NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RS500 — Nighthawk BE12000 WiFi 7 Tri-Band Router Protection Engine Problems
Hi,
Unfortunately, I'm 2 weeks past the measly 90 days of support for my RS500 - Nighthawk BE12000 router, so I'm posting here instead, trying to prompt Netgear to actually create firmware that works reliably.
So, the current problem: It keeps dropping connections on both of our new iPhones, Ting sensor, Roomba, a Dell laptop, and an iPad Pro, in addition to most of our SmartHome devices at one time or another. Most of the time, it's an authentication problem, even though I know the password is correct. Unfortunately, several devices don't say the exact cause of the problem. When this happens, it's impossible to reconnect the devices to the WiFi without rebooting the router, and even then, it's still iffy. The 3 Ethernet connections being used don't seem to have a problem. We have fiber cable to the modem, and the connection between that and the router is using the cable that came with the router. Can't blame anything on the connections.
Here's the information regarding my router:
Hardware Version - RS500
Firmware Version - V1.0.5.12
GUI Language Version - V1.0.0.454
Protection Engine Version - 2.2.214.4/1.0.0.2124
Operation Mode - Router
CPU Load - CPU1: 10.89% CPU2: 11.11% CPU3: 9.00% CPU4: 16.16%
Memory Usage (Used/Total) - 633MB/2018MB
Flash Usage (Used/Total) - 430MB/512MB
System Uptime - 04:59:59
LAN Port - MAC Address - xx:xx:xx:xx:xx:xx
IP Address - xxx.xxx.xxx.xxx
DHCP Server - On
IP Subnet Mask - 255.255.255.0
DHCP Lease Time - 24 Hours
I tried turning off the 6 GHz radio, but that didn't help.
Next, I changed Security from WPA2-Personal(AES) + WPA3-Personal to WPA2-Personal(AES) on both the 2.4 GHz and the 5 GHz networks. That didn't help either.
In researching on the Internet, I read that a LOT of people have the exact same problems that I'm having, and the Protection Engine is the most likely culprit. I disabled it, and all of a sudden, everything is working as expected. After the first 24 hours, I re-enabled WPA2-Personal(AES) + WPA3-Personal security on both the 2.4 GHZ and 5 GHz networks. Still no problems. A day later, I re-enabled the 6 GHz network, and everything is still working OK.
Therefore, using a bit of deductive reasoning, I have concluded that the Netgear Protection Engine is not working properly. I do NOT want to leave this feature disabled for security reasons and I paid for it and expect it to work, but we need to have fast, RELIABLE, WiFi available throughout our home at all times. Unfortunately, this Netgear product is NOT providing reliable WiFi connections when the Protection Engine is enabled.
This is just the latest issue. Originally, when I purchased this router, it upgraded itself to firmware v.1.0.1.90. Using the web based interface, I immediately noticed that NO Devices showed up on the Devices page. After spending over 20 hours working with Netgear to find a solution, I tried downgrading to v.1.0.1.74. Netgear did absolutely NOTHING to troubleshoot this problem, and I did it all on my own. They had me try all sorts of BS things even though they could have easily duplicated the problem themselves. I told them what I found regarding the firmware downgrade, but they didn't seem to care. Netgear eventually wanted my configuration file. NOT!!! It contains information regarding our entire network including the router password. They closed the case without a resolution.
So, v.1.0.1.74 is humming along just fine for a while, and then all of a sudden, the WAN uplink speed was only 100 Mbps, confirmed by my Internet provider. Not even close to acceptable!! Turns out that Netgear new about it, and already had a fix via v.1.0.5.12. I installed it, and it appeared to work fine for a while, and then all of a sudden, devices kept disconnecting and wouldn't reconnect. That's the latest issue, as described above.
Can Netgear ever make a firmware version that doesn't have bugs in its basic functionality!?!?! I've never seen such a POS router before in my life!! The hardware may be good, but the firmware totally sucks! In less than 3 months, I've had 3 different firmware versions, and all 3 had a different problem that affected its usefulness. I used to use LinkSys routers, and they always just worked without any issues; ever. Why can't Netgear do the same??
So, does anyone have any useful suggestions other than hoping Netgear creates a new firmware version that accidentally fixes this problem and doesn't create a totally new problem? Maybe a version that actually works this time? Perhaps I should sell this overly priced Netgear paperweight really cheap and use the money to buy a new TP-Link router that actually works as expected!
Thanks!!
17 Replies
What is the Mfr and model# of the Internet Service Providers modem/ONT the NG router is connected too?
Be sure your using a good quality LAN cable between the modem and router. CAT6A STP is recommended.Currently it's recommended to disable Protection Engine.
Also is IPv6 enabled, if so, disable it as well.
What channels are you using on the RS router? Please try 1 and 40.
