I have two WAC124 access points both in AP mode on my network. The other evening I was unable to login to either of them and this is still the case. I got the invalid token error when trying to login and when I do enter my Netgear login details the browser returns a failure to connect error. I’ve power cycled both APs with no success, I don’t have 2FA setup on my account either. This is quite annoying as I am now unable to make any changes.
So Netgear's SSO is broken, at least for the WAC124. So the trick is how to acess the web GUI after Netgear broke it. You can still access after disabling the WAN connection, but then how to use the AP? Well, firewall it.
We used a Cisco Meraki MX to firewall the WAC124 and prevent it from accessing the internet. Just the WAC124, all devices connected to it still have internet access. So the WAC124 is prevented from accessing the internet and thus the end user is presented with the local login.
There you go, kick that personal-info-scraping SSO to the curb! Get your WAC124 back without paying support money to Netgear.
Bypassing SSO on the WAC124 requires disabling the OS access to the WAN. This can be done by disconnecting the WAN port or by blocking the device on the netwrok via firewall.
