× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Re: Could a GS748T kill a GS308e??

PapaPeteH
Guide

Could a GS748T kill a GS308e??

OK, this one is strange (to me).

 

I thought all was going swimmingly with my new GS748Tv5... I even successfully changed the management VLAN after a heart-stopping pause. (It wouldn't talk to ports on the new VLAN until a full reboot!)

 

Now... another anomaly.

  • Normally connected to the GS748Tv5... is a GS308e.
  • Normally, I can connect to the GS308e and do management stuff.
  • Sometimes it loses its IP address (known bug), but rebooting always fixes that.

...now, no matter what I do:

  • The GS308e does obtain its correct IP address
  • I can successfully ping it
  • But any port 80 (HTTP) packets are RST'd. (Actively blocked). I absolutely cannot connect!

Before I work out how to factory reset... is there something I might be missing about the Netgear ecosphere with respect to communication between switches? Is there ANYthing I could have done to the GS748T, that could be communicated to the GS308e behind the scenes, and cause it to block me ???

 

Pretty scary at the moment. I generally don't like unknown side effects 😉

Message 1 of 12

Accepted Solutions
PapaPeteH
Guide

Re: Could a GS748T kill a GS308e??

I think I've solved this one. (Obviously) I can't be certain exactly what caused this...

 

(Background: my gs308e was working perfectly a few days ago. I logged in and recorded (manually) a few configuration parameters.)

 

Here's what I discovered through careful testing:

1) The gs308e no longer is willing to talk to modern browsers. AFAIK I didn't change anything. And the firmware is not new either. On a hunch, I tried a bunch of browsers...

2) It WILL talk to old IE, Internet Explorer. Unfortunately, my copy won't just open... now Microsoft Edge has mangled it and forces me to MS edge... and they claim I just need to use the built in "IE Mode" button.

3) IE Mode button doesn't exist. But google has an addon, "Legacy Browser Support for IE Mode in Edge". Install that. It works when you load the switch UI with this enabled!

4) Switch then complained about a bad password?!! Oh no... switch had fully reset itself!

 

Well, at least I have the switch back 😉

View solution in original post

Message 2 of 12

All Replies
PapaPeteH
Guide

Re: Could a GS748T kill a GS308e??

I think I've solved this one. (Obviously) I can't be certain exactly what caused this...

 

(Background: my gs308e was working perfectly a few days ago. I logged in and recorded (manually) a few configuration parameters.)

 

Here's what I discovered through careful testing:

1) The gs308e no longer is willing to talk to modern browsers. AFAIK I didn't change anything. And the firmware is not new either. On a hunch, I tried a bunch of browsers...

2) It WILL talk to old IE, Internet Explorer. Unfortunately, my copy won't just open... now Microsoft Edge has mangled it and forces me to MS edge... and they claim I just need to use the built in "IE Mode" button.

3) IE Mode button doesn't exist. But google has an addon, "Legacy Browser Support for IE Mode in Edge". Install that. It works when you load the switch UI with this enabled!

4) Switch then complained about a bad password?!! Oh no... switch had fully reset itself!

 

Well, at least I have the switch back 😉

Message 2 of 12
schumaku
Guru

Re: Could a GS748T kill a GS308e??

Two observations here. K.I.S.S. as possible!

 


@PapaPeteH wrote:

Sometimes it loses its IP address (known bug),....

Sources, references? The known operational (design) issue is that all Plus switches tend to fallback to a default fixed IP address as per the books in case if the dhcp server isn't reachable (in time), eg. after a power failure. 

 


@PapaPeteH wrote:

But any port 80 (HTTP) packets are RST'd. (Actively blocked). I absolutely cannot connect!

Have captured a packet with the RST, or is this just a guess? Have missed to change the PVID for the newly introduced management VLAN? 

 

 

Message 3 of 12
schumaku
Guru

Re: Could a GS748T kill a GS308e??

The web UI HTML the CSS and JS code of any current Plus switch is that basic and simple - there are no dependencies on special browser builds. Spend time on cleaning out your computer, worth every minute. Something must be wrong, there are no needs for forcing the deployment of prehistoric long year reliable IE, installing in most situation unneeded plugins, and much more. On one hand, all introducing major risks, on the other hand a red herring. A recipe for uncontrolled flight into terrain catastrophe.

 

 

Message 4 of 12
PapaPeteH
Guide

Re: Could a GS748T kill a GS308e??

Wireshark showed the RST's. 'twas quite frustrating until the reboot / delay.

Message 5 of 12
PapaPeteH
Guide

Re: Could a GS748T kill a GS308e??


@schumaku wrote:

The known operational (design) issue...

Some call it a bug... some a "missing feature" 😉 As we both know, they don't just revert to the default IP. Even though configured for DHCP, they no longer, EVER, check for a DHCP server.

😄

Message 6 of 12
PapaPeteH
Guide

Re: Could a GS748T kill a GS308e??


@schumaku wrote:

The web UI HTML the CSS and JS code of any current Plus switch is that basic and simple - there are no dependencies on special browser builds.


