Orbi WiFi 7 RBE973
Reply

Re: BR500 Issues and Feedback.

BR500 Issues and Feedback.

Been looking forward to the BR500 release for some time now and finally just procured one through Powershift Eval.

 

First impressions:

DHCP Servers and VLAN setup through Insight got my blood pressure way too high.  No features for setting up IP Address Reservations through Insight either.  Once I passed my self-imposed 72 hour time limit in trying to locate reservation settings and make the VLANs work, I deleted the BR500 from Insight and tried to set it all up locally.  That turned into the next ordeal.

 

Removing the device from Insight, unlike an AP with Business Central, does not factory reset the router.  It also will not allow you to log in using the default username and password.  Many different methods of trying the factory reset button were employed, but on the third try of turning off the power switch, pressing and holding the reset button and powering it up, then holding the button for ~15 seconds did the trick for me.  It wasn't an issue so much of it not looking like it wasn't doing a reset, it was more of an issue of the single PC I had connected to LAN1 not being able to browse to routerlogin.net, 192.168.1.1 or any https version of it.  Setting a static IP address on the NIC didn't help either.

 

Once I was able to sign in, I went to task on setting up the different VLANs, IP Reservations for VLANs/Subnets and a few hours worth manual entry as this goal was to replace an FVS336Gv3 currently in use.  The UI is pretty neat, lots of great tools and realtime monitoring.  It took me about 30 minutes to figure out where everything was for my skeletal setup, but it was efficient.  Of note, when setting up IP Reservations, the BR500 does not remember your preferences of how many devices you want to see on screen at a time.  You will have to change it from 10 as default everytime you add a new reservation to 20, 30 or 40 at max.  Also, by default, it is sorted by order you ORIGINALLY added the reservation, just like previous generation firewalls.  Only benefit is that this one allows you to sort them manually by IP Address, Name, MAC Address, etc. temporarily until you make a move/add/change and then it goes back to default order.

 

MAKE SURE TO BACK UP YOUR SETTINGS!

 

Now, once I was happy with my settings, I swapped out the FVS336Gv3 with the BR500 and watched the responsiveness of my network come to life.

 

So then, here's where I get greedy: I then re-add the BR500 BACK TO INSIGHT to see if my settings stuck and synced to Insight.  Yeah, I got greedy and hopeful.  The BR500 managed to upload some of the data but the reservations were lost in translation and the network and internet came to a screeching halt.  Time to remove it from Insight, put the FVS336Gv3 back in place and start over.

 

Circle back around to the top of this post: rinse, lather, repeat, finally get back in and then restore settings that were backed up!  It will prompt you for your password you originally set up from the GUI before you did your backup.  Enter it and presto, it comes back to life, reboots and is happy as it is IN STANDALONE mode.

 

Looks like Insight needs some more tuning up, but the BR500 is pretty rock-solid for the 12 hours I've had it up and running on its own!

-Mike

Message 1 of 18

Re: BR500 Issues and Feedback.

Also, anyone in the community have any idea on when the firmware that allows for secondary WAN connectivity will be released?  I heard by end of 2018, but also heard after the New Year.  It was one of the main reasons I invested into it so I could learn it and provide it to my clients since there are tons of internet issues in this area.  Pair it with an LB1120 in failover mode and boom, no more outages....

 

My LB1120 is scheduled for delivery today.

 

Now about that firmware....?

Message 2 of 18
LegitUser
Aspirant

Re: BR500 Issues and Feedback.

Hi Mike,

 

I'm thinking of buying one of these.

 

Do you happen to configure VLANs with port restrictions and / or do you know how easy / functional that is on this device?

 

Greetings,

 

Thorwald

Message 3 of 18

Re: BR500 Issues and Feedback.

VLANs are rather easy to setup but only in standalone mode at the moment.  Insight kept having bugs where it wouldn't allow me to add/remove them very easy.  It actually created a duplicate VLAN and then I couldn't get rid of it.  Not quite sure what the deal was there.

 

In standalone mode, go to the "Advanced" tab and on the left Menu is a button for VLAN.  Pretty easy.  I'm running (4) of them without issue.

Message 4 of 18
LegitUser
Aspirant

Re: BR500 Issues and Feedback.

Thanks for your reply Mike!

 

However my question was not if it supported VLANs.

It was more if firewall rules between VLANs (with port restrictions) are easy to configure and work.

 

I just ask this specifically because I had some bad experiences with this in the past.

Message 5 of 18

Re: BR500 Issues and Feedback.

Give me an example and I will give it a shot and let you know 🙂

Message 6 of 18
LegitUser
Aspirant

Re: BR500 Issues and Feedback.

Hi Mike,

 

Thanks for being so awesome to help in this, because I could not find it in any documentation online so far!

These are just examples of tests you could do:

 

Test one:

You have one VLAN and another with an http server running on it. Now add a firewall rule that blocks all traffic. 

Check if they indeed can't reach eachother. Then add another rule that only allows HTTP. Check if you can reach the HTTP server.

 

Test two:

Let's say between 2 VLANs you block all icmp traffic. Ping on clients on VLAN 1 to  clients on VLAN 2 should fail from both sides.

