NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
WAX210 iPhone WPA3 Incorrect Password isBSSIDDenylisted 1
Hi I've been using a WAX210 as my home access point for a few months and every few days my iPhone is banned from the network. It won't auto-connect and if I manually connect it fails with "Incorrect password" I enabled iOS Wi-Fi diagnostics and it shows the BSSID has been banned for connections, with isBSSIDDenylisted 1. WAX210 running latest Firmware V1.1.0.34 released 25th July 2025 iPhone 16 Pro running latest iOS 26.3.1 5Ghz network WPA3 password I have also submitted feedback to apple as FB22209711 in case it is their bug. I believe it's either a bug in the WAX210 that is getting it banned by the iPhone or the iPhone's banning logic is too restrictive. Relevant log lines below: 03/12/2026 9:02:39.181 __WiFiDeviceManagerKnownNetworkSuitabilityCheck: Network 'agate', isFilteringAJCandidates 0, isSSIDTemporarilyDenylisted 0, isBSSIDDenylisted 1, isTDDenylisted 0 03/12/2026 9:02:39.181 __WiFiDeviceManagerKnownNetworkSuitabilityCheck: Not considering problematic Network agate isSSIDTemporarilyDenylisted 0 isBSSIDDenylisted 1 isFilteringAJCandidates 0 isTDDenylisted 0GS110EMX: 10G ports throttle uploads to 250-300 Mbps
I've been going back and forth with Netgear support for over a week about this and I'm honestly at a loss. I'm hoping someone here can tell me if I'm crazy or if what they're telling me doesn't make sense, because it really doesn't add up to me. My Setup Switch: Netgear GS110EMX (firmware 1.0.2.8) Port 1: Internet uplink (1G, connected to router — standard fiber ISP) Port 9: Mac Pro via OWC Thunderbolt 4 to 10G Ethernet Adapter Port 10: Asustor AS6508T NAS (10G) Cables: Cat6A throughout This is exactly why I bought this switch — two 10G ports for my computer and NAS, with everything else on the 1G ports. Pretty standard home prosumer setup. The Problem Internet uploads are throttled to about 250-300 Mbps when my computer is on a 10G port. Downloads are fine at 830-880 Mbps. When I move the same computer to a 1G port with the exact same cable, uploads jump to 708 Mbps. That's more than double the speed on a port that's supposedly 10x slower. What I've Tested (at Netgear's request) I ran every test their L3 support team asked for. Here are the results: Internet Speed Tests (computer on 10G port 9): Flow Control Download Upload OFF 865 Mbps 306 Mbps ON (port 9 only) 879 Mbps 169 Mbps ON (both 9 & 10) 820 Mbps 137 Mbps Internet Speed Test — computer on 1G port (same cable, same everything): Download Upload 884 Mbps 708 Mbps iPerf3 between Mac and NAS (local, 10G ↔ 10G): Direction Speed Mac → NAS 3.73 Gbps NAS → Mac 9.40 Gbps Local 10G performance is excellent. The ports, cables, and NIC all work fine. What Netgear Says After all this testing, support came back and told me: This is "working as expected" and "within the design limitations of the switch" The 10G ports are "intended to be used as uplinks" — not for client devices A replacement would behave the same way My configuration is "not the intended use case" Why I'm Confused I don't understand how any of this is "expected behavior." Specifically: How does a 1G port give me faster uploads than a 10G port? If the 1G uplink is the bottleneck, moving to a slower port should give me equal or worse speeds. Not more than double. Nobody has explained this. Why are only uploads affected? Downloads through the 10G port hit 865 Mbps — nearly saturating the 1G uplink. The traffic crosses the same 10G/1G speed boundary in both directions. Why would only one direction have "buffer overflow" problems? Flow Control made things WORSE. They asked me to enable it. It dropped uploads from 306 Mbps to 137 Mbps. How is that a fix? The product page says "No Network Bottlenecks thanks to the 2 10-Gigabit/Multi-Gigabit Uplinks." Now support says those ports are only meant to be uplinks and my setup is unsupported. The user manual literally shows 10G client devices connected to ports 9 and 10 in its network diagrams. This switch used to work. I used the exact same setup with fiber in Chicago for years with no issues. I only noticed the problem after switching to fiber here in LA recently. Something changed. What I'm Asking Has anyone else seen this? Am I wrong to think a managed switch should be able to handle 10G devices sending traffic through a 1G uplink without losing 70% of the uplink's capacity? I've seen a couple other threads about similar issues with the GS110EMX and I'm starting to think this is a known design flaw that Netgear just doesn't want to acknowledge. At this point I just want to know if I should keep fighting for a replacement or just give up and buy a different switch. Any insight would be really appreciated. I've spent way too many hours on this already.M4250 Switches Power Outages and UPSs
