Netgear WAX204 operation manual

User Manual

WiFi 6 AX1800 Dual Band Wireless Access Point

Model WAX204

NETGEAR, Inc.

350 E. Plumeria DriveNovember 2020 San Jose, CA 95134, USA202-12147-01

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Support and Community

Visit netgear.com/support to get your questions answered and access the latest downloads.

You can also check out our NETGEAR Community for helpful advice at community.netgear.com.

Regulatory and Legal

Si ce produit est vendu au Canada, vous pouvez accéder à ce document en français canadien à https://www.netgear.com/support/download/.

(If this product is sold in Canada, you can access this document in Canadian French at https://www.netgear.com/support/download/.)

For regulatory compliance information including the EU Declaration of Conformity, visit https://www.netgear.com/about/regulatory/.

See the regulatory compliance document before connecting the power supply.

For NETGEAR’s Privacy Policy, visit https://www.netgear.com/about/privacy-policy.

By using this device, you are agreeing to NETGEAR’s Terms and Conditions at https://www.netgear.com/about/terms-and-conditions. If you do not agree, return the device to your place of purchase within your return period.

Trademarks

Revision History

CommentsPublish DatePublication Part

Number

First publication.November 2020202-12147-01

Chapter 1 Hardware Overview

Top panel with LEDs...........................................................................11

Back panel with ports, buttons, and a power connector...............13

Position the antennas for best WiFi performance..........................14

Access point label..............................................................................14

Chapter 2 Installation and Initial Log-in

About router mode and access point mode...................................16

Routing features enabled only in router mode..............................16

Set up the access point and complete the initial log-in process...17

Connect the access point to a modem and log in for the first

time..................................................................................................18

Connect the access point to a router and log in for the first

time..................................................................................................22

Get a registration key.........................................................................26

Find the IP address of the access point when you cannot use

routerlogin.net....................................................................................27

Find the IP address of the access point with the NETGEAR Insight

mobile app..........................................................................................29

Change the language........................................................................31

Connect a wired or WiFi device to the access point’s network after

installation...........................................................................................32

Connect to the access point through an Ethernet cable..........32

Use Wi-Fi Protected Setup to join the WiFi network.................33

Manually join the WiFi network....................................................33

Chapter 3 Manually Set Up Internet Settings

Use the Setup Wizard.........................................................................36

Manually set up the access point Internet connection [router

mode]...................................................................................................37

Specify a dynamic or fixed WAN IP address Internet connection

without a login [router mode]......................................................37

Specify a PPPoE Internet connection that uses a login [router

mode]..............................................................................................39

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Specify a PPTP or L2TP Internet connection that uses a login

[router mode].................................................................................41

IPv6 Internet connections and IPv6 addresses [router mode]......43

Use Auto Detect for an IPv6 Internet connection [router

mode]..............................................................................................44

Use Auto Config for an IPv6 Internet connection [router

mode]..............................................................................................46

Set up an IPv6 6to4 tunnel Internet connection [router mode].48

Set up an IPv6 6rd Internet connection [router mode].............49

Set up an IPv6 passthrough Internet connection [router

mode]..............................................................................................51

Set up an IPv6 fixed Internet connection [router mode]...........52

Set up an IPv6 DHCP Internet connection [router mode].........54

Set up an IPv6 PPPoE Internet connection [router mode]........56

Chapter 4 Basic WiFi and Radio Features

Set up or change an open or secure WiFi network........................59

Configure WPA and WPA2 Enterprise WiFi security with a RADIUS

server....................................................................................................63

Enable or disable a WiFi network.....................................................65

Hide or broadcast the SSID for a WiFi network..............................66

Manage client isolation for clients of the Wireless 2 or Wireless 3

network................................................................................................67

Manage access to LAN ports for clients of the Wireless 2 or Wireless

3 network.............................................................................................68

Manage SSID isolation for all WiFi networks...................................69

Enable or disable a WiFi radio..........................................................70

Use WPS to connect to the WiFi network........................................72

Use WPS with the push button method......................................72

Use WPS with the PIN method.....................................................73

Chapter 5 Security, Firewall, and Access Rules

Firewall WAN settings [router mode]..............................................76

Manage port scan protection and denial of service protection

[router mode].................................................................................76

Set up a default DMZ server [router mode]................................77

Manage IGMP proxying [router mode].......................................78

Manage NAT filtering [router mode]...........................................79

Manage the SIP application-level gateway [router mode].......80

Network access control lists..............................................................81

Enable and manage network access control..............................81

Add, remove or change a device on the the allowed list.........83

Add, remove or change a device on the blocked list...............84

Block specific Internet sites [router mode]......................................86

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Set up keyword and domain blocking [router mode]...............86

Remove a keyword or domain from the blocked list [router

mode]..............................................................................................88

Remove all keywords and domains from the blocked list [router

mode]..............................................................................................89

Block specific applications and services from the Internet [router

mode]...................................................................................................89

Add a service blocking rule for a predefined service or application

[router mode].................................................................................90

Add a service blocking rule for a custom service or application

[router mode].................................................................................91

