Showing ideas with status New Idea.
Show all ideas
Limiting the antenna power to levels like 100%, 50%, 25%, etc. is ridiculous and severly limits fine tuning it to the local radio enviroment. Please update to allow changing it to values from 1 dBm to 18 (20) dBm like a normal person.
... View more
See more ideas labeled with:
Would you please allow the WAC720 access points to be usable on Insight? Without Insight compatibility, impending discontinuation of Business Central will remove cloud management functionality from these devices that were purchased only 1 year ago. Thank you in advance!
... View more
See more ideas labeled with:
Status:
New Idea
Submitted on
2021-02-22
01:37 PM
Submitted by
IrishCornelius
on
2021-02-22
01:37 PM
Please add support for TLS 1.2 to GS108Tv2 switch range. Currently only TLS 1.0 is supported on firmware 5.4.2.35. TLS 1.0 is considered deprecated by IETF: https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-12 <extract> 4. Do Not Use TLSv1.0 TLSv1.0 MUST NOT be used. Negotiation of TLSv1.0 from any version of TLS MUST NOT be permitted. Any other version of TLS is more secure than TLSv1.0. TLSv1.0 can be configured to prevent interception, though using the highest version available is preferable. Pragmatically, clients MUST NOT send a ClientHello with ClientHello.client_version set to {03,01}. Similarly, servers MUST NOT send a ServerHello with ServerHello.server_version set to {03,01}. Any party receiving a Hello message with the protocol version set to {03,01} MUST respond with a "protocol_version" alert message and close the connection. Historically, TLS specifications were not clear on what the record layer version number (TLSPlaintext.version) could contain when sending ClientHello. Appendix E of [RFC5246] notes that TLSPlaintext.version could be selected to maximize interoperability, though no definitive value is identified as ideal. That guidance is still applicable; therefore, TLS servers MUST accept any value {03,XX} (including {03,00}) as the record layer version number for ClientHello, but they MUST NOT negotiate TLSv1.0. </extract>
... View more
See more ideas labeled with:
Status:
New Idea
Submitted on
2020-12-27
11:19 PM
Submitted by
nismo9132_net
on
2020-12-27
11:19 PM
I purchased both a GS305E and two GS308E switches and really like the performance and configuration functionality, but it's missing a key feature -a Configurable Management VLAN. Please add this feature because otherwise I'm likely going to return these switches to get something that supports them from another vendor for the same price point.
... View more
See more ideas labeled with:
Please release an updated firmware with TLS 1.2/1.3 support, and the option to disable 1.0 and 1.1.
... View more
See more ideas labeled with:
Firmware V5.10.0.3 The old FVS338 had all of the below features and worked great. I'm surprised and very disappointed they are missing from the BR500. Custom services are always enabled unless deleted. An enable/disable check box on each service would be very useful. Currently you have to delete the custom service to disable and create the custom service from scratch to enable. This extremely inconvenient. There is a severe security problem with port forwarding custom services. Open ports are exposed to the whole world. The ability to limit port exposure to a specific external IP or a range of specific IPs would solve this security problem. It is extremely important to implement this safeguard.
... View more
See more ideas labeled with:
Insight Models: BR500 5.7.0.4 GC752X 1.0.5.22 GC752XP 1.0.5.22 I have encountered a limitation with Insight that renders use of the Insight service moot. You currently cannot change the PVID assignment of a Trunk port, as Insight defaults tthe PVID assignment to the Managment VLAN once the port is assigned Trunk. This limitation renders the use of virutal servers in a network impossible without disconnecting the switch from Insight and configuring manually. I have spent the better part of two months working with support who has finally verified what my system all but proved - this cannot be done. They have been great to work with, but now I am being told I need to spend more time posting here to have an idea considered. This is a criticle feature that many businesses require. I This is the only challenge I have encountered with the product and yet, it is almost a show stopper. Two monAfter spending the money on the BR500 and both Insight switches, I fnid myself with only half my system available from the Insight service I paid for. Case # 41789865.
... View more
See more ideas labeled with:
Will the Orbi Pro be getting vlan support? It seems a basic requirement for a business in a product that is offering multiple ssids, particularly for the guest wifi
... View more
See more ideas labeled with:
Hi, I'm using a GS110TP switch with firmware 5.4.2.33. The HTTPs interface is enabled and working. The problem is that Firefox is now considering the GUI as unsecured because of TLS 1.0. There's no way to enable TLS 1.2 and it's a real security problem. Is it possible to get a new firmware with TLS 1.2 support ? Regards.
... View more
See more ideas labeled with:
I would like to see a way to install the VPN client on a mobile phone (iPhone). There is currently no functionality for this, which is very surprising. The install for windows and Mac are super easy and helpful, but the lack of support for iPhone makes this device not as great as it could be. Please consider adding a way to use the VPN on mobile devices.
... View more
See more ideas labeled with:
I have a BR500 and purchased the Insight Instant VPN service for it. Overall, the Insight Instant VPN service is nice as I can manage who I let into the VPN and It's an easy way to get into my routers network remotely. While I can get the VPN to work from my home Windows based PC, I also have several Linux machines that I would like to be able to connect to the VPN with. I've already been in contact with support and the conclusion was that this is somehow not supported or they had no settings they could give me to manually configure a connection. I'd be happy with just some settings that I could use to manually configure a connection to the Inisight Instant VPN on Linux (e.g., Protocol, Gateway, etc.). If for some reason there is something that can't be disclosed then a Linux version of the app would be great too. I just want to be able to use the service through my Linux machines.
... View more
See more ideas labeled with:
Please add Traffic Shaping to the BR500.
Let admins prioritise a specific VLAN and limit or garantee a given amount of bandwidth.
