New Idea

Support QoS Through VPN Tunnel

by NACC Tutor on ‎2017-04-21 09:01 AM

This has been discussed a couple times in the forums. Specifically some ability to condition traffic via QoS over the VPN tunnel. In my case I would like to provide precedence attributes to various services running across the tunnerl. In particular, VoIP. I have to VoIP PBXs that communicate over my inter-office VPN tunnel and I would like to give this traffice precendence (both IP - diffserv - precedence along with bandwidth precedence) over other non-VoIP traffice occuring over the tunnel

 

Reference: https://community.netgear.com/t5/VPN-Firewalls/Point-to-Point-VPN-best-practices-for-VOIP/td-p/12471...

WN203 SNMP settings

by jrsmith61 Tutor on ‎2017-04-16 01:30 PM

I have several WN203 APs and I have been very happy with them. I recently started using NMS300 to monitor my network and noticed that there does not appear to be any way to configure SNMP location and contact information for the WN203 using the GUI or the command line. I would like to see this capability added in a future firmware release but given the limited number of previous updates for this device I don't think that will happen. If no firmware updates are forthcoming, I may just accelerate my plans to migrate to WAC720 or WAC730.

Hi,

 

Within an stand-alone AP (WAC720/730) it is possible to enable or disable the Bonjour service. When an AP is managed through a wireless controller you can not decide to enable or disable this protocol.

 

I understand from Netgear support (Case #: 28216854 ) that it is enabled within the controller, but limited to 1Mbps. I can confirm that therefore the Bonjour/Airprint is not working perfectly. You cannot enable/disable Bonjour and cannot set the bandwidth.

 

Can this feature add to the wireless controller firmware?

DHCP - Need to release IP addresses

by robban Guide on ‎2017-03-05 10:56 PM

Hi,

 

I want a  "release" function on UTM50 as it is in many other routers. We often do a lot of test on PDA's and tablets and the IP addresses is not enough. The test itself take maybe 15 minutes and then we take one more units and so on (we also have 5 to 10 units at the same time). The standard lease is 24 h and we have lowered it to 1 h but that is not enough for us.

 

A simple release function should do the trick, then we can release the units we want or just release all. This function is on a lot of routers today.

Please add ping functionality to the WAC730 web interface.  This is a common tool amongst most wireless access points and routers.

Rate limit by MB's for Netgear WC9500

by Qman26 Initiate on ‎2017-01-30 12:02 AM

Dear Netgear,

 

I'm struggeling with rate limits which I would like to configure on a Wifi network which is currently installed at one of our clients.

We're using a Netgear WC9500 in combination with Netgear WNDAP360 AP's.

I've configured  multiple SSID's, one of them is for guests. I would like to limit this SSID by MB usage instead of a percentage of the bandwith. 

This way I can prevent guests from hijacking the entire Internet connection.

 

please consider this feauture in the next firmware.

 

regards,

 

Frank

Right now we only have the option to use Dyndns.org, Oray.net, TZO.com or 3322.org.

Dyndns & Oray now both point to dyn.com and are no longer free to use.

TZO & 3322 both point to some chinese website...

 

Last year in a support ticket i asked for an update to these dynamic dns service providers on the ProSafe SRX5308 and I was told this:

 

The custom dynamic DNS feature is already implemented by engineering and is currently being reviewed by quality control. (feature request 7033)
You can expect this feature in the next firmware release, unfortunately I don't have a release date yet.

 

At that time 4.3.4.1 was the current firmware version.

Now I see that 4.3.4.2 is available, but this still doesn't bring any changes to the dynamic dns services.

Is there an update on the eta of this feature?

Wifi Analytics for IOS

by mskalski Follower on ‎2016-11-18 01:10 PM

Do you plan to write Wifi Analytics for IOS Iphone / Ipad ?  I know that this has been asked before but I could not find a solution.  I'm trying to find the best channel for 5Ghz.  Since a Wi-Fi analytics tool can be used to identify the local networks surrounding me and determine which channels are congested and which are lesser used, I can determine the optimum wireless channel.  My 5ghx keeps dropping and it's making me crazy.

Can we get the software to be supported on MAC computers?

I've had an unfair share of trouble when trying to restore saved configuration files (.cfg config) to GS108Ev2 running firmware 1.00.12. Eventually, I gave up and reprogrammed 3 switches from scratch. I had to go through the whole building to locate them. Brought with myself a laptop and had a phone handy to talk to a guy in the control room.