Change a service blocking rule [router mode]..........................93

Remove a service blocking rule [router mode]..........................94

Assign a trusted device [router mode]............................................95

Schedule blocking [router mode]....................................................96

Set up security event email notifications.........................................97

Chapter 6 Optimize Performance

Enable QoS and automatically set the Internet bandwidth........100

Enable QoS and manually set the Internet bandwidth................101

Enable or disable the automatic update of the Performance

Optimization Database....................................................................102

Manage WiFi Multimedia (WMM) for a radio...............................103

Improve network connections with Universal Plug and Play [router

mode].................................................................................................105

Change the priority for a connected device [router mode]........106

Chapter 7 Network Settings

LAN IP address settings [router mode].........................................109

Change the LAN IP address and subnet settings [router

mode]............................................................................................109

Manage the DHCP server address pool [router mode]..........110

Disable the DHCP server [router mode]...................................112

Manage the Router Information Protocol settings [router

mode]............................................................................................113

Change the access point network device name..........................114

Reserved LAN IP addresses [router mode]...................................115

Reserve a LAN IP address [router mode]..................................115

Change a reserved LAN IP address [router mode].................116

Remove a reserved LAN IP address entry [router mode].......117

Static routes.......................................................................................118

Add an IPv4 static route..............................................................118

Change an IPv4 static route........................................................120

Remove an IPv4 static route.......................................................121

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Bridge port and VLAN tag groups [router mode]........................121

Set up a bridge for a port group [router mode]......................122

Set up a bridge for a VLAN tag group [router mode].............123

Change the MTU size [router mode].............................................125

Chapter 8 Maintain and Monitor

Update the firmware........................................................................129

Let the access point check for new firmware and update the

firmware........................................................................................129

Manually check for new firmware and update the firmware...131

Back up or restore the settings.......................................................133

Back up the access point settings..............................................133

Restore the access point settings..............................................134

Change the local device password................................................135

Change the password recovery questions for the local device

password...........................................................................................136

Recover the local device admin password....................................137

Factory default settings...................................................................138

Use the dual-function Reset button to return to factory

defaults..........................................................................................138

Use the local browser UI to return to factory defaults.............140

Time and Network Time Protocol server.......................................142

Manually set the time zone and adjust the daylight saving

time................................................................................................142

Change the Network Time Protocol server..............................143

Logs....................................................................................................144

Specify which activities the access point logs..........................144

View, send, or clear the logs......................................................145

Status and statistics..........................................................................146

Display information about the Internet port, access point, and

WiFi settings [router mode]........................................................146

Display information about the LAN port, access point, and WiFi

settings [access point mode]......................................................149

Check the Internet connection status........................................151

Display the Internet port statistics.............................................153

Display the devices currently on the access point network and

change device information.........................................................154

Traffic meter [router mode].............................................................157

Start the traffic meter without traffic restrictions [router mode].158

Restrict Internet traffic by volume [router mode].....................159

Restrict Internet traffic by connection time [router mode].....160

View the Internet traffic volume and statistics [router mode].162

Unblock the traffic meter after the traffic limit is reached [router

mode]............................................................................................163

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Change the system mode to access point mode or to router

mode..................................................................................................164

Disable LED blinking or turn off LEDs............................................166

Chapter 9 Dynamic DNS [Router Mode]

About Dynamic DNS [router mode]...............................................168

Set up a new Dynamic DNS account [router mode]....................168

Use an existing Dynamic DNS account [router mode]................169

Change the Dynamic DNS account settings [router mode].......171

Chapter 10 VPN Client [Router Mode]

About setting up the access point as a VPN client [router mode].173 Enable the VPN client in the access point and connect to a VPN

server [router mode]........................................................................174

Disconnect the access point from the VPN server [router mode].176

Chapter 11 VPN Server and Service with OpenVPN[Router Mode]

Enable and configure OpenVPN and VPN client access on the access

point [router mode]..........................................................................178

OpenVPN client utility and VPN configuration files [router

mode].................................................................................................179

Install OpenVPN on a Windows-based computer [router

mode]............................................................................................180

Install OpenVPN on a Mac [router mode]................................181

Install OpenVPN on an iOS device [router mode]...................182

Install OpenVPN on an Android device [router mode]..........183

About setting up an OpenVPN connection [router mode].........184

About VPN access to your network or Internet service at your office

or home [router mode]....................................................................185

Use a VPN tunnel to remotely access your Internet service [router

mode].................................................................................................186

Chapter 12 Advanced WiFi and Radio Features

Change the region of operation.....................................................188

Manage 802.11ax and enable or disable OFDMA for a radio....189

Enable or disable smart connect for the access point.................190

Enable or disable 20/40 MHz coexistence for the 2.4 GHz radio.192

Change the channel for a radio......................................................193

Change the WiFi throughput mode for a radio............................194

Change the transmission output power for a radio.....................196

Add a WiFi schedule for a radio.....................................................197

Enable or disable MU-MIMO..........................................................199

Enable or disable explicit beamforming.......................................200

Enable or disable PMF.....................................................................201

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Set up access point as a WiFi Bridge to another device.............202

