Orbi WiFi 7 RBE973
Reply

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

I'm receiving Critical Alerts that my BR500 VPN Router is 'More than one port is down(Ports disabled due to loop)' and it is disconnected from my Insight Cloud Portal and Mobile Insight App.  However, all the lights are displaying correctly and my Netgear Genie says my gateway is active.  Most of the challenges I've had with the BR500 VPN router and other Insight Devices came after attempting to setup the VPN Users, which required me to establish an active Netgear Account for each user beyond simply entering their e-mail address to send an invitation.  Wi-Fi connectivity issues also began running wild after configuring the VPN Users with our WAC510 AP's.

 

I'm not impressed with the BR500's firewall/security features versus what was marketed for the product.  While the products look attractive in their pretty white steel boxes, these devices perform much like the consumer/gaming grade of Nighthawk routers, in fact, the BR500 has about the same setting features as the Nighthawk X6s (AC3000) which was hacked by an intruder before I put a ZyXEL VPN in front of it.  I'm hoping I won't have to throw out the BR500 and bring back my ZyXEL because the Instant VPN from BR500 sounded "soo good," but now I have to revisit the investment we've made to outfit several offices with these not-so-well performing cute devices.  

Message 1 of 10
BretD
Admin

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

I've reached out to the dev team to look at and investigate your issue.

Message 2 of 10
MrJoshW
NETGEAR Expert

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

Hello,

 

Where is the error "port is down(Ports disabled due to loop)" reporting from? Is it reporting from the Insight web GUI or from the BR500 local interface? You stated the issues began after adding a VPN user. Was it when the user tried to connect with the Insight VPN client? Has a support case been opened on these issues?

Message 3 of 10

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

Ok, I'm receiving several warnings at different locations.  First my Insight Mobile App is running on an Samsung S7A (android) phone which indicates my BR500 VPN Router is disconnected.  I cannot provide a screenshot to my mobile phone screen.  Within the Insight.Netgear.com web GUI, I am receiving critical notices about my BR500 VPN being disconnected, and multiple ports down on my GC510PP switch.  I've been having problems with my WAC510 dropping connections since yesterday when I added a second VPN User.  I had difficulty adding the second user because I was required to create a Netgear Account before the BR500 VPN invitation would accept the 2nd user.  Ok, so worked past that and added the 2nd user.  At the same time, I modified some WAC510 settings because I had devices being dropped from only one of my SSID's so I deleted one SSID, leaving me with only with only one broadcast SSID versus two which I had desired.  Immediately after that (I know I should make so many changes at once but I wasn't planning a troubleshooting session and had saw good stability prior to these activities) I renamed the ports on the GC510PP and did the same on the BR500 VPN Router.  When I physically removed a two Cat6 plug-ins and replaced them (straigtening out the wire congestion) back into their same ports, that's when I began receiving the "Loop Notification" about ports being down.  I changed the name of ports on the BR500 which matched one port on the GC510PP by naming port convention only (i.e. ISP-Charter) and I thought this might be the problem.  Inside the BR500 web portal I was unable to successfully change the name of either the WAN port, or Port 1 leading back to my GC510PP.  By default these port names keep replicating them own name; not sure if this is correct.  I then went to my WAC510 and turned off IGMP Snooping per your online support suggestion, and turned on Spanning Tree Protocol with the intent to resolve the "Loop Issue."  Nothing worked as desired after this.  I shut all devices down except the BR500 VPN Router and GC510PP switch.  I continued to receive "Disconnected BR500" notices from both the mobile app and Insight.Netgear.com web GUI.  I rebooted both devices separately, no changes.  When the problems began, I logged into the BR500 web portal and noticed yellow text at the top stating "Excessive CPU useage or similar" and "No VPN access or similar" and noticed the CPU temperature on the BR500 was up around 67-degrees, which I did not like.  I'm providing the following screen shots for your consideration.  I did upload 4.5GB today between 1pm and 3pm (PST) without issue to Dropbox (cloud server).  The BR500 appears to be routing traffic normally, but the warnings, and critical notifications won't stop.  I rolled the dice and put our entire company on the Insight Managed devices and really hope these devices can perform as solicitated, which would be a dream for any small business.  At the moment, I'm looking like a foot in our company for suggesting these tools and the amount of time it's taking to deploy reliable solutions.  I'm really hoping you can help, even if its in future Firmware releases, as that may save my job.  Thank you.

2018-12-03 (1).png2018-12-03 (2).png2018-12-03 (3).png2018-12-03 (4).png2018-12-03 (5).png2018-12-03.png

Message 4 of 10

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

I proceeded to unplug all the port switches to remove any potentional looping, starting with the removal of the ReadyNAS424, then the WAC510, local printer, and (1) computer that was attached.  I left the internet plugged in for obvious reasons.  After checking the mobile app and web GUI for Insight, I noticed nothing had changed and my WAC510 was reported to still be connected for some time, although it was not.  I rebooted the BR500, and it eventually came back online.  I plugged the computer I'm using directly into the BR500 to access the internet.  All the lights on the BR500 are working without errors and the router is directing traffic as if there is no issue.  I logged back into the Insight.Netgear.com web GUI and it tells me the GC510PP has multiple ports down due to a loop.  There is only (1) Cat6 cable from the internet plugged into the switch; nothing else.  So to recap, I have my computer plugged directly into the BR500, and only have the ISP service plugged into the GC510PP from the BR500 router.  Below you can see the warnings from within the Insight.Netgear.com web GUI.  While I was drafting this e-mail response, my phone send me a warning that I just lost connectivity with the BR500 although it appears to be working well.  I hope this information is helpful.  Regards, Bill

2018-12-03 (6).png

Message 5 of 10

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

After investing more time looking into the situation I suspect the problem lays in several areas as follows:

  • Insight App and Insight web GUI both report errors and BR500 is disconnected
  • WAC510 has security features possibly in conflict with the BR500 - not able to utilize all features of WAC510 on local portal or in web GUI per Netgear instructions for configuration
  • I removed all devices from the GC510PP to make it impossible to have a loop, yet the web GUI claimed I still had multiple ports down.

This morning, I renamed all the ports on the GC510PP (i.e. Port1; Port2; etc.) and rebooted the switch.  No more loop warnings.  The mobile app and web GUI still report my BR500 is down, however it is physically working and shows up in the Netgear Genie LAN map as well as in the BR500 local portal.  I have to travel for 1-week and will return to fix this later.  I do not know how to initiate a Support Ticket from Netgear.  Any advice?  Thanks, Bill

Message 6 of 10
MrJoshW
NETGEAR Expert

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

Hello,

 

I will reach out to you with a private message to have one of my support teams reach out to you on these issues.

Message 7 of 10
whatdhack
Aspirant

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

I too am disppointed by the BR500 underwhelming VPN capabilities compared to the Zyxel USG40 .   BR500 is  more a switch with light VPN slaped on.  

Message 8 of 10
MrJoshW
NETGEAR Expert

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

Hello,

 

What issues are you experiencing with the VPN on the BR500?

Message 9 of 10
whatdhack
Aspirant

Re: BR500 VPN Router/Firewall - 'More than one port is down(Ports disabled due to loop)'

I was trying to do lolipop type SSL VPN, where the WAN port and LAN ports are in the same subnet. See the follow ing architecture. / --- [VPN Router] (internet) -- - [ ISP Router ] --- (LAN) -- [ Servers, hosts, etc] Which is easily doable in Zyxel USG40/60.
Message 10 of 10
Discussion stats
  • 9 replies
  • 4834 views
  • 0 kudos
  • 4 in conversation
Announcements