NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

rmversluis's avatar
rmversluis
Aspirant
Apr 03, 2025

RBR50 no longer finds orbilogin.com after "https only" option is selected

RBR50 router software (firmware version v2.7.5.6) no longer finds orbilogin.com after "https" option is selected in security tab - now what?  Because I clicked on "https only" it is looking for https://orbilogin.com but cannot find such url.  How do I get back in to the orbi router software to undo this unfortunate act.  

6 Replies

  • CrimpOn's avatar
    CrimpOn
    Guru - Experienced User
    Apr 03, 2025

    Try the gateway IP address, which is usually 192.168.1.1

      • CrimpOn's avatar
        CrimpOn
        Guru - Experienced User
        Apr 03, 2025
        rmversluis wrote:

        Netgear owns the orbilogin.com domain, does it not?

        No, they do not.  At one time, Netgear registered a bunch of internet domains (routerlogin.com, routerlogin.net, orbilogin.com, orbilogin.net... and maybe more)  When the registration expired, Netgear did not renew it.  (Maybe the certificate authority said, "what the hell?  There are 10's of thousands of devices around the world claiming that this Netgear certificate belongs to them, not Netgear.  This is not right.)  The end result was that Netgear no longer has claim to those URLs and has put a Self-signed SSL certificate in their products.

         

        So now customers are screwed two ways by modern web browsers:

        1. If they open a web browser http://orbilogin.com  to the web browser says, "UNSAFE.  Not secure.  Go Back."  Many web browsers have an option to ignore this warning and open the web site. (This is what I do.) Those browsers usually remember this directive and not longer complain.  Some of the latest browsers simply refuse to open the web site.
        2. If they open a web browser to https://orbilogin.com , the web browser says, "UNSAFE.  Not secure.  Self-Signed SSL Certificate.  Go Back." Once again, some web browsers can be told to "go on, Dumbo" and some browsers simply refuse to cooperate.

        So, users can be screwed no matter what they do.

         

        Of course, when a user does a DNS query for "what is the IP address belonging to orbilogin.com, that query never leaves the Orbi router.  The Orbi DNS process intercepts the DNS query and returns the IP of the Orbi router LAN port.  (How would OpenDNS know which of the 10's of thousands of router around the world is the one this DNS query is looking for?)

         

        Another way modern browsers attempt to protect users is by using their own encrypted process to perform DNS queries.  Hey, an unencrypted DNS query to OpenDNS, CloudFlare, GoogleDNS, etc. could be intercepted and "Big Brother" would know that you were looking for the IP of amazingsex.com (or whatever).  Can't have that!  So, instead of sending the DNS query, they send an encrypted request that the Orbi router never sees.

         

        The most obvious way to open the Orbi https web interface is to open a web page to the IP address of the Orbi router.  It is usually 192.168.1.1 or 10.0.0.1.  But, during setup, the user could have set it to anything.  Also, if the Orbi is in Access Point (AP) mode, the IP would be set by the primary DHCP server.

         

        The next thing is to try different browsers to get one that does not do such a good job of protecting the user.

         

        If absolutely nothing else works, then the only way to guarantee access to the Orbi router is to perform a Factory Reset, which will erase all configuration settings, including the "Use only https" option

         

         

         

  • michaelkenward's avatar
    michaelkenward
    Guru - Experienced User
    Apr 03, 2025
    rmversluis wrote:

    How do I get back in to the orbi router software to undo this unfortunate act.  

    You've got that right. Indeed, an "unfortunate act". At least you know what screwed up your network. Too many people turn up here tearing their hair out and wondering why their router is acting up after they make that move. 

     

    CrimpOn has suggested what to try as a first move. If it doesn't work, there may be some other quirk on your network, a modem/router for example. 

     

    The puzzle about that "https only" option is what is it for? It may be there to satisfy people who insist that their browser will accept only https links. They turn up here from time to time companing about the poor security of https and demand that Netgear "fixes" it..

     

    Some browsers will certainly complain if you try an http link. That is understandable if you are outside your local network but at him http is fine.

     

    Disclaimer: Just another user with time on their hands.