Security Fixes:

• Fixes security vulnerabilities.

This firmware addresses security vulnerabilities. For more information about security vulnerabilities, visit https://www.netgear.com/about/security.

Known Issues:

• The BR500 UI cannot be reached through VPN, through a static route from a different subnet, or by LAN users from a VLAN other than the default management LAN (VLAN 1).
  Workaround: Access the local browser UI from the BR500 default management LAN.
• NAT loopback does not work in this release. NAT loopback is useful for accessing internal resources by public domain name.
  Workarounds: Use one of these workarounds:
  • Change device hosts file to map public domain name to local IP when working on the same subnet as a public server.
  • Use a separate DNS server that can handle accessing public resources from an internal network.
  • Downgrade to a previous released firmware with NAT loopback support.
• IPsec issues
  • Different IPsec policies (Rules) have to use the same Pre-Shared Key (PSK).
  • When applying the Disable, Enable, and Add IPsec policy features to a new routing table and firewall rules, an established IPsec connection briefly disconnects.
    Workaround: Change the IPsec policy only when a brief disconnect is acceptable.
  • NAT-T cannot be disabled with IPsec IKEv1.
  • Wrong subnet is displayed in the IPsec VPN log.
  • Some supported IPsec policies (Rules) are not available in the local browser UI.
    Workaround: Use Insight to choose from all supported policies.

• OpenVPN is missing the remote-cert-tls server in the client.opvn export.
  Workaround: If “No server certificate verification method has been enabled" error is shown in the Open VPN client status window, add a new line at the end of the client.ovpn configuration file with this text:
  remote-cert-tls server

• DHCP server max client limited to 254 addresses.
• DHCP reservation for non-default subnet may be lost after power cycle.
• IPv6 passthrough doesn't work.
• Unable to change name in IP/MAC Reservations or on Insight Cloud Portal.

• After the firmware update, GUI access through the Firefox browser is slow. The root cause of this issue is that Firefox does not update the certificate properly.
  Workaround: Remove all old BR500 certificates:
  1. Launch Firefox.
  2. Select Options > Privacy & Security.
  3. Scroll down to the Security section.
  4. Click the View Certificates button.
  5. Delete all certificates named www.routerlogin.net.

Download Link : https://www.downloads.netgear.com/files/GDC/BR500/BR500-FW-V5.10.0.5.zip

Firmware Update Instructions:

To preserve your current configuration, it is always a good practice to create a backup of your device settings before a firmware update.

To back up the BR500 configuration to the Insight Cloud:

1. Log in to your Insight account.
2. Find the BR500 in the Devices list.
3. Edit the BR500.
4. Select the Configuration Backup & Restore tab to create a configuration backup.

To back up settings from the local browser UI:

1. Log in to the BR500 UI.
2. Select Advanced > Backup Settings.

If the BR500 is connected to the Insight cloud, schedule or perform an update using the Insight app or through the Insight Cloud Portal.

To update the BR500 firmware from the local browser UI, follow the instructions in your product’s user manual. To view your product’s user manual, visit https://www.netgear.com/support/product/BR500.aspx#docs.

After updating to the latest firmware, make sure to update to the latest version of the NETGEAR Insight app for the best functionality and user experience.