Change the CTS/RTS threshold and preamble mode for a radio.205

Chapter 13 Port Forwarding and Port Triggering [Router Mode]

Port forwarding to a local server for services and applications [router

mode].................................................................................................208

Forward incoming traffic for a default service or application

[router mode]...............................................................................208

Add a port forwarding rule for a custom service or application

[router mode]...............................................................................209

Change a port forwarding rule [router mode].........................211

Remove a port forwarding rule [router mode].........................212

How the access point implements a port forwarding rule [router

mode]............................................................................................213

Application example: Make a local web server public [router

mode]............................................................................................213

Port triggering for services and applications [router mode]......214

Add a port triggering rule [router mode].................................214

Change a port triggering rule [router mode]...........................216

Remove a port triggering rule [router mode]..........................217

Specify the time-out for port triggering [router mode]..........218

Disable port triggering [router mode]......................................219

Application example: Port triggering for Internet Relay Chat

[router mode]...............................................................................220

Chapter 14 Diagnostics and Troubleshooting

Reboot the access point from the local browser UI.....................222

Quick tips for troubleshooting.......................................................223

Restart your access point network if in router mode...............223

Restart your access point when in access point mode...........223

Check the Ethernet cable connections.....................................223

Check the WiFi settings of your computer or mobile device..223

Check the DHCP network settings of your computer or mobile

device............................................................................................224

Standard LED behavior when the access point is powered on...225

Troubleshoot with the LEDs............................................................225

Power LED is off...........................................................................225

Power LED does not turn green.................................................226

Internet LED is solid amber or off [router mode].....................226

Internet LED is solid amber or off [access point mode]..........227

WiFi LED is Off..............................................................................227

The LAN LED is off while a device is connected......................228

You cannot log in to the access point............................................228

You cannot log in to the access point [router mode]..............228

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

You cannot log in to the access point [access point mode]....229

You cannot access the Internet [router mode].............................231

Check the Internet WAN IP address [router mode]................231

Check or manually start the PPPoE connection [router mode].233

Troubleshoot Internet browsing.....................................................234

Troubleshoot the WiFi connectivity...............................................235

Changes are not saved....................................................................236

Troubleshoot your network using the ping utility of your computer

or mobile device...............................................................................236

Test the LAN path from a Windows-based computer to the access

point..............................................................................................237

Test the path from a Windows-based computer to a remote

device [router mode]...................................................................238

Appendix A Factory Default Settings and Technical Specifications

Factory default settings...................................................................240

Technical specifications...................................................................242

Appendix B Positioning and Wall-Mounting

Position the access point.................................................................245

Wall-mount the access point...........................................................246

Hardware Overview

The WiFi 6 AX1800 Dual Band Wireless Access Point Model WAX204, in this manual referred to as the access point, supports 802.11ax high performance WiFi connectivity and dual-band concurrent operation at 2.4 GHz and 5 GHz with a combined throughput of 1.8 Gbps (600 Mbps at 2.4 GHz and 1200 Mbps at 5 GHz). The access point is designed to function standalone in a small office network or home network.

You can use the access point in its default router mode with its router features enabled, directly connected to the Internet, for example through a modem. You can also use the access point in access point mode with its router features disabled, connected to an existing router in your network.

The chapter contains the following sections:

• Top panel with LEDs

• Back panel with ports, buttons, and a power connector

• Position the antennas for best WiFi performance

• Access point label

Note: For more information about the topics that are covered in this manual, visit the support website at netgear.com/support/.

Note: Firmware updates with new features and bug fixes are made available from time to time at netgear.com/support/download/. You can check for and download new firmware manually. If the features or behavior of your product does not match what is described in this manual, you might need to update the firmware.

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Top panel with LEDs

The five status LEDs are located on the top panel of the access point. From left to right, the top panel contains the Power LED, Internet LED, WiFi LED, LAN LED, and WPS LED.

Figure 1. Top panel with LEDs

User Manual11Hardware Overview

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Table 1. LED descriptions

DescriptionLED

Power

Internet

WiFi

LAN

Solid green. The access point is ready. Solid amber. The access point is starting or upgrading firmware. Blinking amber. The access point was reset to factory default settings and is restarting.

For more information about resetting the access point to factory default settings, see Factory default settings on page 138. Blinking red. The firmware is corrupted and the access point cannot start. For more information, see Power LED does not turn green on page 226.

Off. Power is not supplied to the access point.

Solid green. An Internet connection is established. Blinking green. The Internet port is sending or receiving traffic. Solid amber. The access point cannot get an Internet connection. For more information,

see Internet LED is solid amber or off [router mode] on page 226 (router mode is the default system mode) or Internet LED is solid amber or off [access point mode] on page

227. Blinking alternating green and amber. If the traffic meter is enabled, the traffic limit is reached. Fore more information, see Unblock the traffic meter after the traffic limit is reached [router mode] on page 163. Off. No Internet connection exists, for example, because no cable is inserted in the Internet port.

Solid green. One or both WiFi radios are operating. Blinking green. One or both WiFi radios are sending or receiving traffic. Off. Both WiFi radios are off. For more information, see WiFi LED is Off on page 227.

