× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
× Introducing the new Orbi 770 Series Mesh System. To learn more click here.
Nighthawk M6 Pro Unlocked Hotspot 5G mmWave
Reply

Nighthawk M2 guests are isolated on different bands

addyp95
Guide

Nighthawk M2 guests are isolated on different bands

Hi there. I've got the Australian version of the M2 (telstra nighthawk m2) with the latest firmware and I've noticed hosts are isolated without any setting to configure this. My use case is that I have some devices on the 2ghz network, some on the 5ghz, and one on the gigabit port. I've noticed that these clients cannot talk to each other if they're on a different band (or wired-to-wireless and vice versa), so essentially the access points are isolated as far as I can tell.

 

This is quite annoying, as I prefer to use 5ghz for everything but I have some older devices that only have 2.4g hardware in them, and to talk to those devices I have to switch my computer over to the AP that they're on.

 

What's weirder is I've noticed I can ping these hosts, as they are on the same virtual interface, bridge and DHCP pool after all, but I cannot get any TCP ports open on those hosts. I've set up a simple HTTP server on one host on the 2.4ghz network, and I've attempted to curl it from a device on the 5ghz network. You can see from the log below that it can be pinged, and I can make the TCP connection to a HTTP host, but there is no reply.

 

 

$ ping 192.168.1.94     
PING 192.168.1.94 (192.168.1.94): 56 data bytes
64 bytes from 192.168.1.94: icmp_seq=0 ttl=64 time=167.448 ms
64 bytes from 192.168.1.94: icmp_seq=1 ttl=64 time=36.506 ms
64 bytes from 192.168.1.94: icmp_seq=2 ttl=64 time=45.234 ms


$ curl 192.168.1.94 -v  
*   Trying 192.168.1.94:80...
* Connected to 192.168.1.94 (192.168.1.94) port 80 (#0)
> GET / HTTP/1.1
> Host: 192.168.1.94
> User-Agent: curl/7.79.1
> Accept: */*
> 

 

 

My only solution for now has been to put everything on another access point that doesn't isolate hosts and supply it via the Ethernet port on the M2, but this isn't particularly portable or what I'd expect from a premium travel router.

 

I've searched the settings on the device for any hints at an isolation setting but haven't found anything yet. As far as I can tell, this isn't a configuration issue, but a mistake in the bridge settings / routing rules in the firmware.

 

Do these devices still receive bugfixes? is there any chance the engineering team for these could be reached to sort this out?

 

Firmware version is NTGX24_10.19.03.00

 

Thanks!

Message 1 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey Addyp95,

 

I have exactly the same issue but across multiple devices and different models.

 

We have M1, M2 and M6 models and we have confirmed this is an issue on the M2 and the M6 models.

 

Did you end up finding a fix for this? Did Netgear support reach out?

 

Thanks.

Message 2 of 43
addyp95
Guide

Re: Nighthawk M2 guests are isolated on different bands

No @Karl-Man2, they never responded or reached out, and I gave up waiting. I've simply stopped using the joke of a device, and wish I had of known before the return period expired. 

 

No idea how to get this to ping the developers or support staff either. 

Message 3 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Ok thanks for letting me know. This is such a weird thing to have inplace an not be able to remove via settings!

I'm going to try and open a support case with Netgear via Telstra and see if i can get an answer as we have multiple devices with this issue. Will let you know how i go.

Message 4 of 43
JohnPeng
NETGEAR Expert

Re: Nighthawk M2 guests are isolated on different bands

In our internal testing, this is working as expected. You need to disable firewalls on all the clients so that they are see each other.

 

Please give it a try and let me know if you still have issues.

 

Thanks

Message 5 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

Thanks for the prompt reply.

 

Can you confirm what firmware versions you tested this on the M2 and M6 so we can be sure we are on the same level? These are primarily all Telstra Firmware devices at our end.

 

Also with you regard to a firewall issue, the device we are trying to connect to doesn't have a firewall as its a Brother Multifunction Printer.

 

This is what best describes the issues we are seeing:

 

Netgear modem > Brother printer.