Now you only block icmp from VLAN 2 (with pc 1) to VLAN 1 but not in reverse, this should mean the ping request starting from a client on VLAN 1 reaches a client on VLAN 2 (sniffable) but the reply doesn't come back through. Check if this is the case.

 

These are however just indications of tests. If you know other tests that are easier to check firewall rules with ports in your setup feel free to do so.

 

Thanks a lot !!!!

 

Thorwald

 

 

 

Message 7 of 18

Re: BR500 Issues and Feedback.

Might take a bit for me to get around to, but usually that has to do with allowing VLAN interweaving which you can turn on and off between the VLANs.  A lot of that also depends on the switches you use, if any.

 

Right now, I'm only using one LAN port with a bunch of cascaded switches and none of my VLAN traffic is able to see any other VLAN traffic.  I have it set that way so that on my one VLAN, that's where all my client machines that have infections get connection to the internet and I can't afford to have them infect the rest of my network.  Also, I'm running a bunch of GS110TP switches that support VLAN tagging and routing, so even at the switch level, I am covered.

Message 8 of 18
LegitUser
Aspirant

Re: BR500 Issues and Feedback.

Thanks Mike. A quick ping test would do at this point.

 

Anyway I started a new thread about this.

 

https://community.netgear.com/t5/Hardware-VPN-Firewalls-and/BR500-Inter-VLAN-rules/m-p/1683559

Message 9 of 18

Re: BR500 Issues and Feedback.

BUMP.

 

Netgear? Anyone?

 

Message 10 of 18
jdrch
Apprentice

Re: BR500 Issues and Feedback.

I was gonna buy this thing (on sale for $230 at Newegg currently) until I noticed that the firmware update instructions require (note the emphasis) installation from the cloud, which is literally the definition of insanity. I'm not sure Insight has been well thought through as a product, and since easy remote access is what I'm going for, if I disable it there's no point in having the BR500.

 

Message 11 of 18

Re: BR500 Issues and Feedback.

I have not done anything with this model with Insight (Cloud Management) since I posted this thread, still with no response from Netgear's team.  You can still remote manage it via gui, securely with firewall rules and VPN configuration.

 

Stand-alone mode is good, still needs more features to make it a *better* business "class" router....but trust me, you can do a firmware update locally, as I've done it.  The manual PDF on this is pretty easy if you're familiar with firewalls.  Definitely much better than previous firewalls in function and configuration IMO.

 

Message 12 of 18
jdrch
Apprentice

Re: BR500 Issues and Feedback.

Really? I thought you needed Insight for OpenVPN to work?


@ComputerMikes wrote:

I have not done anything with this model with Insight (Cloud Management) since I posted this thread, still with no response from Netgear's team.  You can still remote manage it via gui, securely with firewall rules and VPN configuration.

 


 

Message 13 of 18

Re: BR500 Issues and Feedback.

Page 126: http://www.downloads.netgear.com/files/GDC/BR500/BR500_UM_EN.pdf

 

"If you do not use NETGEAR Insight, you can use OpenVPN software to set up VPN

connections and remotely access an office or site at which a NETGEAR BR500 router is
ininstalled."
Message 14 of 18
AtmosphairaIT
Aspirant

Re: BR500 Issues and Feedback.

Increasing frustration with this device.   Random reboots, uptime reset to 0, and the in-memory log gets wiped and contains no helpful info.   Anyone have an insight into this or experience the same problems? 

 

I'm at my wits end, and an getting quite sour on what purports to be a great small/medium business router/VPN appliance.  

 

 

Message 15 of 18
MrJoshW
NETGEAR Expert

Re: BR500 Issues and Feedback.

Hello,

 

What firmware version is the BR500 on? In regards to the device rebooting, how often does the device reboot? Anything on going at the time when the device reboots?

Message 16 of 18
AtmosphairaIT
Aspirant

Re: BR500 Issues and Feedback.

I've played the same 20 questions with support, but I'll play along again...

 

It's on the 5.5.0.1 the latest firmware from this month or so.  Support tells me to factory reset the device to see if the rebooting continues.   Ok.  well, what's to going to tell us?     That something the interface allows to be configured is able to set the device in an unreliable state?   That sounds like a quality or testing problem to me.    It's not going to work for me in "factory reset" configuration.

 

What is going on with the device when it reboots?   Simply, it's given out IPs via DHCP, my customers are using the internet and phones.  I mean, nothing really unusual.  It has OpenVPN and Insight VPN configured, a few VLANs but nothing I could call out-of-the-ordinary.  I'd provide logs, but everything gets deleted when the device reboots so it's pretty useless log if you ask me.

 

While anecdotal, I'm so sketched out with this device that I check it's status on Insight (paid subscription) a few times a day.    What's odd, is the days I don't use Insight,  the device seems to not seem reboot itself.   

 

I need more than just this superficial support.   The device reboots on it's own and the tools for the end-user don't exist or are simply useless.  This purports to be an all-in-one VPN gateway solution;   so far it's just irriated my client and is costing me support hours.   

 

How often does it reboot?  I rarely see the uptime counter beyond one day.  

Message 17 of 18

Re: BR500 Issues and Feedback.

Nice to see someone from Netgear reply, even though it's not to me.

Message 18 of 18
Discussion stats
  • 17 replies
  • 6172 views
  • 2 kudos
  • 5 in conversation
Announcements