NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Outbound traffic to Amazon space
Hello, I am wondering why my Orbi AC2200 unit (running latest firmware as of 2/23/2020, RBR20) is constantly making outbound connections to the Amazon space (52.0.0.0/11) over SSL/443. The home ...
1qwerty1 wrote:A little more info here: www.netgear.com is being used as Internet good/disconnected status in the Orbi GUI, Basic -> Home. Allowing outbound ping to a FQDN object should be ok.
This would make for an interesting experiment. Block all outbound traffic originating from the Orbi (not "passing through") and see what the Home Page status display says. I have always wondered why the Home Page initially says, "Waiting" under Internet, and then changes to "Good". Silly me, I thought, "Don't you KNOW the internet connection is good already?" Maybe it has to connect, "just in case" before putting up a display.
Hi CrimpOn,
I actually did the exact thing you are asking - I had all oubound connections blocked for my Orbi device.The failed pings caused the GUI Home page to show that the Internet was down. In reality the Internet was up. I allowed the pings outbound anyway to keep the home page happy. The www.netgear.com site gets pinged once every 5 minutes.
My other pi-hole blacklisted sites are:
readycloud.netgear.com
readyshare.netgear.com
presence.ngxcld.com
registration.ngxcld.com
My box is also making outbound FTP connections every hour at hr:02. I will capture this traffic to determine the FQDN it is using.
The hourly outbound connections over FTP are going to updates1.netgear.com which I also blacklisted via pi-hole.
I would think that checking for updates should be only a thing done if a user logs into the UI or then goes tot he FW update section in the UI and selects check for FW updates from the server. Why is this a contant even happening.
Wondering if this is why some users post about there data plans being used up prematurely after Orbi was installed. :smileyfrustrated:
FURRYe38 wrote:I would think that checking for updates should be only a thing done if a user logs into the UI or then goes tot he FW update section in the UI and selects check for FW updates from the server. Why is this a contant even happening.
I agree this seems inefficient (checking frequently for months rather than when the user logs in). It may be a hold-over from the days when Netgear would silently push firmware updates to Orbi. And, since they (apparently) intend to do an auto push for "major" firmware updates (whatever that is, and if they EVER happen), then the Orbi has to check and not wait for the user to log in. I would think "once a week" would be plenty often, unless the firmware was an "urgent fix" to some zero day exploit.
Wondering if this is why some users post about there data plans being used up prematurely after Orbi was installed. :smileyfrustrated:
This one I doubt. Doing one http: "get" is at most a few hundred characters. Even a thousand times a day would not create gigabytes of data.
