NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
[MS108TUP] - Switching - VLAN and routing
Hello everyone, I've this network configuration: Firewall --> MS108TUP --> Access Point Wifi The firewall and the AP is not a Netgear product. I've a domotic house so I've decided to separate the smart devices from the Main network. So in this case I've created an dedicated AP SSID with VLAN ID 20 only for manage smart devices. My network is also managed by a dedicated firewall device that manage VLAN Interfaces, WAN Interfaces, LAN Interfaces etc etc. Throught this Firewall, manage all the L2/L3 levels, from DHCP (one for every interfaces) to Privacy control, from Captive Portal (for Guests account) to Policy Control rule, ACL, Static route, QoS etc etc. So, I've configured the MS108TUP with several VLAN created in Switching mode (Switching --> VLAN). This is my current VLAN configuration on MS108TUP: MG1 is the Firewall uplink port, instead MG2 is the AP Uplink port. And this is the configuration of the interfaces into my Firewall: In this way, the AP create a SSID with VLAN 20, MG2 take the VLAN 20 and route it on MG1 VLAN 20; the firewall (MG1) take the VLAN 20 on port P2 and create it's own network with it's own dedicated DHCP and Static IPs list. All works good but when, from the firewall, I try to block traffic from/to the same interface/zone, not working. For example, if I try to block the SSH port from the tablet to my Raspberry PI and the tablet and the RPI is in the same interface/zone, the traffic is not blocked (my rule is: from DomoDevicesVLAN to DomoDevicesLAN source "tablet" destination "RPI" any service --> deny ----> this rule must deny the traffic for any service from the tablet to the RPI "using" the same zone but not work). Seems because the packet traffic is directly managed by the MS108TUP. Seems as the request is not passing throught the firewall, but remains at the switch level. For example: 192.168.0.5 --> 192.168.0.6 directly In this way the traffic is bypassing the firewall, because remain into the "switch" level Instead, how I can route the traffic thought the firewall? 192.168.0.5 --> 192.168.0.254 (Firewall interface) --> 192.168.0.6 In this way the traffic must pass into the firewall, and in this way I can have full-control on the packets and I can apply a Policy Control rule. Thank you so much Best Regards, Valerio
Netgear WiFi 7 WBE710 802.11k/v Disabled After FW upgrade.
I upgraded to V11.8.0.14 and I'm not seeing on my devices that 802.11k/v are now disabled. I know 802.11r is only supported with InSights but now they are disabling features? I rolled back to V11.5.1.5 and then they show enabled. Why is Netgear disabling features for APs? Is anyone else seeing the same? You can't even open a support case with Netgear without paying nowadays. This are extremely useful protocols for device roaming and now they are disabled in the backend? I would like an explanation. Factory reset performed made no difference. Quick Configuration Settings - Everything else is default. Static LAN IP Configured 192.168.x.x SystemName Set LED Disabled - High doubt it is this. I've seen weirder Single SSID Configured WPA3/WPA2 Personal VLAN ID configured Band Steering Enabled Wireless Settings - 2.4/5/6Ghz All 3 bands are configured with Dynamic Channel WidthWAX204 cannot run on UPS
I have a WAX204 which I need to plug into a UPS. It runs okay if the UPS is plugged into AC power. However, whenever the power goes out, the router reboots and gets stuck in a boot loop. The loop happens whenever it is about to turn on the WiFi light, then it reboots back to the red light and repeats all over. However, once the AC power is restored to the UPS, everything is back to normal. I had thought it was the UPS power, and I bought a 2000VA / 1200W power supply, which is the same. How can I use this router on UPS? Here is the exact UPS: https://www.hikvision.com/africa/products/premises-distribution-system/ups/back-up-type-ups/ds-ups2000/Netgear WiFi 7 WBE710 Crashing/Rebooting
I have 3 WBE710 APs that I am not using InSights on only using local GUI. Last week I decided to update them from V11.5.1.5 to V11.8.0.14 and since then 1 AP has been having a Reboot reason code of "Crash". The other 2 APs are stable and have been up and online since the upgrade. All 3 APs are configured in the same settings minus two APs are configured to have the LEDs off. One of the APs that is configured to the LEDs off started crashing every 3-12 hours. I did a typical restore to defaults and reconfigured to match the other settings of the APs and the single unit continued to crash. As a quick test I downgraded the crashing unit back to V11.5.1.5 "downgrading forces factory reset", reconfigured again to match the exact settings of the other APs, minus the LED setting. Since then it has been stable. Quick Configuration Settings - Everything else is default. Static LAN IP Configured 192.168.x.x SystemName Set LED Disabled - High doubt it is this. I've seen weirder Single SSID Configured WPA3/WPA2 Personal VLAN ID configured Band Steering Enabled Wireless Settings - 2.4/5/6Ghz All 3 bands are configured with Dynamic Channel Width Any thoughts would be welcomed. I don't really want to leave them on mismatch FW.Second hand wax630 keeps restoring to insight
I have 4 second hand wax630 that are unable to restore to factory defaults When I restore them to factory default I am able to access the web page one time and when I try a manual setup it reboots and restores the previous owner insight settings. Tried this multiple times and was able to do a firmware upgrade on it, but after a while it keeps restoring to the previous owners insight setting Offcourse I have no access to this account, I have aquired them legally offcourse but find it strange that if someone locks them nobody can access them. I guess when an it manager leaves a company the company is pretty much screwed (or when the it support firm goes out off bussiness) Anyone a solution for thisERROR: can't get kernel image!