Solid green. One or more LAN ports are connected to powered-up devices. Blinking green. One or more LAN ports are sending or receiving traffic. Solid amber. One or more LAN ports function at 10 or 100 Mbps speed and are

connected to powered-up devices. Blinking amber. One or more LAN ports are sending or receiving traffic at 10 or 100 Mbps speed. Off. None of the LAN ports is connected to a device.

WPS

Solid green. WPS is available. Blinking green. The WPS button was pressed. For two minutes, the access point

attempts to find the WiFi device (that is, the client) that can join the access point Wireless 1 network. For more information, see Use Wi-Fi Protected Setup to join the WiFi network on page 33. Off. WPS is disabled.

User Manual12Hardware Overview

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Back panel with ports, buttons, and a power connector

The back panel of the access point provides ports, buttons, and a DC power connector.

Figure 2. Back panel

Viewed from left to right, the back panel contains the following components:

WPS button. Press the WPS button to join the access point’s WiFi network without

• typing the WiFi password. For more information, see Use Wi-Fi Protected Setup to join the WiFi network on page 33.

Internet port. One Internet (WAN) port (yellow) to connect the access point to a

• modem or existing router in your network:

- Connect to a modem. Connect the Internet port directly to a modem. The modem

must provide an Internet connection to the access point. For more information about this setup, in which the access point must function in its default router mode, see Connect the access point to a modem and log in for the first time on page 18.

- Connect to a router. Connect the Internet port directly to a router in your network,

or to a switch or hub that is connected to the router. For more information about this setup, in which the access point must function in access point mode, see Connect the access point to a router and log in for the first time on page 22.

User Manual13Hardware Overview

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

LAN ports 1 through 4. Four Gigabit Ethernet RJ-45 LAN ports numbered LAN 1

• through LAN 4 to connect the access point to Ethernet devices such as a computer

and a switch.

Reset button. Press the Reset button to reset the access point to factory default

• settings. For more information, see Use the dual-function Reset button to return to factory defaults on page 138.

DC power connector. Connect the power adapter that came in the product package

• to the DC power connector.

Position the antennas for best WiFi performance

You can swivel the three access point antennas in any direction. For best WiFi performance, we recommend that you experiment with various antenna positions. For example, you could position the center antenna vertically and aim the other two antennas outward at 45-degree angles.

Access point label

The access point label on the bottom panel of the access point shows the default login information, default WiFi network name (SSID), default WiFi passphrase, serial number and MAC address of the access point, and other information.

Figure 3. Access point label

User Manual14Hardware Overview

Installation and Initial Log-in

This chapter describes how you can install and access the access point in your network and go through the initial log-in process. By default, the access point is in router mode. You can also change the mode to access point mode.

IMPORTANT: To obtain full and unlimited access to access point, you must register the access point. You can do so by accessing your NETGEAR account and obtaining a registration key. However, the easiest way to register your access point is to connect it to the Internet, go though the initial log-in process, also referred to as single sign-on (SSO), and log in with a NETGEAR account. (You can create an account during the log-in process.)

Note: When you log in to the access point, you connect to the local browser user interface (UI).

The chapter contains the following sections:

• About router mode and access point mode

• Routing features enabled only in router mode

• Set up the access point and complete the initial log-in process

• Get a registration key

• Find the IP address of the access point when you cannot use routerlogin.net

• Find the IP address of the access point with the NETGEAR Insight mobile app

• Log in to the access point after initial setup

• Change the language

• Connect a wired or WiFi device to the access point’s network after installation

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

About router mode and access point mode

Before you set up the access point, decide whether you will use the access point in its default router mode or in access point mode:

Router mode. By default, the access point is in router mode so that you can connect

• it directly to a modem such as a cable or DSL modem. In router mode, the access

point functions as both a router for Internet access and a WiFi access point. The access point receives its IP address settings from your Internet service provider (ISP) and delivers IP address settings to its WiFi and LAN clients.

Access point mode. You can also connect the access point to an existing router in

• your network and, after you log in, change the system mode to access point mode. The router must support a DHCP server, or another DHCP server must be present in the network, so that an IP address is assigned to the access point and its clients and Internet access is provided. Another option is to assign the access point and its clients static IP addresses, but using DHCP is easier.

In access point mode, the access point functions as a WiFi access point only and its router functions are disabled. For example, routing services such as NAT and the DHCP server are disabled.

For more information about the routing features, see Routing features enabled only in router mode on page 16.

Routing features enabled only in router mode

The access point can function in router mode (its default system mode) or in access point mode.

The following routing features are enabled in router mode but disabled in access point mode:

Internet settings, including an IP address issued through dynamic DHCP (the default

• setting), a manually specified static IP address, an IP address issued through PPPoE,

L2TP, or PPTP, and various ways to implement an IPv6 address.

WAN settings, including routing services such as NAT.

•

LAN settings, including a DHCP server.

•

QoS settings.

•

User Manual16Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Internet security settings, including the option to block sites and services, and the

• option to set up port forwarding and port triggering rules.

VPN service and VPN client.

•

Internet traffic meter.

•

Bridge port and VLAN tag groups.

