NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

woodd's avatar
woodd
Aspirant
Sep 01, 2015
Solved

FVS336G How do I change the certificate presented from 192.168.1.1 (Default admin)

I have the FVS336G installed to load balance between two internet providers (small office) The admin page is SSL secured with a self signed NetGear CA certificate - After I add this certificate into...
Installation
Security
Solutions
  • DaneA's avatar
    DaneA
    Sep 03, 2015

    Hi woodd,

     

    The FVS336Gv1 does not have a console port whereas both the FVS336Gv2 and FVS336Gv3 does have a console port.  However, there is still no option to update the admin certificate nor swap out the certificate file via a console connection.

     

    As per the CLI reference manual, it says on page 6: "You cannot generate and upload a certificate through the CLI..." You may access the CLI reference manual here.  

     

     

    Regards,

     

    DaneA

    Netgear Community Team

scsailor's avatar
scsailor
Initiate
Oct 29, 2015

Hi,


I too have run into the problem that trying to connect results in this message:


"An error occurred during a connection to 192.168.2.1. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) .

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem."

I do not know how to update the firmware if that is what it takes, nor update the certificate.

Will this be something I can fix?  Or will I need to replace the Firewall?  Your response to the original question seems to be that "It cannot be fixed on the Netgear FVS336G Firewall"?

Please help provide a solution as this is my router to my work and I use it all day, every day.  No network, no job.

(I only have one old laptop that can still connect, Every other device I have gets the same complaint when trying to connect.)

Thanks for any help you can provide.

Mike

woodd's avatar
woodd
Aspirant
Oct 29, 2015

Hi Mike;

 

If you have the V1 variant then I know how you feel.

 

You will have to hang on to older browser versions that are less concerned about the old certificate in the Firewall.

Its too bad you can't disable SSL on the administration screen if you disable remote access. 

 

The embeded SSL security certificate has many years before it actually expires at which point it does not matter how much you like it - you will not have access to the administration of the box.

 

I have been using the unit in a home environment where I too use it to connect to work.

One WAN connection is provided by my employer and the other WAN is our home connection.

I use the Firewall to load balance and to ensure data usage does not go over its limit on my employers connection.

 

In summary - The certificate is what it is and is rapidly loosing favor with the newer browsers. 

Get an older version browser and keep it out of the auto update cycle on your computer. 

 

 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More