NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Public IP assigned to Ethernet Ports
Hi Folks,
An employee has an R7800 router which, when a device is plugged into the 4 ethernet ports on the router, it is assigned a public IP address. Joining to the WIfi Network on the device gets assigned the usual 192.168.1.xxx IP.
The /debug.html site does NOT hvae the "WAN Port Mirror on LAN port1" checked.
Moving the cable to port 2 does not change the behavior.
Device does not show up in connected devices list.
This is a bit of a security issue as it is clear the device is getting brute forced from the public web.
I saw one other person (j894) discussing this here: https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R7800-Ethernet-port-gets-assigned-Public-IP-at-random-PC-is/td-p/1721730 but there was never a resolution.
Any thoughts on the reason? A firmware update is due. But before I send him down that road, anyone ever seen this?
-S
3 Replies
> An employee has an R7800 router [...]
I've never touched one, so I know nothing, but...
History? New installation? Behavior change in a previously working
installation?> [...] when a device is plugged into the 4 ethernet ports on the
> router, it is assigned a public IP address. [...]
Which sort of "a device"? Is it using DHCP? Is there a record of
which DHCP server granted that address? I wouldn't expect DHCP
(broadcast) requests to get through to the WAN/Internet interface on the
thing, if NAT is enabled. And I don't see a "NAT (Network Address
Translation) Enable/Disable" option in the R7800 User Manual (BASIC >
Internet).What about two devices?
There are some other options which might bypass NAT, however:
ADVANCED > Advanced Setup > VLAN/Bridge Settings.
> This is a bit of a security issue [...]More than "a bit", I'd say.
Knowing what I do, I'd start with a settings reset, and manual
(minimal) reconfiguration.> [...] A firmware update is due. [...]
As always, an actual version number would be more useful than your
opinion of what's "due" today. But different firmware would be an
interesting second experiment.Somebody has played with the router VLAN config, reads like one or more ethernet LAN ports are bridged.
What firmware version is it running when experiencing this issue?
In my case, I haven't experienced this issue in a while(that I know of) since probably sometime in mid 2019 when I was on the firmware version listed in those threads. I've been keeping up with the many firmware updates that have been released and am currently on the latest (V1.0.2.82). Not necessarily suggesting they fixed the issue, but just observing.
I'm in a way convinced there is or was some type of zero-day vuln on this unit that was possible and causing this issue given the frequency and timing. Though I have no prood of such. If I recall correctly I only had this issue on LAN port 1 and not the others so I've stopped using that port and still continue to monitor for the DHCP errors in the windows event log. I was going to reach out to Netgear about the issue but I had the router for over a year at that point and only have 90 days of technical support included.I didn't see any other way to report the issue. Wasn't really interested in spending more money on support just to report the problem and probabaly not get anywhere with it. I'd rather just buy another router if this issues crops up again, given some of the other security and non security design problems I've observed with this router. Don't think it's going to be a netgear...