 

I think I found out what happened: Older versions of the Plus Utility do not support the password encryption required by V1.00.10 firmware. The old config files had unencrypted passwords (I checked with a hex editor). The new firmware expects its password encrypted, so it couldn't load the old password. I was locked out of the switches.

 

A cleartext header in the config file could help, so the switch (or the user!) knows which firmware version saved the config. If you want to make it really functional, have the firmware perform appropriate checks at load (restore) time, so old unencrypted passwords keep on working on new firmware versions.

 

 

Hello everybody,

 

we would like to use NMS300 to save the config of our 40 Netgear Switches (M4100 series, different models) automatically every night, but this requires telnet to be enabled on all switches (confirmed by Netgear Expert Bruce_G: https://community.netgear.com/t5/Managed-Switches/NMS300-config-backup-with-telnet-disabled/m-p/1161...)

 

I think that transmitting a password for administrative access in cleartext over the network isn't best practice, especially for a product which claims to be enterprise ready.

Would you please implement an option for a scheduled config saving and other mass actions like firmware update for all switches via an encrypted conection? It should be possible to disable telnet on the switches without disabling any funcionality (apart from logging in via telnet of course..)  ;-)

Thanks in advance!

 

Kind Regards

Christoph Peus

 

Hello to anyone taking the time to read this.

 

I have close to a dozen netgear GS1xxE switches at my home and various family member's homes by now and swear by the things. Vlan tagging is a must for our various setups and these switches haven't disapointed yet.

 

However , when it comes to configuring them, the fact one is incapable of selecting the vlan on which the things do their DHCP negotiating forces me to use fixed IP's.

 

In essence this isn't all that bad. But adding this to the firmware isn't something unreasonable to ask I would think. 

 

 

http://i.imgur.com/JZEvBx4.png

http://i.imgur.com/p9evrYY.png

 

Thanks in advance for taking the time to reply. If you also think this slight oversight should be rectified please do reply.

This in regards to the Traffic Meter monitoring function of the SRX5308 VPN Firewall.  However this would apply to any device in Netgear's product lineup that monitors the amount of IP traffic per month.

 

Currently the traffic meter can set a monthly traffic limit of up to a maximum of 256000 MB (~250 GB).  However, this is insufficient for those who are using Comcast as an ISP where the monthly traffic limit is set to 1 Terabyte (1024 Gb).   

 

Request that the montly traffic limit setting be adjustable in the Terabyte range.  Perhaps an increase of the montly limit up to and including 250 Tb should be sufficient in the foreseeable future.  Thank you in advance!

About posted ideas in general

by Midaz Apprentice on ‎2016-09-18 03:39 PM

Hello my name is Peter and I posted some requests about essential functions on the GS1xxE series of switches.

It seems there have been some ideas posted here but there is no respons whether these things are being

implemented or not or any timeframe given.

I personally had a request about adding a menu in the GS1XXE switches to enter some allowed mac addresses to prevent

a user to connect some rogue equipment on the network.

Could it be that the chipset does not support such functionality!

Couldn't you post back that the engineers are working with this, this and this function and it will be ready in 1-3 months or something.

Anyways a definitive answer would be appreciated so that I may peruse other brands that has similar 5-port switches.

Regards

Peter

 

Hi,

 

I just got a certificate which the hash algorithm is SHA256.

 

But my vpn firewall only allows SHA1.

 

Can you please fix this?

 

Thank you very much.

 

Best regards 

Need firmware upgrade, if possible, for SRX 5308 to add SHA-256 or higher signature algorithm to meet PCI compliance. If this is not possible I need to know so I can replace hardware with compliant hardware.

L2TP with IPSEC is for sure easy to setup, but even more convenient would be to use Active Directory authentication, such as one for SSL VPN and admin role setup. Windows internal VPN client offers domain credentials as on option for authentication, that would ease the setup. Of course there would be need for group membership checking or explicitly define, which users are allowed to login. Also, DH should allow use of 2048-bit keys.

Wifi Analytics on IOS iphone ipad ?

by cuvillier Follower on ‎2015-08-21 01:26 AM

Hi ,

 

When do you plan to implement this application wifi analytics on ios ?

My ipad would like it, my iphone also, I will accept to pay for this application

please include the rogue detection

 

regards

 

Philippe CUVILLIER    Orange Presales Engineer

 

 

Top Contributors