Connecting the printer via ethernet to the modem, will allow a laptop to print, only when its connected on the 5ghz network. If the laptop is connected to the 2.4ghz network, it cannot print. It can ping the printer, however accessing the gui or using the brother software for remote access will time out.

Connecting the printer via wifi using the 2.4ghz, will allow a laptop to print, only when connected on the 2.4ghz network. If the laptop is connected to the 5ghz network, it cannot print. It can ping the printer, however accessing the gui or using the brother software for remote access it will time out.

Adjusting the channel, wifi range, dhcp, static ip and any other network related settings does not change this situation.

 

Can you confirm you have tried these steps? Is there setting we can switch off for client isolation?

 

Looking forward to your response.

Message 6 of 43
addyp95
Guide

Re: Nighthawk M2 guests are isolated on different bands

Hi John, 

I can assure you this is not a client firewall issue. My day job is in devops, so please have some trust this has been correctly diagnosed and that I'm not just failing to turn off a firewall.  

 

The fault is that at the very least, in this firmware version, on the Telstra branded devices, clients are isolated by interface.

This means

* USB

* Ethernet

* Wifi 2G

* Wifi 5G

are four seperate isolated interfaces, which share a DHCP range, but the kernel of the netgear device is not routing these packets from one interface to the other.

 

If you read my original post, you'll see that a server is open to connections, and can be reached by a client on the same interface, but as soon as the client is moved to another interface, it cannot open that connection anymore.

 

I'd really appreciate if you could share with us what devices you used for your testing, and if you actually got a response to work across interfaces, not just on the same interface

 

Kind regards

Message 7 of 43
addyp95
Guide

Re: Nighthawk M2 guests are isolated on different bands

If this device is based on a linux distribution (and not something else), I can almost guarantee this is a lack of a `-RELATED` rule in iptables. Connections are established, but replies are not forwarded to the appropriate interface

Message 8 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

Did you see my reply to your post last month? Can you confirm this isn't an issue on non-Telstra branded M2 and M5 Nighthawks? As i have only tested on Telstra branded ones.

 

Thanks.

Message 9 of 43
JohnPeng
NETGEAR Expert

Re: Nighthawk M2 guests are isolated on different bands


@Karl-Man2 wrote:

Hey John,

 

Did you see my reply to your post last month? Can you confirm this isn't an issue on non-Telstra branded M2 and M5 Nighthawks? As i have only tested on Telstra branded ones.

 

Thanks.


Let me check with our test team on the test setup. As I understood, we confirmed that PING is working between the 2 interfaces, such as 2 WiFi clients on 2.4G and 5Ghz WiFi can PING each other, etc.

 

Thanks

Message 10 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

As per my original post, PING works between the different bands/networks, its HTTP/HTTPS and everything else that doesn't.

 

See below:

 

"Netgear modem > Brother printer.

Connecting the printer via ethernet to the modem, will allow a laptop to print, only when its connected on the 5ghz network. If the laptop is connected to the 2.4ghz network, it cannot print. It can ping the printer, however accessing the gui or using the brother software for remote access will time out.

Connecting the printer via wifi using the 2.4ghz, will allow a laptop to print, only when connected on the 2.4ghz network. If the laptop is connected to the 5ghz network, it cannot print. It can ping the printer, however accessing the gui or using the brother software for remote access it will time out.

Adjusting the channel, wifi range, dhcp, static ip and any other network related settings does not change this situation.

Message 11 of 43
addyp95
Guide

Re: Nighthawk M2 guests are isolated on different bands

Hi John, 

 

As Karl and I have mentioned before, PING packets (ICMP packets) will work, but TCP and UDP packets will not. This is why you can make a ping, but not connect to a device in a meaningful way. 

 

There will be a kernel / software bridge for these interfaces, and only ICMP packets (such as PING packets) will be successfully routed on the models Karl and I have mentioned. 

 

Could you please inform the engineers or the people testing this out, that a PING packet will not show the problem, they will need to try and access some sort of service (HTTP, SAMBA, RDP, anything really, other than a PING) to show the issue with these netgear devices. 

 

Cheers,

 

Message 12 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

Have you heard back from the test team to confirm if they have been able to test this with a Nighthawk that has the latest Telstra firmware installed?

 

Thanks.