Hi, Overnight switch malfunction. I managed to connect to the switch with miniUSB console port using HyperTerminal port 23. I switched off/on couple of times. This is the error logs i get. :( Please help. I am attaching the pictures of switch too. " U-Boot 2012.10-00205-gef56c5f (Jan 01 2016 - 14:02:15)VerNo=1.0.0.7 UBIFS error (pid 0): ubifs_get_sb: cannot open "ubi:fs", error -19 UBIFS error (pid 0): ubifs_mount: Error reading superblock on volume 'ubi:fs' er rno=-19! ubifsmount - mount UBIFS volume Usage: ubifsmount <volume-name> - mount 'volume-name' volume UBIFS not mounted, use ubifs mount to mount volume first! ubifsload - load file from an UBIFS filesystem Usage: ubifsload <addr> <filename> [bytes] - load file 'filename' to address 'addr' Wrong Image Format for bootm command ERROR: can't get kernel image! ERROR: can't get kernel image! done UBIFS not mounted, use ubifs mount to mount volume first! ubifsload - load file from an UBIFS filesystem Usage: ubifsload <addr> <filename> [bytes] - load file 'filename' to address 'addr' Wrong Image Format for bootm command ERROR: can't get kernel image! Saving Environment to SPI Flash... done UBIFS not mounted, use ubifs mount to mount volume first! ubifsload - load file from an UBIFS filesystem Usage: ubifsload <addr> <filename> [bytes] - load file 'filename' to address 'addr' Wrong Image Format for bootm command ERROR: can't get kernel image! ERROR: Ethernet external port not connected at bcmiproc_eth.c:125/bcmiproc_eth_open() Wrong Image Format for bootm command ERROR: can't get kernel image!" Thank you MMGS110EMX not tagging frames
I've had this switch for quite a while but haven't had a need to configure VLANs until now. I've started by moving all the ports to Vlan 2, and configuring ports 7 and 8 - part of an LACP bundle - as tagged interfaces . However, pcaps on my upstream router show that frames coming from the switch over the trunk do not have VLAN tags; it's receiving tagged frames from the router and processing those correctly, but there are no tags from frames coming from the switch seen by the router. Any ideas what to check that might be misconfigured? Configuration screenshots below: Pcap from upstream router shows untagged frames from the switch, while response is properly tagged:WAX210 Firmware 1.1.0.34 Bug – SSID Password Complexity Incorrectly Enforced
Hi everyone — I’m seeing what looks like a firmware regression on the WAX210 after updating to v1.1.0.34, and I want to report it in case others are affected. After updating, the AP now refuses to save any configuration changes (even unrelated ones like just renaming the Access Point). The UI throws this error: SSID1: SSID passphrase length must be between 8 and 63 characters, and contain at least one uppercase letter, one lowercase letter, one number, and one special symbol. This happens even when the SSID password is not edited at all. The AP loads the existing (valid) WPA2/WPA3 passphrase and flags it as invalid due to a complexity requirement that didn’t exist before. This appears to be the AP Login Password complexity policy being mistakenly applied to SSID passphrases, which contradicts the official manual. SSID passwords for WPA2/WPA3 should only require 8–63 characters. Reproduction Steps Update WAX210 to firmware 1.1.0.34 Log into the web interface Make any change (example: AP Name only) Click Apply The SSID password complexity error appears, even though SSID settings were untouched Impact. The AP cannot accept any configuration changes unless the SSID password is replaced with a much more complex passphrase. This forces a complete re-key of all connected devices. Expected Behavior Per the WAX210 User Manual, SSID passphrases should be valid with: 8 to 63 characters No requirements for uppercase/lowercase/digits/symbols Those rules worked correctly in previous firmware versions. Current Workaround Rolling back to firmware 1.1.0.25 or 1.1.0.20 fully resolves the issue. Request Can Netgear please confirm whether this is a regression in 1.1.0.34 and escalate to the firmware engineering team? This issue effectively prevents configuration of the device. I can provide: Screenshots of the error dialog A configuration backup A short video showing the issue Exact hardware revision and serial if needed Thanks in advance.