For Example:
WAN connection 50Mbps UP/DOWN
VLAN1 contains servers
VLAN2 contains desktops
VLAN3 contains VOIP phones
VLAN4 wifi office
VLAN5 wifi guests
When Windows Updates are downloaded on the servers each day at rondom moments, users complain that connections to Office365 is slow. Also during the day users complain that VOIP calls are disconnected of audio quality suffers.
Sometimes when Guests are using the Wifi, all these problems seem to happen aswell.
Solution:
Create a traffic shaping rule for VLAN1: Set the priority to medium and limit the maximum bandwitdh to 30Mbps shared.
Create a traffic shaping rule for VLAN2: Set the priority to medium no limits
Create a traffic shaping rule for VLAN3: Set the priority to high and set a garanteed bandwitdh of 5Mbps shared.
Create a traffic shaping rule for VLAN4: Set the priority to medium no limits
Create a traffic shaping rule for VLAN5: Set the prioriy to low and limit the maximum bandwitch to 5Mbps per session.
... View more
See more ideas labeled with:
Add management VLAN support on 5 port ProSAFE Web-Managed switches.
... View more
See more ideas labeled with:
Please ensure NTGR does publish the Letter of Volatility (LOV) along with the product support download pages. We see that requests for LOV are taking reasonable bandwidth in the community support, temporary file downloads will be enabled with valid for a few days only. This makes the replies virtually useless, because the download is no longer available. So we see requests for the same product LOV again, or we get new posts. All this can be avoided...
Thank you for consideration!
Regards,
-Kurt
... View more
See more ideas labeled with:
I and everyone else in the community would appreciate our device view being repaired for our smart switches in service. I want to but more switches for my network, including some 10gbe switches. But I don't want to buy more switches where all the features don't work. This Device View Java isssue has been ongoing since 2015 from reading the community website. In my opinion trashing all our switches and buying all new switches to fix a firware issue is a ridiculous option. Please give your customers some quality customer service and produce a firmware update to correct this problem...
... View more
See more ideas labeled with:
I request that fast roaming (802.11-r, 802.11-k and 802.11v) be exposed via the user interface so that client devices (IOS/Android) can seemlessly migrate between APs in an ensemble. I know the hardware supports those standards, but the UI does not provide a mechanism to enable it without the purchase of a contoller or cloud based service in a consumer home network.
I have read the post which also asks for the same functionallity showing other hardware providers have the functionallity exposed to end-users. I am not comfortable accessing the CLI without documentation from Netgear.
WAC720, WAC730, WAC740 802.11r
... View more
See more ideas labeled with:
We have just had smoothwall implemented and are trying to get BYOD working. Smoothwall have looked into this and stated that our wireless is not providing Framed IP's which is essential to the smoothwall BYOD system working please see notes below:
Framed-IP-Address — This contains the IP address of the client that has been authorized to join the wireless network. This attribute is essential to the BYOD service.
Could this feature be added in a firmware update? we have 2 wc7600 controllers and over 80 access points so pretty stuck at the moment
... View more
See more ideas labeled with:
Hi Netgear Community,
Before I contact Netgear support to give feedback in regards to the quality of their wireless controllers I wanted to seek clarification from Netgear community about an issue we are currently facing at our site.
We would like to utilise the Radius accounting information generated by our WC7600v2 (firmware v6.5.1.11) to be utilised by our Windows 2012r2 NPS server. The specific attribute we need is the "Framed-IP-Address" attribute to contain the IP address of the client / user requesting the authentication. This attribute is helpful in identifying successfully authenticated clients to be simultaneously authenticated against other systems i.e. like internet filters. Some internet filters providers utilise agent software that can sit on a Windows NPS server and read the logs generated by the NPS service and automatically apply the appropriate internet access policy to the client devices / users at the moment of wireless authentication essentially providing a Single Sign On process.
After attempting to undertake this process at a site that utilises a Netgear WC7600v2 we have come to the conclusion that the WC7600v2 does not provide the Framed-IP-Address. This has been confirmed by reviewing the NPS server logs where Framed-IP-Address radius attribute is 0.0.0.0 for all clients authenticating via the WC7600v2
Thanks to previous advice on this forum, we were able to make contact with Netgear text based support and after sometime the Netgear technician, he was able to confirm that the WC7600v2 does not provide the Framed-IP-Address as part of its radius account response to the NPS (radius) server. This feature maybe included sometime in the future but could not give any ETA on its implementation; he was also able to confirm that other customers of the WC7600 series have requested this feature to be implemented.
What my site is trying to perform is something that is not to complex, I have done it many times via cisco / h3c / Aruba controllers and wireless implementations. These devices are more compliant with the RFC 2866 radius standard than what Netgear equipment is, even though your product information sheet (https://www.netgear.com/images/datasheet/wireless/wirelessmanagement/WC7600v2.pdf) states that the controller is complaint with this spec.
How are we meant to recommend Netgear equipment to clients in enterprise when the device does not standard up against large enterprise network equipment manufactures. I can understand something like "it will be included in the next firmware release" but when something like "No ETA at this time" it makes us feel like recommending to the site management the entire removal the Netgear wireless implementation and going for something "more enterprise".
Do you think if the site invested in Prosafe support agreement it would carry more weight with Netgear in implementing a basic feature like a more extensive implementation of the RFC 2866 accounting standard?
I hope that I do not come across as too negative in this forum thread, but was hoping to provide constructive feedback to help improve your products and the process to improve them.
Peter
... View more
See more ideas labeled with:
We receive weekly email messages about credits that are about to expire or have already expired. However, this does not state which organization or device it concerns. Now it becomes a puzzle every time. It would be nice to generate a report of all organizations in our portal. For example: I would like to receive every week an overview of all credits from all organizations by email, preferably with the expiration date.
... View more
See more ideas labeled with: