NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
WAX210 Firmware 1.1.0.34 Bug – SSID Password Complexity Incorrectly Enforced
Hi everyone — I’m seeing what looks like a firmware regression on the WAX210 after updating to v1.1.0.34, and I want to report it in case others are affected. After updating, the AP now refuses to save any configuration changes (even unrelated ones like just renaming the Access Point). The UI throws this error: SSID1: SSID passphrase length must be between 8 and 63 characters, and contain at least one uppercase letter, one lowercase letter, one number, and one special symbol. This happens even when the SSID password is not edited at all. The AP loads the existing (valid) WPA2/WPA3 passphrase and flags it as invalid due to a complexity requirement that didn’t exist before. This appears to be the AP Login Password complexity policy being mistakenly applied to SSID passphrases, which contradicts the official manual. SSID passwords for WPA2/WPA3 should only require 8–63 characters. Reproduction Steps Update WAX210 to firmware 1.1.0.34 Log into the web interface Make any change (example: AP Name only) Click Apply The SSID password complexity error appears, even though SSID settings were untouched Impact. The AP cannot accept any configuration changes unless the SSID password is replaced with a much more complex passphrase. This forces a complete re-key of all connected devices. Expected Behavior Per the WAX210 User Manual, SSID passphrases should be valid with: 8 to 63 characters No requirements for uppercase/lowercase/digits/symbols Those rules worked correctly in previous firmware versions. Current Workaround Rolling back to firmware 1.1.0.25 or 1.1.0.20 fully resolves the issue. Request Can Netgear please confirm whether this is a regression in 1.1.0.34 and escalate to the firmware engineering team? This issue effectively prevents configuration of the device. I can provide: Screenshots of the error dialog A configuration backup A short video showing the issue Exact hardware revision and serial if needed Thanks in advance.Security settings for AC750 extender
Hello Community. I have a Netgear N600 Wireless Dual Band Router (WNDR3400v2) with two AC750 range extenders in different parts of the house. This setup has been working fine UNTIL we got two new iPhones and a new iPad. The damn smarty-pants new Apple devices now complain about "weak security" on one of the AC750 extenders and refuse to connect to that one. Only on ONE of the extenders, mind you - and it's the older of the two. My router is set for WPA2-PSK [AES] which I'm pretty sure is the highest security protocol it can support. Here's my question: how can I access the security settings for the "weak" extender? And hopefully upgrade those settings. When I use www.routerlogin.net, it appears to show me only the settings for the main router and not the extender - even though I'm connected through that extender (using an older Apple device.)Request: List of Products That Perform Cryptographic Key Provisioning
We are reviewing your networking products for internal compliance purposes. Could you please confirm which of your hardware-based products (e.g., switches, routers, relays, gateways) include any of the following cryptographic functions: Provisioning or distribution of encryption keys to other devices Acting as a MACsec Key Server (e.g., providing CAKs/SAKs to peers via MKA) Providing IPsec/IKEv2 key exchange for other systems Embedded EAP/PKI certificate provisioning or CA functions Managing network-wide encryption policies or certificate trust for other devices We are not asking about encryption used only for login/authentication (e.g., HTTPS, SNMPv3, 802.1X), or encryption used solely for the unit’s own interfaces. This request is limited to cases where the product provides or manages encryption on behalf of other devices. If possible, please provide a list or matrix identifying which models include any of the above features. Any documentation that describes these capabilities would also be appreciated. Thank you for your support.WAX620 V10.8.13.2 generating apparently bogus auth messages
I'm seeing messages for the MAC address of a Tuya Smart device authenticating and deauthenticating repeatedly to one of my SSIDs. There is no such device in my house. Is this a neighbor's device or a bug, or combination of the two? I tried creating a MAC ACL for it, which didn't completely stop the auth messages -- the WAX620 still reported periodic auths along with block messages. I've changed the SSID password (WPA3/2) and turned off the four devices using that SSID, but the messages continue. Below is a sample, the first form is seen every few seconds. No associated device ever makes a DHCPREQUEST. May 13 14:21:16 hostapd: wifi0vap0: STA a8:80:55:3c:be:c5 IEEE 802.11: authenticated May 13 03:45:52 hostapd: wifi0vap0: STA a8:80:55:3c:be:c5 IEEE 802.11: Station deauthenticated due to reason code 34 May 13 04:00:37 hostapd: wifi0vap2: STA a8:80:55:3c:be:c5 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)Share internet between two Vlans on a netgear GS724TV4
Hi So I been trying for altmost 2 days to set up my netgear GS724TV4, which is a managed layer3 switch, but does not have capability to create a DHCP server. I am running a webserver and email server, and would like to seperate this from my private network, in case of hacking. So I though I would make two Vlan, lets say vlan1 for private and vlan100 for the server. ISP fiber to my house -> deco X10 setup (internet Vlan id 101 - 802.1q tag) -> unmanaged layer3 switch that provides my netgear with 2 patch cabels in port12 and 13 I have attached a screenshot of my setup and here is some info: port 2 and 3 my private network. port 12 and 13 - Conntect to an unmanaged switch, where my internet patch-cable is connected. port 24 - my server Since I dont understand inter-routing my idea was to have 2 vlans, where vlan1 had port 1-12 untagged and vlan2 had 13-24 untagged, and both vlans would get internet via port 12 or 13. Could somebody tell me if and how to set this up? Help is greatly appriciatedGS724Tv6 How to disable UPnP?
Bought GS724Tv6 switches, which are now spamming my network with SSDP NOTIFY packets. From what I gathered this is due to some UPnP advertising. How can I stop these switches from doing that? In the manual (GS724Tv6_GS748Tv6_UM_EN.pdf) I read: "Manage UPnP switch discovery By default, Universal Plug and Play (UPnP) is enabled on the switch." and I could disable it under "Select System > Management > Switch Discovery. The Switch Discovery page displays." Sadly there is no such option, not does the Site Index list 'Switch Discovery' anywhere. => How can I disable UPnP?EAX20 trying to connect to internet via port 8883
Hello everybody, I am currently seeing my EAX20 connecting to the internet a amazon data center via port 8883. I have currently blocked this but I am wondering why it does this? if it is sometthing to do with MQTT, what is it trying to do and do I need it? apart from checking for firmware updates whicj it can still do and I dont have it connected to any app or cloud services, what could be using this? Any help would be greatly appreciated as I cant find this answer anywhere and cant do a support ticket because Netgear only offers 3 months support. Anyway thank you in advance.New EAX15 Mesh Extender - I have a few questions
Hello, this is my first post. Although I am a long time Netgear user! For over 2 decades, I have used two of their cable modems, some Wi-Fi routers, Wi-Fi adapters and many of their venerable 4, 8, and 16 port switches for the home! The EAX15 is the latest Netgear hardware to add to my list! First of all, it works great! I mean, my network setup is fairly simple and kind of old. But it works very well for extending my old 802.11n 2.4 GHz network just fine! I was worried that it may not support that old stuff... Firmware:1.0.3.36 Not explicitly listed on the configuration website mywifiext.local (why?)... but it's up to date and Netgear's site says 1.0.3.36. Model: "EAX15-100NAS" That's written on UPC code portion of the box above serial number, MAC and so forth numbers. The forum suggested there might be a V2 or V3 version of EAX15, but I don't see that anywhere. I guess it's just EAX15. So I have a few questions: Being an old user of home network appliances, I was able to quickly plug my computer into the Ethernet jack of the EAX15 and configure the "conventional" way as expected. The IP was a bit different, but that was easy to figure out. To my dismay, I noticed that documentation neglects telling users about this capability and instructs them to install the Nighthawk App. I installed the app and noticed it wanted me to create an Internet account and provide information to Netgear not relevant for the local network device ... like, Location? OK, maybe it's for Wi-Fi regulatory domain. But still... why wouldn't you document the "old fashion" way to do this? And why would you require an Internet account and collect lots of data from our phones for a strictly local network appliance? This is probably a dumb question. But why can't this product simply amplify or repeat a signal on specific frequencies? Why do you need a man-in-the-middle computer to serve simultaneously as an access point and wireless client? This device is way more complicated in functionality than I thought it would be. I use Adguardhome to protect my elderly father from scams and malware (and helpless devices). I logged into it today and noticed that my EAX15 queries netgear.com about 200 times per hour. What exactly is my strictly local network device communicating with Netgear? I've attached s screenshot of part of my adguardhome statistics page for context. Anyway, I'm otherwise very pleased with the device. It works great! Good job Netgear!