•

Changing the priority for an attached device.

•

For information about changing the system mode after initial setup, Change the system mode to access point mode or to router mode on page 164.

The system mode affects how you can reach the access point local browser UI:

Router mode. Enter http://www.routerlogin.net in the address field of your

• browser.

In router mode, you always connect directly to the access point.

Access point mode. The method to reach the local browser UI depends on how

• you connect to the access point:

Directly connected. Enter http://www.routerlogin.net in the address field of your browser. One exception exists: If you assigned a static IP address to the access point, you must use that IP address to reach the local browser UI.

Connected over your network. In the address field of your browser, enter the IP address that your existing router or DHCP server assigned to the access point. For more information, see Find the IP address of the access point when you cannot use routerlogin.net on page 27.

Set up the access point and complete the initial log-in process

When you connect the access point to the Internet and complete the initial log-in process, also referred to as single sign-on (SSO), the following are required in most situations:

Default router mode. The access point must be in its default router mode.

•

Internet connection. The access point must connect to the Internet through a modem

• or through an existing router in your network.

Registration. To get full and unlimited access to the local browser UI, you must log

• in with either a NETGEAR account or a registration key. If you do not have a NETGEAR

account, you can create one during the initial log-in process. For information about getting a registration key, see Get a registration key on page 26.

User Manual17Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Before you register the access point, you can access the local browser UI of the access point by using your new local device password (you must specify it during the initial log-in process), for either restricted access or full access for a limited time. Before you register the switch with your NETGEAR account, you can use one of the following options:

Access limited features. Select the option to access a restricted menu of the local

• browser UI without time limitations. You can do so by using the local device password to get access to limited features such updating the firmware, uploading or downloading the configuration file, and restarting the access point.

Temporarily access all features. Select the option to temporarily access the full

• menu of the local browser UI. You can do so by using the local device password, but you get full access three times only. During a temporary full access session, you can configure and manage all features and settings in the local browser UI.

Note: During a temporary access session, if the session is inactive for 60 minutes, you are automatically logged out from the local browser UI. However, the session still counts as one of three temporary access sessions.

For more information about connecting the access point to the Internet and completing the initial log-in process, see one of the following sections:

Connect the access point to a modem and log in for the first time on page 18

•

Connect the access point to a router and log in for the first time on page 22

•

Connect the access point to a modem and log in for the first time

When you set up the access point and connect it to your modem, the following applies, depending on the type of WAN connection your modem uses:

Dynamic DHCP. If the type of WAN connection is dynamic DHCP, the access point

• automatically receives an IP address from your Internet service provider (ISP) and you do need to provide any IP address information. This type of WAN connection is the most common.

PPPoE, L2TP, or PPTP, or static IP address. If the type of WAN connection is PPPoE,

• L2TP, or PPTP, or your Internet connection requires a static IP address, you must

follow the prompts during the setup process and provide the required information for the Internet connection.

Note: If you are not sure which type of WAN connection your Internet service uses, contact your ISP before you start the following procedure.

User Manual18Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Figure 4. Connect the access point in default router mode to your modem

To connect the access point to a modem and log in to the local browser UI for the first time:

Unplug your modem’s power, leaving the modem connected to the wall jack for your Internet service.

If the modem uses a battery backup, remove the battery.

3. Connect the Ethernet cable to the yellow Internet port on the access point.

Connect the other end of the cable to a LAN port on your modem.

If the modem uses a battery backup, put the battery back in.

6. Plug in and turn on the modem.

7. Power on the access point and check to see that the LEDs light.

DescriptionLED

Power

Internet

When you turn on the access point, the Power LED lights solid red for about five seconds

and then turns solid amber. After about 90 seconds, the Power LED lights solid green.

The Internet LED lights solid green or blinks green when the Internet connection is

established.

Note: The Internet connection is established after you access the local browser UI during

the Setup Wizard process. If the Internet LED remains off or solid amber and does not

turn solid green or blinking green, see Internet LED is solid amber or off [router mode]

on page 226.

The WiFi LED lights solid green or blinks green.WiFi

User Manual19Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Connect over WiFi. On a WiFi-enabled computer or mobile device, find and

•

connect to the access point’s WiFi network (SSID). The default SSID and WiFi password (network key) are printed on the access point label.

Connect over Ethernet directly to the access point. Using an Ethernet cable,

•

connect the LAN port on your computer directly to any of the four LANs port on the access point.

Launch a web browser and enter http://www.routerlogin.net in the address field. The Setup Wizard starts.

If the Setup Wizard does not start, see You cannot log in to the access point [router mode] on page 228.

10. Follow the prompts. Note the following:

Trouble connecting to the Internet? If the access point does not connect to the

•

Internet, see Troubleshoot Internet browsing on page 234.

WAN connection type. If the WAN connection is PPPoE, L2TP, or PPTP, or your

•

Internet connection requires a static IP address, during the Setup Wizard Process, provide the required information for the Internet connection when the Smart Setup Wizard prompts you for the information.

New admin password. During the Setup Wizard process, you must specify a

•

new admin password (the local device password) and specify answers to two security questions (you can choose the questions).