Be sure to disable any MAC Address randomizers on phones and pads while at home:
NETGEAR Mobile Applications and Android/Apple/Windows Devices FAQ | NETGEAR CommunitiesHas a factory reset and setup from scratch been performed since last FW update? A complete pull of the power adapters for a period of time after the factory reset then walk thru the setup wizard and setup from scratch with a wired PC and web browser. https://kb.netgear.com/22697/How-do-I-install-my-NETGEAR-router-using-the-router-web-interface
Recommend setting the default DHCP IP address pool range to the following after applying and a factory reset: 192.168.#.100 to 192.168.#.200.
https://kb.netgear.com/24089/How-do-I-specify-the-pool-of-IP-addresses-assigned-by-my-Nighthawk-routerHi,
Thanks for your response!
Who is officially recommending the Protection Engine be turned off? It's it's Netgear, then they KNOW there's an issue with their code and should fix it. The Protection Engine doesn't protect anything when it's disabled, and causes security concerns for everyone who has it disabled. My old router was probably more secure than this one is with the Protection Engine disabled. At least there was something there, even if it was outdated!
It's a ZHONE ONT, but it's not the WAN side having the problem; it's the LAN side on WiFi that's having issues. The WAN uplink fix was in firmware v.1.0.5.12, and that's still working OK.
The link between the modem and router was the cable supplied by Netgear, so we can assume it was the appropriate type of cable. There are no markings that I can see on the cable to determine specifications. When I had the WAN problem, I tried a different CAT6 cable, and it still had the problem.
I'm using channel 11 on the 2.4 GHz WiFi, and all the rest are set to Auto to allow the router to choose the best channel to avoid local interference with others in the neighborhood.
None of our devices are using random MAC addresses. Even if they were, they only randomize when they connect to a different WiFi network.
Since setting up the router, I have not done a factory reset on it since it took me hours of work putting Device Names on the 30+ devices connected to the router, and I wasn't about to go through all of that trouble again since my configuration is a bit more complicated than the typical user's is.
IPV6 is disabled since it doesn't perform as well as expected due to the translation to IPV4.
I don't recall what the default IP address pool was, but I set mine to be something of my own choosing.
We've already past this onto NG and are aware of it. All in there hands.
Actually PE is having an oppostie effect, please review:
Protection Engine and Stealth ports | NETGEAR Communities
TCP SYN Flooding on RAX54v2 Router, Please help! | NETGEAR Communities
Which we have also passed on to NG as well for review.
Considering all that, you can keep it enabled if you want too. Will need to be patient while NG works on this. No idea when that will be. I have been using my RS router with it disabled and it's been working fine for me.
Please try manual channels 11 and 40.
When doing a factory reset, it's not necessary to input or reconnect devices or manually connect devices, if you use same SSID name and password as before, then all of your wifi devices will auto reconnect.
Also be sure to save off a backup configuration to file as well. Saves time if a FR is needed.
If I disable the Protection Engine, most of the things in our home disconnect eventually and don't reconnect, so that's not acceptable since we have a SmartHome, and there's a home business also ran from our home that relies on the Internet to be working.
A reset loses all of the Devices I have defined by name, so that's a non-starter for me.
Changing channels will not affect how devices connect to WiFi, so is a waste of time.
Apparently I can't edit a previous post of mine. In my previous post, instead of "disable", it should read "enable" instead. Sorry for the dumb typo.
When the Protection Engine is ENABLED, things in our home disconnect and fail to reconnect even when using the correct password, although it says password invalid.
PE being disabled, and then doing a reboot or two works just fine, and all WAN ports are STEALTH, so that's a lot better than what PE does when it's enabled.
Ok on the typo. Happens. Thanks for clairifying.
Yes, what I see with my RS600, PE diabled, Stealth ports are seen across the board.
I've already pass this on to NG and they will be looking into it.
Factory reset and setup from scratch, if you use the same SSID name and password for the wifi settings, your devices will re-connect with out having to do anything to them.Changing channels can effect how some some wifi devices connect to a router. Noise and internferences from other wifi router sources can be a cause so changing channels can help to avoid this.
Hi Furry,
Thanks for your response. Old fingers don't always keep up with the brain. LOL!!
I also mentioned to MG about the stealth ports in response to a DM I received from them. They apparently didn't actually read much of anything I had to say since they didn't bother to respond to a single question I had.
I prefer not to use the same SSID on all the bands since quite a few of my devices run on the 2.4 GHz network, and seem to have problems when that and the 5.0 GHz network are the same name. Not to mention, sometimes I prefer the stronger signal of 2.4 GHz network compared to the faster speed of the 5.0 GHz network. It all depends on the device I'm connecting. Different networks work better for some devices than others. Not to mention, some won't even connect to the network unless you first put your phone on the appropriate network (usually 2.4 GHz) during setup of the device. Been there, done that.
We have over 30 devices connected to our WiFi, and all have varying needs. Unfortunately, not having all of the bands using the same SSID also means that things like the new iPhone 17 can't use "Wifi 7" to it's full advantage. Basically useless! And strangely enough, the 5.0 GHz network is actually faster than the 6.0 GHz network on our iPhones, especially on upload speeds. What's wrong with that picture?
