NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Outbound traffic to Amazon space
Hello, I am wondering why my Orbi AC2200 unit (running latest firmware as of 2/23/2020, RBR20) is constantly making outbound connections to the Amazon space (52.0.0.0/11) over SSL/443. The home ...
The Orbi WiFi backhaul is a 5G radio link directly between the router and satellite. Since it is encrypted in a WiFi signal, I doubt very much that this traffic will be "capturable". (word?)
Re: the outbound 192.168.x.x address pings
In my logs since the day I installed the Orbi, i see one icmp outbound packet from the Orbi router per day to 192.168.100.1 which gets denied by my src:any dst:rfc1918 subnets rule. I am not sure where this comes from.
Btw, if you would like a complete list of URLs your Orbi devices are configured for, telnet to your router, and:
root@RBR20:~# grep -rw '/etc' -e 'https:'
Some of the domains are not related to our devices, however, a few more popped up in the config (I don't see these in the pcaps):
advisor.qa.arloxcld.com
registration.qa.ngxcld.com
presence.qa.ngxcld.com
registration.qa.ngxcld.com
updates.netgear.com
genieremote-qa.netgear.com
devcom-qa.up.netgear.com
arlo-device-staging.messaging.netgear.com
devicelocation.dev.ngxcld.com
devicelocation.qa.ngxcld.com
devicelocation.ngxcld.com
redmine.lighttpd.net
It probably won't hurt to block these as well.