Firmware update. During the Setup Wizard process, you can update the firmware

•

(if new firmware is available). Depending on the configuration, the access point might need to restart, you might need to log in again to continue the Setup Wizard process, or you might need to do both.

Browser security message. During the Setup Wizard process, your browser will

•

most likely display a security message. You can either ignore this message or install the security certificate. Consider the following examples:

Google Chrome. If Google Chrome displays a Your connection is not private message, click the ADVANCED link. Then, click the Proceed to x.x.x.x (unsafe) link, in which x.x.x.x represents the IP address of the switch.

Apple Safari. If Apple Safari displays a This connection is not private message, click the Show Details button. Then, click the visit this website link. If a warning pop-up window displays, click the Visit Website button. If another pop-up window displays to let you confirm changes to your certificate trust

User Manual20Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

settings, enter your Mac user name and password and click the Update Setting button.

Mozilla Firefox. If Mozilla Firefox displays a Your connection is not secure message, click the ADVANCED button. Then, click the Add Exception button. In the pop-up window that displays, click the Confirm Security Exception button.

Microsoft Internet Explore. If Microsoft Internet Explorer displays a There is a problem with this website’s security certificate message, click the Continue

to this website (not recommended) link.

Microsoft Edge. If Microsoft Edge displays a There is a problem with this website’s security certificate message or a similar warning, select Details >

Go on to the webpage.

When the Setup Wizard is finished, the Register to unlock all features page displays.

11.

•

button and follow the prompts. Either use your existing NETGEAR account or create a new free NETGEAR account.

•

registration key on page 26), click the Enter Registration Key and enter the key.

Access limited features. Click the Skip Registration and Access Limited

•

Features button to get access to a restricted menu of the local browser UI without time limitations. (For more information, see Set up the access point and complete the initial log-in process on page 17.) The password that you must enter is your new local device password.

Temporarily access all features. Click the Skip Registration and Temporarily

•

Access All Features button to get access to the full menu of the local browser UI, but you get this access three times only. (For more information, see Set up the access point and complete the initial log-in process on page 17.) The password that you must enter is your new local device password.

12. Log in again to the local browser UI by entering your new local device password. This is the password that you specified during the Setup Wizard process.

The BASIC Home page displays.

The Home page displays various panes that let you see the status of your access point at a glance. You can now configure and monitor the access point.

User Manual21Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Connect the access point to a router and log in for the first time

The easiest way to use the access point in access point mode is to connect it to an existing router in your network, either directly, or through a switch or hub (almost any router functions as a DHCP server). If your network includes an independent DHCP server, connect the access point to a switch or hub that is connected to the DHCP server.

Only after you complete the initial log-in process, can you change the system mode to access point mode.

Figure 5. Connect the access point to an existing router in your network

To connect the access point directly to an existing router in your network and log in to the local browser UI for the first time:

1. Connect an Ethernet cable to the yellow Internet port on the access point.

Connect the other end of the cable to a LAN port on your network router. Your network router must support a DHCP server so that it assigns an IP address to

the access pointand its clients and provides Internet access.

3. Power on the access point and check to see that the LEDs light.

User Manual22Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

DescriptionLED

Power

Internet

Connect over WiFi. On a WiFi-enabled computer or mobile device, find and

•

When you turn on the access point, the Power LED lights solid red for about five seconds

and then turns solid amber. After about 90 seconds, the Power LED lights solid green.

The Internet LED lights solid green or blinks green when the Internet connection is

established.

Note: The Internet connection is established after you access the local browser UI during

the Setup Wizard process. If the Internet LED remains off or solid amber and does not

turn solid green or blinking green, see Internet LED is solid amber or off [access point

mode] on page 227.

The WiFi LED lights solid green or blinks green.WiFi

connect to the access point’s WiFi network (SSID). The default SSID and WiFi password (network key) are printed on the access point label.

Connect over Ethernet directly to the access point. Using an Ethernet cable,

•

connect the LAN port on your computer directly to any of the four LANs port on the access point.

Launch a web browser and enter http://www.routerlogin.net in the address field. The Setup Wizard starts.

If the Setup Wizard does not start, see You cannot log in to the access point [access point mode] on page 229.

6. Follow the prompts. Note the following:

Trouble connecting to the Internet? If the access point does not connect to the

•

Internet, see Troubleshoot Internet browsing on page 234.

WAN connection type. If the WAN connection is PPPoE, L2TP, or PPTP, or your

•

New admin password. During the Setup Wizard process, you must specify a

•

new admin password (the local device password) and specify answers to two security questions (you can choose the questions).

User Manual23Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Firmware update. During the Setup Wizard process, you can update the firmware

•

Browser security message. During the Setup Wizard process, your browser will

•

most likely display a security message. You can either ignore this message or install the security certificate. Consider the following examples:

Microsoft Internet Explore. If Microsoft Internet Explorer displays a There is a problem with this website’s security certificate message, click the Continue

to this website (not recommended) link.

Microsoft Edge. If Microsoft Edge displays a There is a problem with this website’s security certificate message or a similar warning, select Details >

Go on to the webpage.