I was referring to when you look at the connected Devices using the web interface, I have specifically named each of our devices, so a factory reset WILL lose all of the device names. I know that changing routers (or doing a factory reset) and using the same SSID as the previous router will allow all devices to reconnect to the new router without having to manually reconnect them. Been there, done that as well. I'm old, so I've gone through quite a few routers in my time. LOL!! This Netgear router has definitely been more of a PITA than all of the rest of them put together!!! And I had such high hopes that this router would be outstanding for money I paid for it. I was WRONG! I wonder what NG will mess up in the next firmware update. So far, 3 different firmware versions, and 3 totally different problems.
HI Furry,
Sorry, once again, fingers. That should be "NG". They need to put an edit option on these things so the poster can go back and modify/fix things.
I always keep configuration files, and use them when necessary, and know they will restore all of the setting including the Device Names. When Netgear asks you to do a factory reset, they do NOT want you to restore the settings from your configuration file. I guess they're thinking that you've probably screwed something up configuring the device, and maybe you won't do it the next time. I don't know what good a factory reset could be other than that.
I guess you must be referring to being able to see what channel/band that you iPhone is connected to. That would be nice for people who don't give each channel it's own name. Even using my Alexa app, I can tell what channel Alexa devices are on and also the signal strength, which is really handy.
From what I've read, MLO is supposed to work, but only includes the 2.4 GHz and 5.0 GHz bands, but I sure can't find an option to enable it. That IS part of the WiFi 7 protocol. WTH!?!?! Netgear selling some in a product when it doesn't actually exists?
Ya you have a short time frame to edit posts from the dots in the post.
You can re-load from configuration files. One Reason to not load from back up, back up may introduce the problem. So FR from scratch and test 1st to see if the problems continue or not. If not, then you could load from back up.
Ya, Android can tell what there connecting at. Apple, seems to keep this hidden or not make it useable for users.
MLO is not working on RS routers. Seems to be an industry wide problem that all router mfrs are dealing with. NG seems to be holding back until the chipset Mfrs can get there stuff figured out. Not sure what NG will be supporting for MLO when they finally get it enabled. For Orbi MESH, NG is only supporting it on 5 and 6Ghz on there higher model series. The lower model series that just arrived, 2.4 and 5Ghz is being supported on MLO. Though, users are seeing problems there as well with both Apple and Android devices. MLO is an automatic feature so there is no user changable option. Will either work or not based on client side support and handling.
Ya I'm waiting for MLO on my RS600 as well.
HI Furry,
Sorry, once again, fingers. That should be "NG". They need to put an edit option on these things so the poster can go back and modify/fix things.
I always keep configuration files, and use them when necessary, and know they will restore all of the setting including the Device Names. When Netgear asks you to do a factory reset, they do NOT want you to restore the settings from your configuration file. I guess they're thinking that you've probably screwed something up configuring the device, and maybe you won't do it the next time. I don't know what good a factory reset could be other than that.
I guess you must be referring to being able to see what channel/band that you iPhone is connected to. That would be nice for people who don't give each channel it's own name. Even using my Alexa app, I can tell what channel Alexa devices are on and also the signal strength, which is really handy.
From what I've read, MLO is supposed to work, but only includes the 2.4 GHz and 5.0 GHz bands, but I sure can't find an option to enable it. That IS part of the WiFi 7 protocol. WTH!?!?! Netgear selling some in a product when it doesn't actually exists?Hi Furry,
I make a backup of my configuration file. I didn't know that there's a place to save my configuration file AND a backup, nor have I seen anywhere to reload anything other than the backup file of my configuration.
I did notice the the Orbi Mesh appeared to have the capability. So, how is Netgear getting by saying that these are true WiFi 7 routers if they can't do MLO? I thought that was part of the spec for WiFi 7.
I know the iPhone 17 gets pissy when I choose the 6.0 GHz channel saying there's "Limited Compatibility". Not sure why it expects me to change all of my SSID's to be the same in order to work properly on just the 6.0 GHZ channel. Another stupid thing from Apple!!
From what I've seen of Netgear's track record so far, they'll probably never get MLO to work. LOL!!
They need to put an edit option on these things so the poster can go back and modify/fix things.
When I click on the "three dots" on the right side of one of my posts, this appears:
Hi CrimpOn,
I just posted back to Furry, and once the screen refreshed with my post, the 3 dots only gave me
Maybe I'm still too new here to be able to edit my own posts!! Or Netgear is pissed at me. LMAO!! Of course, it's right on par with everything else that has the Netgear name on it... it doesn't work as expected.
You are correct. Not everyone has the option to Edit or Move a post. Using this Happy Cat login, those options do not appear for me.
No clue what would cause Netgear to have the Forum software not allow users to edit their own post.
