New Features and Enhancements:

• 802.11r Fast Roaming – Allows wireless clients to roam seamlessly between APs belonging to the same Insight location. This feature is available only for access points operating in Insight management mode.
• WPA3 Enterprise Authentication – Provides greater security than WPA2. WPA3-Enterprise builds on WPA2 and ensures the consistent application of security protocols across the network. It makes use of Suite-B 192-bit security suite that is aligned with Commercial National Security Algorithm (CNSA) for enterprise network. As of now only GCMP-256 encryption is supported. This feature is available in Insight management mode and the local browser UI.
• OWE Transition Mode - Opportunistic Wireless Encryption (OWE), provides data confidentiality with encryption between an access point’s WiFi network (SSID) and its WiFi clients without using a password. When OWE Transition mode is enabled on a SSID with Open authentication, OWE-aware clients can connect to the hidden OWE SSID, while legacy clients continue using Open authentication. This feature is available in Insight management mode and the local browser UI.
• Load Balancing – You can now balance the load on each of the access point's radios. Choose whether to balance the load in terms of simultaneous client connections per radio, or on connections for client RSSI, or channel utilization. Optimum load balancing enables each radio participating in the SSID to responsively maintain speed and performance for WiFi clients as they associate and disassociate with access points while moving around in the SSID coverage area. This feature is available in Insight management mode and the local browser UI.
• Client isolation per location – When client isolation is enabled on an SSID, a connected client can communicate with the Internet, and with the gateway and DNS servers, but not with any other clients connected to the access point via the SSID or wired network. There is also an option on the VLAN profile to allow clients connected to a management VLAN SSID to access the local browser UI. Client isolation is disabled by default. This feature is available in Insight management mode and the local browser UI.
• DHCP Offer as Unicast and ARP Proxy – The access point can convert a DHCP offer broadcast to unicast. Unicast packets transmit at a higher data rate than broadcast packets to reduce airtime and enhance reliability. The ARP proxy inspects all ARP broadcast packets, with the access point serving as a proxy for its wireless clients. Both features are enabled by default. This feature is available in Insight management mode and the local browser UI.
• Broadcast to Unicast and IGMP Snooping – When enabled, the access point converts broadcast packets to unicast packets for a higher data rate, reduced airtime and enhanced reliability. Enable IGMP snooping to allow IP multicast packets to be converted to unicast and transmitted to an active wireless client listening to the multicast group. The option prevents flooding of multicast traffic to all the ports. This feature is available in Insight management mode and the local browser UI.
• Advanced Rate Selection – Use advanced rate selection to tune the management, control and data frames for a radio that supports one or more SSIDs. This feature helps improve the capacity of your WiFi network by choosing a suitable rate for management, control, and data frames, based on the WLAN environment. This feature is particularly helpful if the WLAN has many slower legacy clients. This feature is available in Insight management mode and the local browser UI.
• SNMP READ Configuration for Access Points - Expanded support for SNMP read community name configuration to include WiFi access points from the Insight app and Insight Cloud Portal.

Security Issues:

• Fixes security vulnerability issues.

For more information about security vulnerabilities, visit https://www.netgear.com/about/security.

Known Issues:

• Radio buttons are not visible during day zero configuration of the access point. The dashboard takes a longer time to load.
• Mac ACL feature does not work as expected when MAC Randomization is enabledfor the wireless clients. Workaround: Disable MAC Randomization on the clients.
• 802.11r based Fast Roaming fails for Samsung Galaxy S10 clients when connected to a WPA2-Enterprise SSID and Protected Management Frames (PMF) configuration is enabled. Workaround: Disable PMF configuration.
• Clients connecting to an SSID with both Client Isolation and URL Filtering enabled on a non-management VLAN cannot connect to the Internet. Workaround: Do not enable client isolation and URL filtering on the same SSID.
• Instant Captive Portal feature does not work for clients connected to a OWE SSID on a newly onboarded access point. Workaround: Re-apply Captive Portal configuration from Insight.
• Automatic changing Access Point mode between Root and Extender does not always work. Workaround: Use Insight to configure root or extender mode correctly.
• Issues in Insight Instant Mesh WiFi can cause the access point to operate on a non-optimum channel. Workaround: Configure the access point to use a static channel.
• Client connectivity and throughput-related interoperability issues can occur with certain Windows, Android and iOS client OS versions, or when WPA3/WPA2 mixed mode security is enabled on the SSID. Workaround: Upgrade to the latest available Windows/Android/iOS OS version, and update the WiFi client to the latest driver.
• Interoperability issues can occur with certain clients when Band Steering feature is enabled. Workaround: Disable this feature if client interoperability issues are observed.
• Some clients may not show the pop-up login screen when connected to the Instant Captive Portal SSID. Workaround: Launch a web browser and enter the URL for the captive portal authentication page into the browser's address field.
• Some special characters are not supported in Instant Captive Portal SSIDs. Workaround: We recommend against using special characters in the SSID name.
• While using the Facebook Wi-Fi feature, some iOS devices and Android devices might not display the Facebook Authentication page automatically. Workaround: The user can launch a web browser to display the Facebook Authentication page.
• After updating to a newer firmware version, the local browser interface may not show the latest changes. Workaround: Clear the web browser cache.
• WPA3 personal/WPA3 enterprise does not work with iPad mini. Workaround: Configure the security as WPA3 Personal Mixed (WPA3+WPA2) Security.

Firmware Update Instructions:

Download Link : https://www.downloads.netgear.com/files/GDC/WAC540/WAC564_540_firmware_V9.1.0.13.zip

To update your product’s firmware, follow the instructions in your product’s user manual. To find your user manual, visit https://www.netgear.com/support/, enter your model number in the search box, and click the Documentation button on the product page.