When the Setup Wizard is finished, the Register to unlock all features page displays.

•

button and follow the prompts. Either use your existing NETGEAR account or create a new free NETGEAR account.

•

registration key on page 26), click the Enter Registration Key and enter the key.

Access limited features. Click the Skip Registration and Access Limited

•

Features button to get access to a restricted menu of the local browser UI without time limitations. (For more information, see Set up the access point and complete

User Manual24Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

the initial log-in process on page 17.) The password that you must enter is your new local device password.

Temporarily access all features. Click the Skip Registration and Temporarily

•

8. Log in to the local browser UI again by entering your new local device password. This is the password that you specified during the Setup Wizard process.

The BASIC Home page displays.

9. To change the system mode to access point mode, select ADVANCED > Advanced Setup > Router / AP / Bridge Mode, and continue with the following steps.

The Router / AP / Bridge Mode page displays.

10. Select the AP Mode radio button. We recommend that you leave the Get dynamically from existing access

point/router button selected to let the access point get an IP address dynamically from the existing router in your network.

11. Click the Apply button, and in the pop-up window that displays, click the OK button. Your settings are saved and the access point is reconfigured in access point mode.

The routing functions of the access point are disabled. Do not close the browser page.

12. Log back in to the access point. For more information, see Step 4.

If your browser web page does not show the login window, you might need to enter the new IP address of the access point in the address field. For more information, see Find the IP address of the access point when you cannot use routerlogin.net on page 27.

13.

If your browser displays a security message again, see the information in Step 6.

14.

Find the new IP address of the access point in the local browser UI by doing the following:

a. Select ADVANCED > ADVANCED Home.

The ADVANCED Home page of the access point displays. The LAN Port pane shows the IP address that is now assigned to the access point.

Save the LAN IP address of the access point for later use.

User Manual25Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

You must use this IP address if you plan to connect to the same network as the access point but not directly to the access point network. If you are directly connected to the access point network, you can use http://www.routerlogin.net.

15.

Clear the cache of your browser. In access point mode, the access point functions with different IP address settings

than in router mode. Clearing the cache of your browser might prevent website connectivity problems.

If you experience connectivity problems, see one of the following sections:

You cannot log in to the access point [access point mode] on page 229

•

Troubleshoot Internet browsing on page 234

•

Get a registration key

After you register the access point with NETGEAR, you can get a registration key to unlock full access to the local browser UI. When you enter the registration key to access the local browser UI, the access point can be connected to the Internet but does not need to be for you to configure the features.

This procedure describes how you can visit my.netgear.com, log in to your NETGEAR account, register the access point using its serial number, and get a registration key. If you do not have a free NETGEAR account, you can create one.

Note: You can also use the NETGEAR Insight app to get a registration key. For more information, visit kb.netgear.com/000061819/How-do-I-find-my-NETGEAR-registration-key.

To get a registration key:

1. From a computer or mobile device that is connected to the Internet, visit my.netgear.com.

2. Log in to your NETGEAR account. If you do not have a free NETGEAR account, you can create one.

The My Products page displays.

From the menu on the left, select Register a Product. The Register a Product page displays.

In the Serial Number field, enter the serial number of the access point.

User Manual26Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

The serial number consists of 13 digits. The serial number is printed on the access point label.

From the Date Of Purchase menu, select the date that you purchased the access point.

6. Click the REGISTER button. The access point is registered with NETGEAR.

An confirmation email that includes the registration key is sent to your NETGEAR account email address.

If the My Products page does not display, click My Product from the menu.

Select the radio button for the newly registered access point.

9. Scroll down and click the VIEW REGISTRATION KEY button. A pop-up window with the registration key displays.

Find the IP address of the access point when you cannot use routerlogin.net

Under the following circumstances, when the access point is in access point mode, you cannot use http://www.routerlogin.net to log in to the access point:

Your computer or mobile device is not directly connected to the access point network

• even it is on the same network as the access point.

Your computer or mobile device is directly connected to the access point, but the

• access point is using a static IP address.

Note: If the access point can reach its DNS server only over the Internet (for example, the IP address of the DNS server is 8.8.8.8), you cannot use http://www.routerlogin.net. However, if the DNS server is the IP address of the router to which the access point connects but the router’s Internet connection is down, you can use http://www.routerlogin.net because the access point can still reach the router.

Your network includes another NETGEAR device that is also accessible by using

•

http://www.routerlogin.net. In such a situation, if you use http://www.routerlogin.net, you might log in to the access point or you might log

in to the other NETGEAR device, depending on your network situation.

User Manual27Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

In these situations, use the IP address that was assigned to the access point by your existing router during the setup process (see Connect the access point to a router and log in for the first time on page 22) to log in to the local browser UI of the access point.

If you do not know the IP address that was assigned to the access point, use one of the following options to find the IP address of the access point:

Only if the access point is connected to the Internet, do one of the following:

•

- Option 1. Temporarily connect directly and log in. Temporarily connect a

computer directly either through an Ethernet cable or over WiFi or a mobile device over WiFi to the access point and do the following:

Open a web browser from a computer or mobile device that is directly connected to the access point network.

Enter http://www.routerlogin.net in the address field.