I would love to believe that, but my diagnostic experience yesterday disagreed 😉

 

I attempted to connect in multiple ways, multiple browsers, multiple computers. No intervening change to the switch itself. I didn't have time to dig in deep to replicate and find the exact root cause (nobody's paying me to do that like they used to 😉 )... 

My only hunch, truly just that, is based on a brief observation:
* Observed (wireshark): on the successful connect from "legacy IE" that IE sent two SYN packets in a row... perhaps something has changed with more "modern" browsers. I dunno.
* Hunch: under certain circumstances, perhaps the switch firmware gets into a strange state that's frobbed just right by an older browser.

 

All I know for a fact is, once I touched it with the old browser (I'll call that the "IE touch" 😉 ), things started happening, apparently due to a comprehensive reset of the firmware.
* It became visible to the ProSAFE Plus Utility

* It DHCP'd to get an IP address (power cycle did NOT do that prior to the "IE touch")

* I could log in using the default password 

 

Happy to call that an anomaly. Some kind of weird state 😉

 

Message 7 of 12
schumaku
Guru

Re: Could a GS748T kill a GS308e??


@PapaPeteH wrote:

As we both know, they don't just revert to the default IP.

What then? If the Plus switches are kept up running, if the DHCP servers are kept operational, not much can go wrong. 

 


@PapaPeteH wrote:

Even though configured for DHCP, they no longer, EVER, check for a DHCP server.

When these devices cold boot, and are configured for DHCP, an IP config is applied from the DHCP.

 

The problem does start if the DHCP is not ready, or does not come up e.g. following a power failure. Then the design (good or bad) is to fallback on the default IP - what is for the obvious reasons never lead to workable results. It's correct, the DHCP does not retry to get an IP config. There would be room to enhance - in case the resource situation on the tiny 8051-core does allow. 

 

Alternate approach would be to push a static configured IP config.

 

 

Message 8 of 12
schumaku
Guru

Re: Could a GS748T kill a GS308e??

There are huge numbers of GS3nnU[xx] produced and many of them delivered. Matter of fact, IE is a dead horse, and people don't have to use this stuff anymore.  Alternate browsers became industry standard. And as a fallback, Microsoft has put in the IE-compatibility mode in place to modern Edge.

 

If anywhere near to be an operational threat, we would hear much more about this in the community.

 

Personally, I do believe in the modern browsers, and have always current Chrome and Firefox builds on my mobile device and my quick ageing Windows 10 system with Chrome, Firefox, new Edge, and Opera for quick comparisons. For special purposes, yes, I still have operational Windows 7 systems at hand, including legacy IE builds ad-hoc available for commercial enterprise support work. 

Message 9 of 12
PapaPeteH
Guide

Re: Could a GS748T kill a GS308e??

I'm sure an  8051 can handle an occasional retry. In fact, it's already doing a retry during basic DHCP. (I go back a LONG way. It's amazing what could be coded in 64kb on an F8 😄 )

 

In our location (Colorado), and during various instabilities, it's quite possible for DHCP to become unavailable for a time. It's simply painful when some devices go offline -- no longer visible to the configured network.

 

Yes, once static IP is in place, you're ok... until (as in this case) the device decides to do a factory reset. Combine factory reset with no DHCP for a period of time... and the only solution is a physical visit. 😞

Message 10 of 12
PapaPeteH
Guide

Re: Could a GS748T kill a GS308e??


@schumaku wrote:

What then? If the Plus switches are kept up running, if the DHCP servers are kept operational, not much can go wrong. 

In other words, the firmware nicely handles the normal case... but not edge / anomaly cases (which means an attacker can also take advantage.)

At this point, I found a workaround for my edge case. I don't have time to dig in deeper. Learned a lesson about fragility of the firmware I'm dealing with.

 

I'm not surprised: most coders have a very hard time thinking outside the box of their expected use cases. Anything from simple user error to deviousness can break all kinds of systems. That's why I got paid a lot of $$ to break SW/FW/HW... I'm pretty good at coming up with scenarios that will break anything 😄

Message 11 of 12
schumaku
Guru

Re: Could a GS748T kill a GS308e??


@PapaPeteH wrote:

4) Switch then complained about a bad password?!! Oh no... switch had fully reset itself!

This is not normal behavior. Strongly suggest doing a full factory reset.

 

System > Maintenance > Factory Default

or

Use the end of a paper clip or some other similar object to press and hold the Factory Defaults button on the front panel of the switch for at least two seconds

 

If a factory reset does not get rid of the unexpected factory reset, it's time for a warranty exchange.

 

-----

 

Providing every effort, I discovered a (factory new) GS308E for sale some 10 minutes driving from home. Convinced the seller, to pick-up the device, and half an hour later the switch was plugged, the MAC-DHCP reservation placed on my reliable security appliance, serving some 20 VLANs and IP subnets, and ensured an untagged network port (including some tagged VLANs) was available to connect the new baby. 

 

Connected the new GS308E, updated the firmware from the factory version to the current V1.00.11EN, applied some basic config. Access using random Web browsers, including  various VM with a 64bit Linux OSes. And it came as I expected: The switch remained accessible and workable normally....

Message 12 of 12
Top Contributors
Discussion stats
  • 11 replies
  • 2774 views
  • 0 kudos
  • 2 in conversation
Announcements