
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 17:37:44
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 17:00:48
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 16:42:37
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 16:37:45
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 15:51:01
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 15:27:52
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 13:55:31
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 13:52:55
[DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Sunday, December 01, 2019 13:41:14- I personally disable the DDoS Protection option, quite often I’ve seen legitimate servers being falsely detected for DDoS ie, Amazon AWS, Apple, Google and many others. In fact some have had issues with this on previous NG models where disabling that feature allowed certain apps/sites to work properly.
Hello avtella while I totally agree about Netgear logs this particular site is known for not being a good actor I had a message from a few people pointing to a couple of sites that show Hetzner as being an abusive IP address, and they're going for a really odd port which is 50002 which is generally used for some software I've never heard of which is PPoiP I've had literally hundreds well actually into the thousands now since I've booted the router from that IP even when cold booting with no devices attached or Wi-Fi device is turned on so literally it's just the route of sitting there and it starts almost instantly the router boots ieven before it gets the time from the NTP server it starts getting attacked, there is another conversation on these forums with people with Orbi devices RBK50s I think which are having similar issues.
It's just odd that they're both had recent firmware updates for these routers and they're both Qualcomm devices also it's happening in America the UK Australia all over the world tbh and something just doesn't feel right if that makes sense about this, and my ISP said they think it's the router calling for something from this IP or there is possibly a security issue that people are not aware of, I don't see it being the latter because the router is stopping it but it is odd that it just started with the update, of course that could just be coincidence. If you do happen to see logs from this particular IP and believe me they I have as I said have thousands within 24 hours I've never seen so many I'm wondering if it's something in the latest firmware, or of course someone could've see accessed one of the servers at Hetzner and are just being a bad actor.
https://www.abuseipdb.com/check/148.251.48.231
- I'm getting the same issues with the ddos attacks. Mine are non-stop. This has been going on for just over a month now. I'm about ready to take this back and go back with a Asus Tri-Band router that I had before this. This rax120 is a total mess!
I don't see any dos entries in my recent logs, but I'm watching now.
- I'm constantly getting hit with ddos attacks on my router. It's getting to where it's not worth keeping anymore. We'll need another firmware update or another patch fix asap. This has been going on for just over a month now.
