NETGEAR SUPPORT: "VPN is REQUIRED for Nighthawk REMOTE ACCESS"

Netgear seems to be in need for even more experts - so better don't call if you don't want to overstress your health.

1. All the current and "new" RAX80 (120, 40, ...) User Manuals are wrong:

===

Use Remote Access
To use remote access:
1. Launch a web browser on a computer that is not on your home network.
2. Type your router’s WAN IP address into your browser’s address or location field
followed by a colon (:) and the custom port number.
For example, if your external address is 134.177.0.123 and you use port number
8443, enter http://134.177.0.123:8443 in your browser.
===

2. On the remote access port - well possible there are some more limitations that these can't be overlap with the related internal ports -  you always have to use https ... not http.

3. As you will access either by a DDNS name or a IPv4 address, it's obvious the factory certificate can't match.

4. An ability to add user provided certificates to the Nighthawk https (and ssh) service(s) is badly missing. Ideally would be the ability to run two certificates: One for the [W]LAN access, one for the Internet access. While disliked by many security auditors (cont me in here, too) LEt's Encrypt would be the obvious approach for this consumer class device.

5. The mentioned routerlogin.net or routerlogin.com (for the Nighthawk routers) or e.g. the orbilogin.net (for the Orbi router) andso on does only work if the router is able to capture the DNS lookup - so you need to be on the router local [W]LAN.