NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Orbi RBR50
Basic question - why is there no secure login when I access my Orbi router? When I try to use HTTPS, it defaults to "non-secure." I don't want to change PW, etc. via a non-secure connection. What am...
In the Orbi AX routers there is an option under >> Advanced >> Advanced Settings that's called HTTPS where you can activate https.
I gues this was also introdcued in the original Orbi as well? I don't currently have access to my RBR50 router, can you please check. 🙂
ekhalil wrote:
In the Orbi AX routers there is an option under >> Advanced >> Advanced Settings that's called HTTPS where you can activate https.
I gues this was also introdcued in the original Orbi as well? I don't currently have access to my RBR50 router, can you please check. 🙂
Yes. It is on the Advanced Tab, Advanced Settings.
Web browsers will complain about the SSL certificate being self-signed. If you click the option to "go there anyway", the browser will remember and not complain again.
Web Services Management is there but grayed out.
I can't click on it to make the change.
Well, how fun. Remains there on my old RBR50, but grayed out on a newer AX. One would hope for at least a little consistency in the firmware.
The reason most of us are not hyper paranoid about the web administration not being SSL is because the communication takes place entirely within the LAN. It is technically possible for someone to snoop on a WiFi network and collect packets to crack the WPA2 encryption code. This article explains the process: https://www.howtogeek.com/202441/your-wi-fi’s-wpa2-encryption-can-be-cracked-offline-here’s-how/
Notice the comment that it may take "years" to crack a 20 character WiFi password. So, someone has to be close enough to snoop on your WiFi to gather a four-way authentication. Go off somewhere to try every possible password against it until they find one that works. Then return and sit collecting your WiFi traffic until you do something sensitive (like entering or changing the router password using http). Everything else that goes across the WiFi is probably SSL encrypted or video files.
In other words, I am a million times more paranoid about someone coming in and pyhsically stealing all my computer equipment than I am about someone nabbing a router password entry.
All that aside, I agree 100%. The option is there. Netgear should let the customer set the damn thing.
CrimpOn wrote:
Yes. It is on the Advanced Tab, Advanced Settings.
Web browsers will complain about the SSL certificate being self-signed. If you click the option to "go there anyway", the browser will remember and not complain again.
Before everyone rushed to turn on this option check that it will not break other stuff. Anywhere Access, for example, can die. Only this week we dug one poor soul out of that hellhole.
Go back to basics. Why do people insist on https? Because they are told that this is essential out in the wild world of the Internet. But when you access your router on our network, you aren't in that dangerous territory.
So, if you do turn that on and something else stops working, be prepared to reverse what you did.
