EX7000 | Firmware Upgrade EX7000-V1.0.1.78 | Failure to connect to internet

---

JayGi wrote:

I've configured my device to extend a 5GHz network not broadcasting SSID. 

---

Security by obscurity 8-)

And even worse, now all your WiFi STA (clients) will send out and try all network names stored attempting to get a connection. A bad idea, influenced by the WiFi war driving times decade(s) ago.

JayGi wrote:

Manually input SSID, configured to use FastLane:
Modem<-5GHz->EX7000<-2.4GHz->Devices

The 2.4GHz channel had a different SSID, same password. Static IP for the EX7000 on the 5GHz network.

I could intermittently connect to the EX7000 with a cable and get internet - but it failed after a couple minutes. Hasn't happened to me before, and based on the fact that an identical user configuration works on the previous firmware, I want to say this is a firmware bug.

Yes. Could be caused by the hidden (non-broadcasting) SSID, or by something going wrong in the FastLane mode. While my EX7000 set-ups in AP mode (wired uplink) are luckily running, we discovered that some of the new features like Smart Connect with 802.11k might or might not yet be ready for this mode (it asks to connect to the same wireless by wireless, ignoring it's configured to be an AP).

JayGi wrote:

 

Not to mention the installation process was redirecting me all over the place, including to www.msftconnecttest.com? WTH is that all about?

Welcome to the world of captive portals - that's a part of Microsoft Windows captive portal detection process. Netgear does announce a captive portal, which does pop-up a dedicated browser window, and override any URL the user might have configured as a default - to ensue the user is guided to the right point. 

JayGi wrote:

Why does a network appliance have a non-encrypted web interface? Or at least have the setup interface run over https, so that users aren't transmitting their network credentials in the clear?

Because it's not designed for it for example. Implementing https properly does require much more code, so much more Flash storage, plus some additional processing resources. And as you are security a geek, a correct https session can't be established without checking the certificate validity - what requires an Internet access, which is not available during the initial set-up.

JayGi wrote:

Why does it come out of the box with an open, unencrypted Network SSID? Would it have been too difficult to configure it to have a protected wifi, and put the default factory password on a tab on the device?

Because of the extenders come out of the factory and the box without a randomized network name and a random generated network key - plus no serialisation of the (protected) default config. And then does Netgear manufacture wireless extenders in very small enclosures, with almost unreadable labels without glasses or the help of a mobile phone camera - so changing this would require various things. However, this won't change all the units in the field and on the shelves. And changing is not Netgear's strongest capability. Yes, thier routers on the other hand have it all for several years.

Last but not least, once there is a WPA2-PSK protected wireless connection, you can change the security information - not many people will have the ability to get into this protected session, or tap your wired/switched LAN, or the router..