× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973

Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

Hello everybody,

I'm running a Netgear GS110TPv3 with SW version 7.0.6.2. If MAC address check ("802.1X" ~ MAB) is deactivated on an affected switch port, wake on lan is working.

If MAC address check is activated, a client can no longer be woken up.

1. Assumption: The Vlan ID is different when it is switched off than when it is switched on and authenticated.

If, for example, a notebook is switched on manually, the MAC address check also works via the RADIUS server. The client is assigned to Vlan 1 via dynamic Vlan assignment (default).

In unauthenticated state, the switch port is also in Vlan 1 (default config of Netgear = 0). As a result, both the switched off and the switched on device should be in Vlan 1. So there is nothing against being able to wake up the client.

However, it doesn't work.

Setup: Security - Port Authentication - 802.1X


Port-based authentication status: Enable

VLAN assignment mode: Enable

Dynamic VLAN creation mode: Enable

EAPPOL flood mode: Deactivate

 

Switchportconfig with deactivated MAC check:

Port control = Authorized

MAB = deactivate

Unauthenticated VLAN ID = 1

(Assigned Vlan ID via RADIUS = 1)

 

Result: WOL works

 

Switchportconfig with activated MAC check:

Port control = MAC-based

MAB = activate

Unauthenticated VLAN ID = 1

(Assigned Vlan ID via RADIUS = 1)

 

Result: WOL does NOT work. Why ?

 

2. Assumption: I would normally assume that frames from the switch to the client (outbound) are not blocked before authentication, but only the frames from the end device to be woken up in the direction of the switch (inbound).

I cannot find any setting/option on the switch port to differentiate between incoming or outgoing or incoming and outgoing frames.

 

Can the problem with this Netgear switch be solved at all? Do bigger business switches have more options?

 

Many thanks for your help.

Model: GS110TPv2|ProSafe 8 ports gigabit PoE smarta switch
Message 1 of 6

Accepted Solutions

Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

Hello all,

 

problem has been discussed in the background with Netgear.

Result: Unauthenticated port blocks inbound a n d outbound traffic. This is also true for broadcasts. WOL packets therefore are not forwarded to the affected client. Wake up must fail.

 

2 options:

-hardened network access for clients with enabled 802.1x but no WOL... or

-disable 802.1x and use of WOL is possible, when using this kind of switch model.

 

Best regards,

Schnitzelprinz

View solution in original post

Message 6 of 6

All Replies
schumaku
Guru

Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

Looks like a bug related to the availability of this specific MAB feature on this GS110TPv3 model.

 

Please open a ticket on https://my.netgear.com/ or diect on https://www.netgear.com/support/contact.aspx for support.

Message 2 of 6

Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

Hi schumaku,

 

thank you very much for your quick response and assessment. Looks like that your recommended actions are more difficult as expected.

 

Buy is older than 90 days (October 2020). Email and Phone support is not available anymore, chat support is allowed but no possible. Buying a service contract for GS110TPV3 is not possible ....I'm only able to order a hardware replacement for defective items. This will not solve the problem. Any idea ?

 

Best regards,

Schnitzelprinz

Message 3 of 6
schumaku
Guru

Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

@YeZ please line-up the connection to the switch QA and engineering so this issue can be addressed. Thank you!

 

@Schnitzelprinz wo gibts denn feine Schnitzel?

Message 4 of 6

Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

Hi schumako,

 

I opened also a ticket via "hw replacement channel" and refered to this conversation. Thanks for your assistant today.

 

Offtopic: Restaurants are closed at the moment. Our kitchen is first choice during the Corona period 🙂

 

Message 5 of 6

Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated

Hello all,

 

problem has been discussed in the background with Netgear.

Result: Unauthenticated port blocks inbound a n d outbound traffic. This is also true for broadcasts. WOL packets therefore are not forwarded to the affected client. Wake up must fail.

 

2 options:

-hardened network access for clients with enabled 802.1x but no WOL... or

-disable 802.1x and use of WOL is possible, when using this kind of switch model.

 

Best regards,

Schnitzelprinz

Message 6 of 6
Discussion stats
  • 5 replies
  • 3218 views
  • 2 kudos
  • 2 in conversation
Announcements