Hello, I am working in a new theatre that was setup in some interesting ways. We are currently working our way back through the system and altering things to follow better practices. As it is a new building we are still dealing with power shutdowns as new equipment is installed/changed. Everytime there is an outage it feels like something new breaks. We have UPSs that our "critical" devices are (sometimes) attached to. This includes our network switches. But the batteries can only supply power for ~40 minutes at current load. Our UPSs have an expansion slot that we can add an SNMP network card into. Is it possible for our network switches to monitor for outages and power off nicely? Is there such a thing as shutting down the switches nicely? What is the best practice for shutting down a NetgearAV switch? Another thing that causes outages for us is the fire alarm. We are required by the fire marshal to shutdown our whole system as soon as the fire alarm goes off. So currently everything loses power (except the UPSs which I think goes against the fire code... like I said... interesting setup) and I am trying to find better ways to manage shutting down the PA system but keeping critical equipment online long enough to shut down correctly before powering down entirely. We've had some false alarms from a poorly placed smoke detector in a catering kitchen and I would love to have a system that can shutdown according to code but do so nicely in case it is a false alarm. I've had a bad experience with shutting down the M4250 switches. Early on when we opened we had a switch catch on fire after flipping the power switch to reboot it (following instructions from the installer) I want to prevent having this happen again. I'm just interested in how people manage outages and turning equipment on and off.
Advanced 802.1Q VLAN Doesn't Block Untagged Traffic?
I think the answer might be obvious. Lower-end Netgear switches are not managed using VLAN traffic, so they allow all untagged traffic to pass through. Is this correct? For example, a port is configured with VLAN ID 10 for untagged traffic and its PVID is 10. It will tag the traffic correctly and all the traffic will go to the correct subnet. However, if I manually configure my IP, I can access any other device on the link that is not VLAN aware. This could be another Netgear switch or a MoCA device. My configuration: Devices: GS308EP GS305E
Port Lights on with no cable plugged in?
Came home and found my GS108Ev2 switch was acting strange...the port lights were on without any ethernet cables plugged in. Anyone know about this issue and how to resolve. What could cause this behavior? Power surge? I have tried rebooting the switch, reset factory defaults, and rebooting again but the same port light stays on (both lights) without a cable plugged in. Thanks for the help.WAX210 Firmware 1.1.0.34 Bug – SSID Password Complexity Incorrectly Enforced
Hi everyone — I’m seeing what looks like a firmware regression on the WAX210 after updating to v1.1.0.34, and I want to report it in case others are affected. After updating, the AP now refuses to save any configuration changes (even unrelated ones like just renaming the Access Point). The UI throws this error: SSID1: SSID passphrase length must be between 8 and 63 characters, and contain at least one uppercase letter, one lowercase letter, one number, and one special symbol. This happens even when the SSID password is not edited at all. The AP loads the existing (valid) WPA2/WPA3 passphrase and flags it as invalid due to a complexity requirement that didn’t exist before. This appears to be the AP Login Password complexity policy being mistakenly applied to SSID passphrases, which contradicts the official manual. SSID passwords for WPA2/WPA3 should only require 8–63 characters. Reproduction Steps Update WAX210 to firmware 1.1.0.34 Log into the web interface Make any change (example: AP Name only) Click Apply The SSID password complexity error appears, even though SSID settings were untouched Impact. The AP cannot accept any configuration changes unless the SSID password is replaced with a much more complex passphrase. This forces a complete re-key of all connected devices. Expected Behavior Per the WAX210 User Manual, SSID passphrases should be valid with: 8 to 63 characters No requirements for uppercase/lowercase/digits/symbols Those rules worked correctly in previous firmware versions. Current Workaround Rolling back to firmware 1.1.0.25 or 1.1.0.20 fully resolves the issue. Request Can Netgear please confirm whether this is a regression in 1.1.0.34 and escalate to the firmware engineering team? This issue effectively prevents configuration of the device. I can provide: Screenshots of the error dialog A configuration backup A short video showing the issue Exact hardware revision and serial if needed Thanks in advance.
