NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Yikes - what is this remote login?
I have only had my RBR850 for a few days, running well so far. I checked the log today, a few DHCP requests, but I also had this:
[Remote login] from source 2601:14f:8300:193:5dcd:31b:a963:d05e, Friday, Aug 14,2020 12:22:32
How can something be logging in? I assume this is a concern? How do I stop it? Hard to imagine with passkey etc...I do NOT have the Netgear security stuff turned on.
EDIT: Remote management is turned off. How can something be remote logging in? Is this an inaccurate log message?
Does the log report a destination IP address on the LAN?
Try uPnP disabled and see what happens, you can always re-enable it.
5 Replies
What version of FW are you using?
Does this happen if you disable uPnP on any devices? I saw this same thing on IP cameras I have running. Once I disabled the uPnP this stopped these attepted logging entries seen in the logs.
You'll need to do a whois look up on that IP66 address to see where it's coming from.
There are some known issues with attempted log in access from the WAN side.
Hmm. I have had 3 attempted posts to this thread disappear after they successfully posted and appeared. Not sure what is up.
EDIT:
I was able to do the WHOIS. It reported as Comcast, I assume it's in the Comcast pool of addresses, not Comcast specifically. I suspect I am not allowed to post the whois results here. Anyway - for now - should I disable UPnP? Nobody in the house does any online gaming or torrents, that's the only thin I heard it's useful for. Anything else? Thanks!
Does the log report a destination IP address on the LAN?
Try uPnP disabled and see what happens, you can always re-enable it.