Message 13 of 43
JohnPeng
NETGEAR Expert

Re: Nighthawk M2 guests are isolated on different bands


@Karl-Man2 wrote:

Hey John,

 

Have you heard back from the test team to confirm if they have been able to test this with a Nighthawk that has the latest Telstra firmware installed?

 

Thanks.


Yes. Confirmed this is the limitation of the device. 

 

Thanks

 

Message 14 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

So are you stating this limitation is the same on non-Telstra branded Nighthawks or only Telstra branded ones? Can this to fixed with a firmware update as this makes the device very difficult to use when this should be a standard feature?

 

Thanks.

Message 15 of 43
addyp95
Guide

Re: Nighthawk M2 guests are isolated on different bands

Really wish this was more clear from the start. Way, way too long to return the modem router that fails at being a router now. 

Message 16 of 43
JohnPeng
NETGEAR Expert

Re: Nighthawk M2 guests are isolated on different bands


@Karl-Man2 wrote:

Hey John,

 

So are you stating this limitation is the same on non-Telstra branded Nighthawks or only Telstra branded ones? Can this to fixed with a firmware update as this makes the device very difficult to use when this should be a standard feature?

 

Thanks.


Yes. This is how M2 works for all the SKUs. It is not just for Telstra SKU.

 

I think this limitation can be easily worked around now with a WiFi router connected via M2 ethernet port. The fixed WiFi router is more capable on doing this.

 

Thanks

 

Message 17 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

So this is also a limitation on the latest M6 5G model (which we have tested) and won't be fixed via a firmware upgrade? If so, why not?

 

This functionality should be standard for a mobile router that costs over $800 RRP

 

Regards.

Message 18 of 43
JohnPeng
NETGEAR Expert

Re: Nighthawk M2 guests are isolated on different bands


@Karl-Man2 wrote:

Hey John,

 

So this is also a limitation on the latest M6 5G model (which we have tested) and won't be fixed via a firmware upgrade? If so, why not?

 

This functionality should be standard for a mobile router that costs over $800 RRP

 

Regards.


I will raise the issue internal for all M6 SKUs. Hope the limitation can be resolved on M6 soon.

 

Thanks

 

Message 19 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

That would be great if possible but you have confirmed with the internal team that this 100% can't be resolved on the M2 SKU's?

 

Regards.

Message 20 of 43
JohnPeng
NETGEAR Expert

Re: Nighthawk M2 guests are isolated on different bands


@Karl-Man2 wrote:

Hey John,

 

That would be great if possible but you have confirmed with the internal team that this 100% can't be resolved on the M2 SKU's?

 

Regards.


I can't comment on M2 now since the product has been EOL now. But definitely, will look into the feature support on M6.

 

Thanks

John

Message 21 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Ok great thanks. How soon do you expect a response?

Message 22 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Hey John,

 

How soon do you expect this feature to be added and available via a firmware update? We are keen to test this before we purchase any more M6's. We have about 30 odd sites that will need to upgrade soon.

 

Thanks.

Message 23 of 43
LM1912
Aspirant

Re: Nighthawk M2 guests are isolated on different bands

Struggling with the same issue here.  100's of the M2 devices....

 

Typical setup for us is a printer on the ethernet and a handful of end user laptops on Wi-Fi (2.4Ghz)...

 

Strange thing is its works without issue at times... we can have a device working fine then come in the next morning and it refuses to print. Can still ping the printer just not http connectivity.

 

Sometimes just switching the M2 Wi-Fi config between 2.4Ghz/5Ghz and 2.4Ghz only and restarting it is good enough to fix the issue.

 

The other thing I've noticed is that if you restart the M2 you do get http connectivity between ethernet and 2.4Ghz interface for about 10-20 seconds before its locked down.

 

 

Message 24 of 43
Karl-Man2
Tutor

Re: Nighthawk M2 guests are isolated on different bands

Well according to Netgear, the M2 is no longer supported but they should have this fixed with the M6. I'm awaiting an update from JohnPeng on this forum to see when this will be available for testing. 

Message 25 of 43
Discussion stats
  • 42 replies
  • 6925 views
  • 2 kudos
  • 6 in conversation
Announcements

Orbi 770 Series