NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
WAX210 Firmware 1.1.0.34 Bug – SSID Password Complexity Incorrectly Enforced
Hi everyone — I’m seeing what looks like a firmware regression on the WAX210 after updating to v1.1.0.34, and I want to report it in case others are affected. After updating, the AP now refuses to save any configuration changes (even unrelated ones like just renaming the Access Point). The UI throws this error: SSID1: SSID passphrase length must be between 8 and 63 characters, and contain at least one uppercase letter, one lowercase letter, one number, and one special symbol. This happens even when the SSID password is not edited at all. The AP loads the existing (valid) WPA2/WPA3 passphrase and flags it as invalid due to a complexity requirement that didn’t exist before. This appears to be the AP Login Password complexity policy being mistakenly applied to SSID passphrases, which contradicts the official manual. SSID passwords for WPA2/WPA3 should only require 8–63 characters. Reproduction Steps Update WAX210 to firmware 1.1.0.34 Log into the web interface Make any change (example: AP Name only) Click Apply The SSID password complexity error appears, even though SSID settings were untouched Impact. The AP cannot accept any configuration changes unless the SSID password is replaced with a much more complex passphrase. This forces a complete re-key of all connected devices. Expected Behavior Per the WAX210 User Manual, SSID passphrases should be valid with: 8 to 63 characters No requirements for uppercase/lowercase/digits/symbols Those rules worked correctly in previous firmware versions. Current Workaround Rolling back to firmware 1.1.0.25 or 1.1.0.20 fully resolves the issue. Request Can Netgear please confirm whether this is a regression in 1.1.0.34 and escalate to the firmware engineering team? This issue effectively prevents configuration of the device. I can provide: Screenshots of the error dialog A configuration backup A short video showing the issue Exact hardware revision and serial if needed Thanks in advance.WAX620 V10.8.13.2 generating apparently bogus auth messages
I'm seeing messages for the MAC address of a Tuya Smart device authenticating and deauthenticating repeatedly to one of my SSIDs. There is no such device in my house. Is this a neighbor's device or a bug, or combination of the two? I tried creating a MAC ACL for it, which didn't completely stop the auth messages -- the WAX620 still reported periodic auths along with block messages. I've changed the SSID password (WPA3/2) and turned off the four devices using that SSID, but the messages continue. Below is a sample, the first form is seen every few seconds. No associated device ever makes a DHCPREQUEST. May 13 14:21:16 hostapd: wifi0vap0: STA a8:80:55:3c:be:c5 IEEE 802.11: authenticated May 13 03:45:52 hostapd: wifi0vap0: STA a8:80:55:3c:be:c5 IEEE 802.11: Station deauthenticated due to reason code 34 May 13 04:00:37 hostapd: wifi0vap2: STA a8:80:55:3c:be:c5 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)TLS 1.0 & 1.1 active in WAX625 https web interface
Having TLS 1.0 and TLS1.1 supported in https web interface makes Wifi WAX product line susceptible to TLS attacks : - BEAST Attack - CRIME Attack - RC4 Attack - Weak Cipher Suites Attack - Attacks renegotiation And the product is unfortunately shown to be non compliant with security scans, just for that unfortunate reason. The firmware is V10.8.11.4 and I cannot find a security option about TLS ? Are there hidden options somewhere ? Would it be possible to add an option to only support TLS 1.2 (and not 1.0 and 1.1) ? [ I means, as far as software is concerned, this is mostly a change of a numerical constant somewhere. ]WAC104 Passphrase masked
How do I unmask the passphrase in the security options on the wireless setup page admin site for my WAC104 ? I want to verify the password but the passphrase fields are masked with ****. How do I unmask them to see the current settings ? Please see attached screenshot Thanks in advance for any assistanceWAX 610 Password
We have 4 WAX610 devices with Firmware 10.3.2.2. A technician did not document the password and now we can't Access the single APs Website. I resettet the insights password and I know in the other sites I can connect using the insight password. But in this case it is not working. I restartet alle Access Points and hoped the password would work but no success. Is there anything I could try besides from resetting the APs? The local admin wants to look into the APs, so that is the reason for this question. Best regards, BerndWax630 at Two Physical sites
Have two sites - physically seperate Town/City At both site we have Draytek 2866 Routers, Sites are conected via SITE-SITE VPN on the Draytek Router At the Main Site we have a Windows Server 2012 with DHCP The Satalite site's Router has a different IP but DHCP users at this site pick up IP from Servers DHCP at the Main site Existing Wifi set up - consists of Staff and Guest SSID (guest has no access to LAN) NO VLAN's setup - never really setup VLANs On the WAX630 - I want to keep the Staff and Guest Networks separete ie. guest have no access to LAN or other Wifi devices I've created Guest and Staff SSID - guest as ISOLATED Currently I've set this up for the Main site on 2 x WAX630's at Home The other two access Points for the Satalite site will use the same SSID's ? I'm not sure have to Test that but... Technically if I add the other 2 devices at home I'm guessing that should work in a similar way (although my Virgin Router provide the DHCP) Appreciate any comments / feed back.