- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello everybody,
I'm running a Netgear GS110TPv3 with SW version 7.0.6.2. If MAC address check ("802.1X" ~ MAB) is deactivated on an affected switch port, wake on lan is working.
If MAC address check is activated, a client can no longer be woken up.
1. Assumption: The Vlan ID is different when it is switched off than when it is switched on and authenticated.
If, for example, a notebook is switched on manually, the MAC address check also works via the RADIUS server. The client is assigned to Vlan 1 via dynamic Vlan assignment (default).
In unauthenticated state, the switch port is also in Vlan 1 (default config of Netgear = 0). As a result, both the switched off and the switched on device should be in Vlan 1. So there is nothing against being able to wake up the client.
However, it doesn't work.
Setup: Security - Port Authentication - 802.1X
Port-based authentication status: Enable
VLAN assignment mode: Enable
Dynamic VLAN creation mode: Enable
EAPPOL flood mode: Deactivate
Switchportconfig with deactivated MAC check:
Port control = Authorized
MAB = deactivate
Unauthenticated VLAN ID = 1
(Assigned Vlan ID via RADIUS = 1)
Result: WOL works
Switchportconfig with activated MAC check:
Port control = MAC-based
MAB = activate
Unauthenticated VLAN ID = 1
(Assigned Vlan ID via RADIUS = 1)
Result: WOL does NOT work. Why ?
2. Assumption: I would normally assume that frames from the switch to the client (outbound) are not blocked before authentication, but only the frames from the end device to be woken up in the direction of the switch (inbound).
I cannot find any setting/option on the switch port to differentiate between incoming or outgoing or incoming and outgoing frames.
Can the problem with this Netgear switch be solved at all? Do bigger business switches have more options?
Many thanks for your help.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello all,
problem has been discussed in the background with Netgear.
Result: Unauthenticated port blocks inbound a n d outbound traffic. This is also true for broadcasts. WOL packets therefore are not forwarded to the affected client. Wake up must fail.
2 options:
-hardened network access for clients with enabled 802.1x but no WOL... or
-disable 802.1x and use of WOL is possible, when using this kind of switch model.
Best regards,
Schnitzelprinz
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated
Looks like a bug related to the availability of this specific MAB feature on this GS110TPv3 model.
Please open a ticket on https://my.netgear.com/ or diect on https://www.netgear.com/support/contact.aspx for support.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated
Hi schumaku,
thank you very much for your quick response and assessment. Looks like that your recommended actions are more difficult as expected.
Buy is older than 90 days (October 2020). Email and Phone support is not available anymore, chat support is allowed but no possible. Buying a service contract for GS110TPV3 is not possible ....I'm only able to order a hardware replacement for defective items. This will not solve the problem. Any idea ?
Best regards,
Schnitzelprinz
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated
@YeZ please line-up the connection to the switch QA and engineering so this issue can be addressed. Thank you!
@Schnitzelprinz wo gibts denn feine Schnitzel?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPv3: Wake On LAN (WOL) does not work, when 802.1x (MAC Authentication Bypass) is activated
Hi schumako,
I opened also a ticket via "hw replacement channel" and refered to this conversation. Thanks for your assistant today.
Offtopic: Restaurants are closed at the moment. Our kitchen is first choice during the Corona period 🙂
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello all,
problem has been discussed in the background with Netgear.
Result: Unauthenticated port blocks inbound a n d outbound traffic. This is also true for broadcasts. WOL packets therefore are not forwarded to the affected client. Wake up must fail.
2 options:
-hardened network access for clients with enabled 802.1x but no WOL... or
-disable 802.1x and use of WOL is possible, when using this kind of switch model.
Best regards,
Schnitzelprinz