3. Click the Login button. The NETGEAR Account Login page displays.

4. Enter your registered email address and password and click the Login button. The BASIC Home page displays.

5. Select ADVANCED. The ADVANCED Home page displays

6. In the LAN Port pane, click the CONNECTION STATUS button. The IP Address field displays the IP address that is assigned to the access point.

- Option 2. Temporarily connect directly and ping the access point. Temporarily connect a computer or mobile device directly through an Ethernet cable or over WiFi to the access point and send a ping to http://www.routerlogin.net. How to send a ping depends on your computer or mobile device. On your computer or mobile device, the field with the ping results displays the IP address that is assigned to the access point.

Regardless of whether the access point is connected to the Internet, do one of the

• following:

- Option 1. Use the NETGEAR Insight mobile app. To use the NETGEAR Insight

mobile app to discover the IP address of the access point in your network, do the following:

On your iOS or Android mobile device, go to the app store, search for NETGEAR Insight, and download and install the app.

2. Connect your mobile device to the access point WiFi network.

User Manual28Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

3. Open the NETGEAR Insight mobile app.

4. Tap LOG IN to log in to your NETGEAR account, which is the same account that you logged into or created during the initial log-in process. After you log in to your account, the IP address of the access point displays in the device list.

- Option 2. Access your modem or existing router. Access the DHCP server information of your modem or existing router to see the devices that are connected to it, including the access point. The IP address that is assigned to the access point is listed.

- Option 3. Use an IP scanner. Use an IP scanner application (they are available free of charge on the Internet) in the network of your existing router. The IP scanner results include the IP address that is assigned to the access point.

If you made a direct connection to the access point, you can now terminate that connection. Connect your computer or mobile device to the same network as the access point, and use the discovered IP address to log in to the access point.

Find the IP address of the access point with the NETGEAR Insight mobile app

The NETGEAR Insight mobile app lets you discover the access point in your network.

Note: Although you can use the NETGEAR Insight mobile app to register the access point, the access point is already registered automatically after the initial log-in process.

To use the NETGEAR Insight mobile app to discover the access point in your network:

On your iOS or Android mobile device, go to the app store, search for NETGEAR Insight, and download and install the app.

2. Connect your mobile device to the access point WiFi network.

3. Open the NETGEAR Insight mobile app.

4. Tap LOG IN to log in to your existing NETGEAR account, which is the same account that you logged into or created during the initial log-in process.

After you log in to your account, the IP address of the access point displays in the device list.

Save the IP address for future use.

User Manual29Installation and Initial Log-in

WiFi 6 AX1800 Dual Band Wireless Access Point WAX204

Log in to the access point after initial setup

After initial setup, the access point is ready for use and you can change the settings and monitor the traffic.

When you enter the IP address that is assigned to the access point and you use http, the browser automatically redirects your request to https. If you did not yet install the access point’s security certificate, your browser might display a security message. You can either ignore this message or install the security certificate. Consider the following examples:

Google Chrome. If Google Chrome displays a Your connection is not private

• message, click the ADVANCED link. Then, click the Proceed to x.x.x.x (unsafe) link, in which x.x.x.x represents the IP address of the switch.

Apple Safari. If Apple Safari displays a This connection is not private message, click

• the Show Details button. Then, click the visit this website link. If a warning pop-up window displays, click the Visit Website button. If another pop-up window displays to let you confirm changes to your certificate trust settings, enter your Mac user name and password and click the Update Setting button.

Mozilla Firefox. If Mozilla Firefox displays a Your connection is not secure message,

• click the ADVANCED button. Then, click the Add Exception button. In the pop-up

window that displays, click the Confirm Security Exception button.

Microsoft Internet Explore. If Microsoft Internet Explorer displays a There is a

•

problem with this website’s security certificate message, click the Continue to this website (not recommended) link.

Microsoft Edge. If Microsoft Edge displays a There is a problem with this website’s

•

security certificate message or a similar warning, select Details > Go on to the webpage.

To log in to the access point’s local browser UI after initial setup:

Launch a web browser from a computer or mobile device that is connected to the access point network.

A direct connection to the access point network, which is the most common type of setup, can be through WiFi or over Ethernet:

WiFi. A connection from a computer or mobile device to a WiFi network on the

•

access point.

Ethernet. A connection from a computer over an Ethernet cable to one of the

•

LAN ports on the access point, either with or without a switch or hub between the computer and the access point.

Enter http://www.routerlogin.net in the address field.

User Manual30Installation and Initial Log-in

+ 216 hidden pages

Netgear WAX204 operation manual

Contents

Hardware Overview

Top panel with LEDs

Back panel with ports, buttons, and a power connector

Position the antennas for best WiFi performance

Access point label

Installation and Initial Log-in

About router mode and access point mode

Routing features enabled only in router mode

Set up the access point and complete the initial log-in process

Connect the access point to a modem and log in for the first time

Connect the access point to a router and log in for the first time

Get a registration key

Find the IP address of the access point when you cannot use routerlogin.net

Find the IP address of the access point with the NETGEAR Insight mobile app

Log in to the access point after initial setup